Toute l'actualité de la Cybersécurité


Palo Alto Networks négocierait le rachat de Cyberark

2025-07-30 12:26:54
Consolidation majeure en vue dans le secteur de la cybersécurité ? Selon le Wall Street Journal Palo Alto Networks est en discussion (...)

Lire la suite »

TrickBot Behind More Than 4 Million in Crypto Theft and Extortion

2025-07-30 11:22:15
Akamai's latest Ransomware Report 2025 reveals "quadruple extortion," new AI-driven tactics by groups like Black Basta, FunkSec, and TrickBot, and growing threats to non-profits. Learn about evolving...

Lire la suite »

Global Authorities Shared IoCs and TTPs of Scattered Spider Behind Major ESXi Ransomware Attacks

2025-07-30 10:48:09
Joint international advisory warns of evolving social engineering tactics and new DragonForce ransomware deployment targeting commercial facilities A collaboration of international cybersecurity agencies...

Lire la suite »

New Gunra Ransomware Linux Variant Launches 100 Encryption Threads with Partial Encryption Feature

2025-07-30 10:42:00
The new Gunra group has expanded its attack surface beyond Windows PCs by releasing a Linux version of their virus, which was initially discovered in April 2025. This is a major uptick in the ransomware...

Lire la suite »

10 Best Dark Web Monitoring Tools in 2025

2025-07-30 10:25:15
Monitoring and tracking actions on the dark web, a section of the internet that is hidden and requires particular software and configurations to access, is called monitoring. The selling of stolen data,...

Lire la suite »

New JSCEAL Attack Aims to Steal Credentials and Wallets from Crypto App Users

2025-07-30 10:15:00
Check Point Research (CPR) has identified a sophisticated malware campaign dubbed JSCEAL, which targets users of cryptocurrency trading applications through malicious advertisements and compiled JavaScript...

Lire la suite »

2025 Unit 42 Global Incident Response Report: Social Engineering Edition

2025-07-30 10:00:33
Social engineering thrives on trust and is now boosted by AI. Unit 42 incident response data explains why it's surging. We detail eight critical countermeasures. The post 2025 Unit 42 Global Incident...

Lire la suite »

Optimizing TensorFlow Input Pipelines for Peak Performance

2025-07-30 10:00:05
This in-depth guide walks through practical strategies to optimize TensorFlow input pipelines using the tf.data API. From leveraging prefetch, interleave, and cache to wrapping mapped functions for eager...

Lire la suite »

Sonatype uncovers global espionage campaign in open source ecosystems

2025-07-30 10:00:00
Sonatype's automated malware detection systems uncovered a massive and ongoing infiltration of open source ecosystems by the North Korea-backed Lazarus Group, exposing a chilling truth: open...

Lire la suite »

CISA and FBI Release Tactics, Techniques, and Procedures of the Scattered Spider Hacker Group

2025-07-30 09:47:26
The joint Cybersecurity Advisory AA23-320A, collaboratively issued by agencies such as the FBI, CISA, RCMP, ASD’s ACSC, AFP, CCCS, and NCSC-UK, serves as a critical update on the Scattered Spider...

Lire la suite »

Selon la Fondation Linux, l'IA aura un impact positif sur l'emploi IT

2025-07-30 09:43:23
Malgré les réductions d'effectifs en cours et les craintes de pertes d'emplois, le marché du travail dans l’IT présente (...)

Lire la suite »

AccuKnox partners with CyberKnight to deliver Zero Trust Security for a Leading Global Bank in the UAE.

2025-07-30 09:41:26
Menlo Park, United States, 30th July 2025, CyberNewsWire

Lire la suite »

FBI seizes 20 BTC from Chaos Ransomware affiliate targeting Texas firms

2025-07-30 09:40:41
FBI Dallas seized 20 BTC from Chaos ransomware affiliate “Hors,” tied to cyberattacks on Texas firms, on April 15, 2025. The FBI division in Dallas seized about 20 Bitcoins on April 15, 2025,...

Lire la suite »

Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero

2025-07-30 09:21:00
Google has announced that it's making a security feature called Device Bound Session Credentials (DBSC) in open beta to ensure that users are safeguarded against session cookie theft attacks. DBSC, first...

Lire la suite »

ChatGPT Agent Defeats Cloudflare's ‘I Am Not a Robot' Security Check

2025-07-30 09:03:46
In a significant development that highlights both the advancing capabilities of AI and potential vulnerabilities in web security systems, a ChatGPT-powered agent has successfully bypassed Cloudflare’s...

Lire la suite »

Cobalt Strike Beacon delivered via GitHub and social media

2025-07-30 09:00:54
A campaign targeting Russian entities leveraged social media, Microsoft Learn Challenge, Quora, and GitHub as intermediate C2 servers to deliver Cobalt Strike Beacon.

Lire la suite »

You're Wasting GPU Power—Fix Your TensorFlow Input Pipeline Today

2025-07-30 09:00:03
Training deep learning models isn't just about your architecture or hardware—it's also about how efficiently your data flows. This article walks you through optimizing TensorFlow input pipelines using...

Lire la suite »

Severe Vulnerability in AI Vibe Lets Attackers Access Private User Applications

2025-07-30 08:49:59
A critical security vulnerability in the popular AI-powered development platform Base44 allowed unauthorized attackers to bypass authentication controls and gain access to private enterprise applications,...

Lire la suite »

ChatGPT Agent Bypasses Cloudflare “I am not a robot” Verification Checks

2025-07-30 08:45:54
ChatGPT agents demonstrate the ability to autonomously bypass Cloudflare’s CAPTCHA verification systems, specifically the ubiquitous “I am not a robot” checkbox.  This development,...

Lire la suite »

Hackers Target SAP NetWeaver to Deploy New Auto-Color Linux Malware

2025-07-30 08:29:17
Cybersecurity researchers at Darktrace have uncovered a sophisticated attack targeting a US-based chemicals company, marking the first observed instance of threat actors exploiting SAP NetWeaver vulnerabilities...

Lire la suite »

How to Save, Load, and Deploy Models Using TensorFlow SavedModel

2025-07-30 08:00:04
This in-depth guide explores TensorFlow's SavedModel format—a versatile way to save, share, and deploy complete ML models across environments. It walks through exporting models from Keras, using TensorFlow...

Lire la suite »

African Orgs Fall to Mass Microsoft SharePoint Exploits

2025-07-30 08:00:00
The National Treasury of South Africa is among the half-dozen known victims in South Africa — along with other nations — of the mass compromise of on-premises Microsoft SharePoint servers.

Lire la suite »

Hackers Exploit SAP Vulnerability to Breach Linux Systems and Deploy Auto-Color Malware

2025-07-30 07:50:00
Threat actors have been observed exploiting a now-patched critical SAP NetWeaver flaw to deliver the Auto-Color backdoor in an attack targeting a U.S.-based chemicals company in April 2025. "Over the...

Lire la suite »

Critical SAP flaw exploited to launch Auto-Color Malware attack on U.S. company

2025-07-30 07:46:00
Hackers exploited a SAP NetWeaver bug to deploy upgraded Auto-Color Linux malware in an attack on U.S. chemicals firm. Cybersecurity firm Darktrace reported that threat actors exploited a SAP NetWeaver...

Lire la suite »

Free Decryptor Released for AI-Powered FunkSec Ransomware

2025-07-30 07:41:56
Researchers at Avast have unveiled a free decryptor tool for victims of the FunkSec ransomware, marking a significant step in combating this now-defunct malware strain. Developed in collaboration with...

Lire la suite »

Hackers Exploiting SAP NetWeaver Vulnerability to Deploy Auto-Color Linux Malware

2025-07-30 07:31:53
A sophisticated cyberattack targeting a US-based chemicals company has revealed the first observed pairing of SAP NetWeaver exploitation with Auto-Color malware, demonstrating how threat actors are leveraging...

Lire la suite »

Enterprise LLMs Under Risk: How Simple Prompts Can Lead to Major Breaches

2025-07-30 07:11:45
Enterprise applications integrating Large Language Models (LLMs) face unprecedented security vulnerabilities that can be exploited through deceptively simple prompt injection attacks.  Recent security...

Lire la suite »

Microsoft Details Defence Techniques Against Indirect Prompt Injection Attacks

2025-07-30 06:53:19
Microsoft has unveiled a comprehensive defense-in-depth strategy to combat indirect prompt injection attacks, one of the most significant security threats facing large language model (LLM) implementations...

Lire la suite »

Why “Experts” Still Get AI Wrong

2025-07-30 06:43:27
Two Austrian researchers argue AI is overestimated in the workplace, claiming it cannot replace humans or handle complex creative work. This article counters that view by pointing to breakthroughs such...

Lire la suite »

The Illusion of Ideas

2025-07-30 06:42:37
An idea that hasn't been met by another human being isn't real. It's an illusion that exists only in your head. The only way to bridge the gap between your idea and the real world is to put it in front...

Lire la suite »

The Singularity Syndicate

2025-07-30 06:32:56
The Singularity Syndicate is a clandestine alliance of tech giants that has created a distributed, extraterrestrial data vault.

Lire la suite »

Strengthen Kubernetes Security with Vault Agent Injector

2025-07-30 06:20:41
The Vault Agent Injector is a Kubernetes Mutation Webhook Controller.It intercepts pod creation events and modifies pod specs if Vault annotations are detected.

Lire la suite »

Scattered Spider Hacker Arrests Halt Attacks, But Copycat Threats Sustain Security Pressure

2025-07-30 06:15:00
Google Cloud's Mandiant Consulting has revealed that it has witnessed a drop in activity from the notorious Scattered Spider group, but emphasized the need for organizations to take advantage of the lull...

Lire la suite »

Enterprise LLMs Vulnerable to Prompt-Based Attacks Leading to Data Breaches

2025-07-30 06:13:36
Security researchers have discovered alarming vulnerabilities in enterprise Large Language Model (LLM) applications that could allow attackers to bypass authentication systems and access sensitive corporate...

Lire la suite »

The TechBeat: This Open Source Tool Can Spin Up Entire Websites from a Single Prompt (7/30/2025)

2025-07-30 06:11:05
How are you, hacker? 🪐Want to know what's trending right now?: The Techbeat by HackerNoon has got you covered with fresh content from our trending stories of the day! Set email preference here. ...

Lire la suite »

The Dating App Breach That Turned Into a Biometric Black Mirror Episode

2025-07-30 06:09:38
Tea dating app exposed 72,000 exposed images including 13,000 government IDs. 1.1 million private messages discussing abortions, discovering cheating spouses, and sharing phone numbers were also exposed....

Lire la suite »

Should You Validate Again? A Smarter Way to Handle Data Trust

2025-07-30 06:00:50
In software development, it's common to introduce validation logic to ensure that a given data structure meets certain constraints. But the more significant issue is ambiguity: Who is responsible for...

Lire la suite »

Want a Say in EU Innovation Policy? Here's Your Chance

2025-07-30 05:52:49
ThiThe European Commission has started a “Call for Evidence” and a public consultation regarding the upcoming European Innovation Act.

Lire la suite »

Would You Sell Your Golden Goose? Two-Tier AI Is the Future

2025-07-30 05:50:22
AI is approaching super intelligence, and once AGI surpasses human capability, companies will no longer release their most powerful models to the public. Instead, they will keep AGI internal to create...

Lire la suite »

New Microsoft Guidance Targets Defense Against Indirect Prompt Injection

2025-07-30 05:43:11
Microsoft has unveiled new guidance addressing one of the most pressing security challenges facing enterprise AI deployments: indirect prompt injection attacks. This emerging threat vector has become...

Lire la suite »

Orange Hit by Cyberattack, Internal Systems Hacked

2025-07-30 05:24:53
French telecommunications giant Orange confirmed it suffered a significant cyberattack on Friday, July 25th, targeting one of its critical information systems. The incident has disrupted services for...

Lire la suite »

AccuKnox Partners With CyberKnight To Deliver Zero Trust Security For A Leading Global Bank In The UAE.

2025-07-30 04:50:00
Menlo Park, United States, July 30th, 2025, CyberNewsWire AccuKnox, Inc., the Zero Trust Cloud-Native Application Protection Platform (CNAPP) leader, has announced deployment in the UAE banking sector...

Lire la suite »

Lionishackers Threat Actors Exfiltrating and Selling Corporate Databases on Dark Web

2025-07-30 03:22:46
A financially motivated threat actor known as Lionishackers has emerged as a significant player in the illicit marketplace for corporate data in recent months. Leveraging opportunistic targeting and a...

Lire la suite »

Chrome High-Severity Vulnerabilities Allow Memory Manipulation and Arbitrary Code Execution

2025-07-30 02:21:59
Google has issued an urgent security update for its Chrome browser, patching several vulnerabilities, including a high-severity vulnerability that could allow attackers to manipulate memory and execute...

Lire la suite »

Threat Actors Attacking Fans and Teams of Belgian Grand Prix With Phishing Campaigns

2025-07-30 02:20:39
Cybercriminals have launched a sophisticated multi-vector attack campaign targeting fans and teams ahead of the 2025 Belgian Grand Prix, scheduled for July 27 at the iconic Spa-Francorchamps circuit....

Lire la suite »

Critical Buffer Overflow Patch in Fedora 41 for Cloud-Init CVE-2024-11584

2025-07-30 01:29:35
Backport fixes for CVE-2024-6174 and CVE-2024-11584 cloud-init included the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable....

Lire la suite »

Fedora 42: Chromium Critical Type Confusion CVE-2025-8010 Advisory

2025-07-30 01:23:10
Update to 138.0.7204.168 CVE-2025-8010: Type Confusion in V8 CVE-2025-8011: Type Confusion in V8

Lire la suite »

Fedora 42: Important Permission Issues in cloud-init with CVE-2024-6174

2025-07-30 01:23:05
Backport fixes for CVE-2024-6174 and CVE-2024-11584 cloud-init included the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable....

Lire la suite »