Toute l'actualité de la Cybersécurité


Multiple vulnerabilities in Cisco Unified CCX Allow Attackers to Execute Arbitrary Commands

2025-11-14 11:38:48
Cisco has released security updates to address two critical vulnerabilities in Unified Contact Center Express (Unified CCX) that could allow unauthenticated attackers to execute arbitrary commands with...

Lire la suite »

Analysis of Multi-Stage Phishing Kits Leveraging Telegram for Credential Theft and Evasion Techniques

2025-11-14 11:28:17
Researchers at Group-IB have uncovered a sophisticated phishing framework that demonstrates how cybercriminals are industrializing credential theft through automation, evasion techniques, and Telegram-based...

Lire la suite »

Hackers Flooded npm Registry Over 43,000 Spam Packages Survived for Almost Two Years

2025-11-14 11:22:00
Security researcher Paul McCarty uncovered a significant coordinated spam campaign targeting the npm ecosystem. The IndonesianFoods worm, as it has been named, consists of more than 43,000 spam packages...

Lire la suite »

Microsoft annualise les mises à jour pour Configuration Manager

2025-11-14 11:04:14
Petit changement pour SCCM (system center configuration manager) de Microsoft. En effet, l'éditeur a annoncé qu'en 2026 le cycle des mises (...)

Lire la suite »

Kraken Ransomware Targets Windows, Linux, and VMware ESXi in Enterprise Environments

2025-11-14 10:47:22
Cisco Talos has identified an emerging threat from Kraken, a sophisticated cross-platform ransomware group that has emerged from the remnants of the HelloKitty ransomware cartel. In August 2025, the security...

Lire la suite »

GitHub piège Actions avec un paquet npm malveillant

2025-11-14 10:37:54
Les outils de développement deviennent une cible de plus en plus importante pour les cybercriminels. Dans le catalogue de vecteurs, les paquets (...)

Lire la suite »

Ransomware's Fragmentation Reaches a Breaking Point While LockBit Returns

2025-11-14 10:37:00
Key Takeaways: 85 active ransomware and extortion groups observed in Q3 2025, reflecting the most decentralized ransomware ecosystem to date. 1,590 victims disclosed across 85 leak sites, showing high,...

Lire la suite »

Washington Post Oracle E-Suite 0-Day Hack Impacts 9K+ Employees and Contractors

2025-11-14 10:12:12
The Washington Post has publicly disclosed a significant data breach involving external hacking of its Oracle E-Suite system, impacting over 9,700 employees and contractors worldwide. The breach notification,...

Lire la suite »

Concurrence dans l'IA : le procès Musk contre Apple et OpenAI aura lieu

2025-11-14 10:08:24
Un juge fédéral valide la plainte de X et xAI, obligeant Apple et OpenAI à répondre aux accusations d'entrave à la concurrence dans l'IA. The post Concurrence dans l’IA : le procès Musk...

Lire la suite »

Chinese Hackers Use Anthropic's AI to Launch Automated Cyber Espionage Campaign

2025-11-14 09:53:00
State-sponsored threat actors from China used artificial intelligence (AI) technology developed by Anthropic to orchestrate automated cyber attacks as part of a "highly sophisticated espionage campaign"...

Lire la suite »

ASUS warns of critical auth bypass flaw in DSL series routers

2025-11-14 09:52:37
ASUS has released new firmware to patch a critical authentication bypass security flaw impacting several DSL series router models. [...]

Lire la suite »

Comment la virtualisation sur OpenShift a évolué depuis la fusion Broadcom-VMware

2025-11-14 09:42:04
Six versions mineures d'OpenShift sont sorties depuis l'acquisition de VMware par Broadcom. Focus sur l'évolution fonctionnelle de la brique de virtualisation. The post Comment la virtualisation sur...

Lire la suite »

Le plan d'Octave Klaba pour remettre OVH sur les rails

2025-11-14 09:39:50
Jeudi 20 novembre prochain, OVH invite ses clients et partenaires à la maison de la Mutualité (Paris) pour la prochaine édition (...)

Lire la suite »

Germany's BSI issues guidelines to counter evasion attacks targeting LLMs

2025-11-14 09:32:50
Germany's BSI warns of rising evasion attacks on LLMs, issuing guidance to help developers and IT managers secure AI systems. Germany's BSI warns of rising evasion attacks on LLMs, issuing guidance...

Lire la suite »

Critical Imunify360 AV Vulnerability Exposes 56 Million+ Linux-hosted Websites to RCE Attacks

2025-11-14 09:30:39
A severe remote code execution (RCE) vulnerability has been discovered in Imunify360 AV, a widely used malware scanner protecting approximately 56 million websites. The security flaw, recently patched...

Lire la suite »

Les données nucléaires au coeur de l'accord EDF avec Bleu et S3NS

2025-11-14 09:14:42
En complément de ses hébergements internes, qui accueillent 80% de ses données selon le groupe, EDF vient de référencer (...)

Lire la suite »

Malicious Chrome Extension as Ethereum Wallet Enables Full Wallet Takeover

2025-11-14 09:00:55
A deceptive Chrome extension named Safery: Ethereum Wallet has emerged as a serious threat to cryptocurrency users. Published on the Chrome Web Store on November 12, 2024, this extension masquerades as...

Lire la suite »

Now-Patched Fortinet FortiWeb Flaw Exploited in Attacks to Create Admin Accounts

2025-11-14 09:00:00
Cybersecurity researchers are sounding the alert about an authentication bypass vulnerability in Fortinet Fortiweb WAF that could allow an attacker to take over admin accounts and completely compromise...

Lire la suite »

Critical Zoho Analytics Plus Flaw Allows Attackers to Run Arbitrary SQL Queries

2025-11-14 08:58:18
A critical unauthenticated SQL injection vulnerability has been discovered in Zoho Analytics Plus on-premise, posing a severe risk to organizations running affected versions. Tracked as CVE-2025-8324,...

Lire la suite »

Washington Post Oracle E-Suite Breach Exposes Data of Over 9,000 Staff and Contractors

2025-11-14 08:46:12
The Washington Post disclosed a significant data breach affecting more than 9,700 employees and contractors following an external system compromise targeting its Oracle E-Suite infrastructure. The breach,...

Lire la suite »

Washington Post notifies 10,000 individuals affected in Oracle-linked data theft

2025-11-14 08:30:05
The Washington Post alerts nearly 10,000 employees and contractors that personal and financial data was exposed in the Oracle breach. The Washington Post warns nearly 10,000 staff and contractors that...

Lire la suite »

Cl0P Ransomware Group Allegedly Claims Breach of Entrust in Oracle 0-Day EBS Hack

2025-11-14 08:12:21
The notorious Cl0P ransomware group has claimed responsibility for breaching digital security firm Entrust, exploiting a critical zero-day vulnerability in Oracle E-Business Suite (EBS). The attack, tied...

Lire la suite »

Critical Imunify360 Vulnerability Exposes Millions of Linux-Hosted Sites to RCE Attacks

2025-11-14 08:08:31
A critical Remote Code Execution vulnerability has been patched in Imunify360 AV, a security product protecting approximately 56 million websites worldwide. Hosting companies must apply the patch immediately...

Lire la suite »

Android Photo Frame App Infects Devices With Malware, Allows Full Remote Takeover

2025-11-14 08:01:07
A recent investigation has uncovered alarming security vulnerabilities in Android-powered digital photo frames, turning what should be a simple home or office gadget into a potent tool for cybercriminals....

Lire la suite »

Kraken Cross-Platform Ransomware Attacking Windows, Linux, and VMware ESXi Systems in Enterprise Environments

2025-11-14 07:51:13
In August 2025, a new ransomware threat emerged with capabilities that fundamentally changed how organizations should approach enterprise security. Kraken, a Russian-speaking cybercriminal group, began...

Lire la suite »

Microsoft Teams Introduces Premium Feature to Prevent Screenshots and Screen Recording

2025-11-14 07:35:32
Microsoft has launched a new security feature in Teams Premium called “Prevent screen capture,” designed to block screenshots and recordings during sensitive meetings. This feature will be...

Lire la suite »

New ClickFix Attack Targeting Windows and macOS Users to Deploy Infostealer Malware

2025-11-14 07:00:42
A growing social engineering technique called ClickFix has emerged as one of the most successful methods for distributing malware in recent months. This attack tricks users into copying and running commands...

Lire la suite »

IBM vise l'avantage quantique en tandem avec le HPC

2025-11-14 06:58:05
La connexion avec les environnements HPC prend de l'importance dans le discours d'IBM sur l'informatique quantique. The post IBM vise l’avantage quantique en tandem avec le HPC appeared first on...

Lire la suite »

Android Photo Frames App Downloads Malware, Giving Hackers Control of The Device Without User Interaction

2025-11-14 06:37:52
Digital photo frames have become a standard household device for displaying family memories, and most users assume these simple gadgets prioritize simplicity over complexity. However, a troubling discovery...

Lire la suite »

Checkout.com Suffers Data Breach as ShinyHunters Attack Cloud Storage

2025-11-14 05:55:33
Payment processor Checkout.com recently experienced a data breach after being targeted by the cybercrime group “ShinyHunters.” The attackers accessed old data stored in a third-party cloud system....

Lire la suite »

CISA Warns: Akira Ransomware Has Extracted M After Targeting Hundreds

2025-11-14 05:45:44
A newly updated cybersecurity advisory from federal agencies reveals that the Akira ransomware operation has significantly escalated its campaign, compromising organizations worldwide and accumulating...

Lire la suite »

Palo Alto PAN-OS Flaw Lets Attackers Force Firewall Reboots via Malicious Packets

2025-11-14 05:20:25
Palo Alto Networks has disclosed a denial-of-service vulnerability in its PAN-OS software that allows attackers to force firewalls into unexpected reboots using specially crafted network packets. The...

Lire la suite »

DoorDash hit by new data breach in October exposing user information

2025-11-14 04:38:44
DoorDash has disclosed a data breach that hit the food delivery platform this October. Beginning yesterday evening, DoorDash, which serves millions of customers across the U.S., Canada, Australia,...

Lire la suite »

Beware of Fake Bitcoin Tool That Hides DarkComet RAT Malware With it

2025-11-14 04:25:59
The rise of cryptocurrency has created new opportunities for cybercriminals to exploit unsuspecting users. Attackers are now disguising the notorious DarkComet remote access trojan as Bitcoin-related...

Lire la suite »

Fortinet FortiWeb flaw with public PoC exploited to create admin users

2025-11-14 02:41:28
A Fortinet FortiWeb path traversal vulnerability is being actively exploited to create new administrative users on exposed devices without requiring authentication [...]

Lire la suite »

Fedora 43: SeaMonkey 2.53.22 Update FEDORA-2025-5f24a0c1ba

2025-11-14 01:28:56
Update to 2.53.22

Lire la suite »

Fedora 43: docker-buildkit Critical DoS Memory Exhaustion CVE-2025-58185

2025-11-14 01:28:55
Update to v0.25.2 CVE-2025-58183; Resolves: rhbz#2412529 CVE-2025-58188; Resolves: rhbz#2412380, rhbz#2411476, rhbz#2410945 CVE-2025-58185; Resolves: rhbz#2410578, rhbz#2410299, rhbz#2410013 CVE-2025-61723;...

Lire la suite »

Fedora 43: runc High Risk Security Fix 2025-ebd4913540 CVE-2025-31133

2025-11-14 01:28:54
Update to release v1.3.3

Lire la suite »

Fedora 43: gh Update Advisory Critical CVE-2025-58189 and CVE-2025-61725

2025-11-14 01:28:50
Update to 2.83.0

Lire la suite »

Fedora 41: Lasso 2.9.0 Critical Buffer Overflow Fix CVE-2025-46705

2025-11-14 01:09:20
Update to 2.9.0 Fixes CVE-2025-46705

Lire la suite »

Fedora 41: SeaMonkey 2.53.22 Advisory FEDORA-2025-e49d776723

2025-11-14 01:09:19
Update to 2.53.22

Lire la suite »