Toute l'actualité de la Cybersécurité


A Multi-Stage Phishing Kit Using Telegram to Harvest Credentials and Bypass Automated Detection

2025-11-15 07:06:13
Phishing attacks continue to be one of the most persistent threats targeting organizations worldwide. Cybercriminals are constantly improving their methods to steal sensitive information, and a recently...

Lire la suite »

U.S. CISA adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog

2025-11-15 06:58:38
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet FortiWeb flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added...

Lire la suite »

Akira Ransomware Targets Over 250 Organizations, Extracts Million in Ransom Payments – New CISA Report

2025-11-15 06:09:37
A new advisory from the Cybersecurity and Infrastructure Security Agency reveals that Akira ransomware has become one of the most active threats targeting businesses worldwide. Since March 2023, this...

Lire la suite »

When Reading the Source Code Is the Real Hack: A Web Challenge Story | v1t CTF

2025-11-15 05:57:48
Sometimes the best hacking tool is just… reading comprehensionDifficulty: Beginner-Friendly | Category: Web ExploitationHello everyoneI'm Chetan Chinchulkar (aka omnipresent), and we're switching gears!...

Lire la suite »

Reflected XSS → DVWA Walkthrough: Learn How User Input Can Trigger a Script Execution

2025-11-15 05:56:06
🕵Hey! I'm Adwaith, an aspiring offensive security enthusiast, and I'm excited to walk you through the Reflected XSS lab in DVWA, where we'll see how a simple input field can lead to script execution.Click...

Lire la suite »

SQL Injection: Listing Database Contents on Non-Oracle Databases

2025-11-15 05:55:12
UNION-based SQL injection used to enumerate database tables, extract credential columns, dump usernames and passwords, and log in as the…Continue reading on InfoSec Write-ups »

Lire la suite »

Lumma Stealer Uses Browser Fingerprinting to Collect Data and for Stealthy C&C Server Communications

2025-11-15 03:45:39
Lumma Stealer has emerged as a serious threat in the cybercrime world, targeting users through fake software updates and cracked applications. This information-stealing malware targets the collection...

Lire la suite »

Critical FortiWeb WAF Flaw Exploited in the Wild, Enabling Full Admin Takeover

2025-11-15 03:10:56
Fortinet has issued an urgent advisory warning of a critical vulnerability in its FortiWeb web application firewall (WAF) product, which attackers are actively exploiting in the wild. Identified as CVE-2025-64446,...

Lire la suite »

Fedora 41: Security Update for OpenTofu 1.10.7 Addresses Vulnerabilities

2025-11-15 01:45:29
Update to 1.10.7

Lire la suite »

Fedora 41: Critical Advisory for containerd Update v1.7.29 Threats

2025-11-15 01:45:28
Update to v1.7.29

Lire la suite »

Debian 12: python-http-client-receive-data Low 2025-01a4c2b1e

2025-11-15 01:45:26
uv / python-uv-build 0.9.7 https://github.com/astral-sh/uv/releases/tag/0.9.7 0.9.6 This release contains an upgrade to Astral's fork of async_zip, which addresses

Lire la suite »

Fedora 41: uv Python Package Update 2025-00e5b3d89c Critical DoS Advisory

2025-11-15 01:45:26
uv / python-uv-build 0.9.7 https://github.com/astral-sh/uv/releases/tag/0.9.7 0.9.6 This release contains an upgrade to Astral's fork of async_zip, which addresses

Lire la suite »

Fedora 41: rust-reqsign Critical AWS DoS Threat Advisory 2025-00e5b3d89c

2025-11-15 01:45:25
uv / python-uv-build 0.9.7 https://github.com/astral-sh/uv/releases/tag/0.9.7 0.9.6 This release contains an upgrade to Astral's fork of async_zip, which addresses

Lire la suite »

Fedora 41: Rust Reqsign File Read Tokio Important Issue 2025-00e5b3d89c

2025-11-15 01:45:25
uv / python-uv-build 0.9.7 https://github.com/astral-sh/uv/releases/tag/0.9.7 0.9.6 This release contains an upgrade to Astral's fork of async_zip, which addresses

Lire la suite »