Toute l'actualité de la Cybersécurité


‘ChatGPT Tainted Memories' Exploit Enables Command Injection in Atlas Browser

2025-10-27 18:49:23
LayerX Security found a flaw in OpenAI's ChatGPT Atlas browser that lets attackers inject commands into its memory, posing major security and phishing risks.

Lire la suite »

nsKnox Launches Adaptive Payment Security™, Revolutionizing B2B Fraud Prevention by Solving the ‘Impossible Triangle' of Speed, Certainty, and Effor

2025-10-27 16:18:48
New York, New York, USA, 27th October 2025, CyberNewsWire

Lire la suite »

Windows will soon prompt for memory scans after BSOD crashes

2025-10-27 18:36:05
Microsoft has started testing a new feature that prompts Windows 11 users to run a memory scan when logging in after a blue screen of death (BSOD). [...]

Lire la suite »

Atos signe un contrat européen record en cybersécurité et relance sa dynamique

2025-10-27 18:13:43
ATOS a remporté un marché stratégique d'une valeur maximale de 326 millions d'euros auprès de la Commission européenne pour assurer des services d'exploitation technique en cybersécurité.......

Lire la suite »

iOS 26 Deletes Pegasus and Predator Spyware Infection Evidence by Overwriting The ‘shutdown.log' file on Reboot

2025-10-27 17:29:33
The emergence of Pegasus and Predator spyware over the past several years has transformed the landscape of mobile device security. These advanced malware strains—deployed by sophisticated threat actors...

Lire la suite »

QNAP warns of critical ASP.NET flaw in its Windows backup software

2025-10-27 16:55:02
QNAP warned customers to patch a critical ASP.NET Core vulnerability that also impacts the company's NetBak PC Agent, a Windows utility for backing& up data to a QNAP network-attached storage (NAS) device....

Lire la suite »

Synology rétropédale après avoir fermé la porte aux disques tiers

2025-10-27 16:46:19
Six mois après avoir annoncé limiter la prise en charge des disques tiers sur ses NAS DS Plus, Synology fait marche arrière. The post Synology rétropédale après avoir fermé la porte aux disques...

Lire la suite »

Italian spyware vendor linked to Chrome zero-day attacks

2025-10-27 16:37:28
A zero-day vulnerability in Google Chrome exploited in Operation ForumTroll earlier this year delivered malware linked to Italian spyware vendor Memento Labs, born after IntheCyber ​​Group acquired...

Lire la suite »

Des experts plaident pour interdire les travaux sur l'IA avancée

2025-10-27 16:15:52
Un an et demi après avoir réclamé une pause sur les systèmes plus puissants que GPT-4, le Future of Life Institute (...)

Lire la suite »

Ubiquiti UniFi Door Access App Vulnerability Exposes API Management Without Authentication

2025-10-27 16:13:58
Ubiquiti’s UniFi Access application has been found vulnerable to a critical flaw that leaves its management API exposed without authentication. Discovered by Catchify Security, this issue allows...

Lire la suite »

X Warns Users With Security Keys to Re-Enroll Before November 10 to Avoid Lockouts

2025-10-27 16:12:00
Social media platform X is urging users who have enrolled for two-factor authentication (2FA) using passkeys and hardware security keys like Yubikeys to re-enroll their key to ensure continued access...

Lire la suite »

Google says everyone will be able to vibe code video games

2025-10-27 15:59:36
Google AI Studio product lead teased that everyone will be able to vibe code video games by the end of the year. [...]

Lire la suite »

DomeWatch Leak Exposed Personal Data of Capitol Hill Applicants

2025-10-27 15:51:43
Unsecured House Democrats' resume bank (DomeWatch) exposed 7,000 records, including PII and "top secret" clearance status, raising identity theft fears.

Lire la suite »

Qilin Targets Windows Hosts With Linux-Based Ransomware

2025-10-27 15:18:34
The attack by the one of the most impactful RaaS groups active today demonstrates an evasion strategy that can stump defenses not equipped to detect cross-platform threats.

Lire la suite »

Microsoft: New policy removes pre-installed Microsoft Store apps

2025-10-27 15:13:58
Microsoft now allows IT administrators to remove pre-installed Microsoft Store apps (also known as in-box apps) using a new app management policy. [...]

Lire la suite »

USN-7841-1: strongSwan vulnerability

2025-10-27 15:05:57
Xu Biang discovered that the strongSwan client incorrectly handled EAP-MSCHAPv2 failure requests. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could...

Lire la suite »

The Dark Web Has a New Spy, and It's Not Human

2025-10-27 15:00:43
In cybercrimes’ cat-and-mouse game, criminals almost always leave digital breadcrumbs behind. Every leaked credential posted, boasted about, or sold on the dark web forms a trail. Investigators...

Lire la suite »

How to set up two factor authentication (2FA) on your Instagram account

2025-10-27 14:53:41
Step-by-step instructions on how to enable 2FA on your Instagram account—for Android, iOS, and on the web.

Lire la suite »

1inch partners with Innerworks to strengthen DeFi security through AI-Powered threat detection

2025-10-27 14:00:24
London, United Kingdom, 27th October 2025, CyberNewsWire

Lire la suite »

Predatory Sparrow Group Attacking Critical Infrastructure to Destroy Data and Cause Disruption

2025-10-27 14:49:15
Predatory Sparrow has emerged as one of the most destructive cyber-sabotage groups targeting critical infrastructure across the Middle East, with operations focused primarily on Iranian and Syrian assets....

Lire la suite »

USN-7840-1: Ruby vulnerabilities

2025-10-27 14:39:58
It was discovered that the REXML module bunded into Ruby incorrectly handled parsing XML documents with repeated instances of certain characters. An attacker could possibly use this issue to cause REXML...

Lire la suite »

Crafted URLs can trick OpenAI Atlas into running dangerous commands

2025-10-27 14:38:14
Attackers can trick OpenAI Atlas browser via prompt injection, treating malicious instructions disguised as URLs in the omnibox as trusted commands. Attackers can exploit the OpenAI Atlas browser by disguising...

Lire la suite »

Hackers Target 81% of Routers with Default Admin Passwords

2025-10-27 14:37:19
The latest 2025 Broadband Genie router security survey reveals alarming trends in network security awareness among internet users. This year’s results, while showing marginal improvements in some...

Lire la suite »

OpenAI Atlas Browser Vulnerability Allows Malicious Code Injection into ChatGPT

2025-10-27 14:31:42
A critical vulnerability in OpenAI’s newly launched ChatGPT Atlas browser enables attackers to inject malicious instructions into ChatGPT’s memory and execute remote code on user systems....

Lire la suite »

New ChatGPT Atlas Browser Exploit Lets Attackers Plant Persistent Hidden Commands

2025-10-27 14:31:00
Cybersecurity researchers have discovered a new vulnerability in OpenAI's ChatGPT Atlas web browser that could allow malicious actors to inject nefarious instructions into the artificial intelligence...

Lire la suite »

USN-7829-4: Linux kernel (AWS) vulnerabilities

2025-10-27 14:20:42
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; -...

Lire la suite »

Phishing scam uses fake death notices to trick LastPass users

2025-10-27 14:15:50
LastPass is warning that phishers are exploiting the digital will feature to trick people into handing over their master passwords.

Lire la suite »

Une faille critique de Microsoft WSUS exploitée à grande échelle

2025-10-27 14:09:32
Jeudi dernier, Microsoft a publié une série de correctifs hors bande pour corriger « de manière exhaustive » (...)

Lire la suite »

The State of Exposure Management in 2025: Insights From 3,000+ Organizations

2025-10-27 14:01:11
Attackers are using AI to weaponize old vulnerabilities while security teams face expanding attack surfaces and limited resources. Intruder's 2025 Exposure Management Index reveals how 3,000+ organizations...

Lire la suite »

BlockDAG Breaks Records as Pepeto, Bitcoin Hyper, Snorter, and Maxi Doge Rise

2025-10-27 14:00:01
The 2025 presale race is heating up. BlockDAG dominates with 0M raised and a 3,233% projected ROI, while Pepeto steals attention with 220% staking, a live demo exchange, and a viral meme narrative....

Lire la suite »

Critical Chrome 0-Day Under Attack: Mem3nt0 Mori Hackers Actively Exploiting Vulnerability

2025-10-27 13:54:41
In March 2025, security researchers at Kaspersky detected a sophisticated campaign exploiting a previously unknown Chrome vulnerability to deliver advanced spyware to high-profile targets. The attack,...

Lire la suite »

Microsoft Investigation Teams text-to-speech Functionality Issue Impacting Users – Update

2025-10-27 13:54:24
Microsoft is actively probing a glitch in its Teams platform that’s disrupting text-to-speech features, leaving users frustrated during critical auto-attendant calls. The company confirmed the problem...

Lire la suite »

Peu sécurisé, Atlas d'OpenAI est non recommandé en entreprise

2025-10-27 13:52:36
Pas de précipitation. Telle est la recommandation des analystes sur l’adoption au sein des sociétés d’Atlas, le navigateur (...)

Lire la suite »

Qilin Ransomware Leveraging Mspaint and Notepad to Find Files with Sensitive Information

2025-10-27 13:49:42
Qilin ransomware has emerged as one of the most devastating threats in the second half of 2025, operating at an alarming pace with over 40 victim disclosures per month on its public leak site. Originally...

Lire la suite »

CISA orders feds to patch Windows Server WSUS flaw used in attacks

2025-10-27 13:27:35
The Cybersecurity and Infrastructure Security Agency (CISA) ordered U.S. government agencies to patch a critical-severity Windows Server Update Services (WSUS) vulnerability after adding it to its catalog...

Lire la suite »

AWS intègre (partiellement) le scope 3 dans sa calculette carbone

2025-10-27 13:25:35
AWS a révisé la méthodologie qui sous-tend son Customer Carbon Footprint Tool et y a intégré une partie du scope 3 de ses services cloud. The post AWS intègre (partiellement) le scope 3 dans sa...

Lire la suite »

New HyperRat Android Malware Sold as Ready-Made Spy Tool

2025-10-27 13:25:11
Researchers have uncovered HyperRat, a new Android malware sold as a service, giving attackers remote control, data theft tools, and mass phishing features.

Lire la suite »

iOS 26 Overwrites ‘shutdown.log' on Reboot, Erasing Forensic Evidence of Pegasus and Predator Spyware

2025-10-27 13:17:37
As iOS 26 is being rolled out, a critical forensic challenge has emerged: the operating system now automatically overwrites the shutdown.log file on every reboot, effectively erasing crucial evidence...

Lire la suite »

North Korean Chollima Actors Added BeaverTail and OtterCookie to Its Arsenal

2025-10-27 13:09:54
Famous Chollima, a threat group affiliated with North Korea’s Reconnaissance General Bureau, has significantly expanded its operational capabilities by integrating two potent malware strains: BeaverTail...

Lire la suite »

New EDR-Redir Tool Bypasses EDRs by Exploiting Bind Filter and Cloud Filter Driver

2025-10-27 13:05:12
Cybersecurity researchers have developed a sophisticated new tool called EDR-Redir that can bypass Endpoint Detection and Response (EDR) systems by exploiting Windows’ Bind Filter and Cloud Filter...

Lire la suite »

Stronger ID Verification Is the New Frontline In Financial Compliance

2025-10-27 13:00:38
Right now, somewhere out there, a synthetic identity is being created – convincing enough to get past a background check, open a bank account, or even get a loan. This... The post Stronger ID Verification...

Lire la suite »

⚡ Weekly Recap: WSUS Exploited, LockBit 5.0 Returns, Telegram Backdoor, F5 Breach Widens

2025-10-27 12:51:00
Security, trust, and stability — once the pillars of our digital world — are now the tools attackers turn against us. From stolen accounts to fake job offers, cybercriminals keep finding new ways...

Lire la suite »

The Women Reimagining Cybersecurity's Future

2025-10-27 12:37:57
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Oct. 27, 2025 – Read the full story in Forbes In an industry still dominated by men, May Chen-Contino is...

Lire la suite »

Kaspersky détecte un nouveau logiciel espion HackingTeam après des années de silence

2025-10-27 12:35:35
L’équipe mondiale de recherche et d’analyse de Kaspersky (GReAT) a découvert des preuves permettant d'établir un lien entre Memento Labs (le successeur de HackingTeam) et une nouvelle...

Lire la suite »

Les escroqueries bancaires explosent : +65 % dans le monde en un an

2025-10-27 12:33:52
Un nouveau rapport publié par BioCatch, entreprise spécialisée dans la prévention de la criminalité financière par l'analyse des comportements humains, met en lumière la croissance exponentielle...

Lire la suite »

Hackers Actively Exploiting WordPress Arbitrary Installation Vulnerabilities in The Wild

2025-10-27 12:26:51
Threat actors have launched a significant mass exploitation campaign targeting critical vulnerabilities in two popular WordPress plugins, GutenKit and Hunk Companion, affecting hundreds of thousands of...

Lire la suite »

Pourquoi Anthropic va acheter des TPU à Google Cloud

2025-10-27 12:09:26
L'accord qui doit entrer en vigueur en 2026 prévoit la fourniture de plus d'un gigawatt de puissance de calcul.Il est estimé à plusieurs dizaines de milliards de dollars. The post Pourquoi Anthropic...

Lire la suite »

Critical HashiCorp Vault Vulnerabilities Allow Authentication Bypass and DoS Attacks

2025-10-27 12:06:45
HashiCorp has disclosed two critical vulnerabilities in Vault and Vault Enterprise that could enable attackers to bypass authentication mechanisms and launch denial-of-service attacks against infrastructure....

Lire la suite »

X to Retire Twitter.com, Users Must Re-Register Security Keys by Nov 10

2025-10-27 11:21:43
X (formerly Twitter) is asking users with security keys to re-enroll by Nov 10 as it moves logins from twitter.com to x.com for continued 2FA access.

Lire la suite »

Dell Storage Manager Vulnerabilities Allow Full System Compromise

2025-10-27 11:20:49
Dell Technologies has disclosed three critical vulnerabilities affecting Dell Storage Manager that could allow unauthenticated remote attackers to completely compromise storage systems. Dell Storage Manager...

Lire la suite »

Microsoft Limits IE Mode In Edge Browser Citing Zero-Day Exploits

2025-10-27 11:14:02
Microsoft recently announced changes to the Internet Explorer mode in Edge browsers, citing zero-day exploits… Microsoft Limits IE Mode In Edge Browser Citing Zero-Day Exploits on Latest Hacking...

Lire la suite »

New Stealit Malware Campaign Exploits Node.js SEA Feature

2025-10-27 11:13:27
Researchers have found a new Stealit malware campaign in the wild that exploits a Node.js… New Stealit Malware Campaign Exploits Node.js SEA Feature on Latest Hacking News | Cyber Security News,...

Lire la suite »

ChatGPT's Atlas Browser Jailbroken to Hide Malicious Prompts Inside URLs

2025-10-27 11:08:05
Security researchers at NeuralTrust have uncovered a critical vulnerability in OpenAI’s Atlas browser that allows attackers to bypass safety measures by disguising malicious instructions as innocent-looking...

Lire la suite »

Payer une rançon ne rime toujours pas avec récupération des données

2025-10-27 11:07:16
Le conseil est souvent répété par les autorités, en cas d’attaques de rançongiciel, il ne faut jamais payer de (...)

Lire la suite »

Can ChatGPT Outperform the Market? Week 11

2025-10-27 11:00:00
+8% increase in one day..

Lire la suite »

Linux variant of Qilin Ransomware targets Windows via remote management tools and BYOVD

2025-10-27 10:45:05
Qilin ransomware group used Linux binaries on Windows to evade EDRs, steal backups, and disable defenses via BYOVD attacks. Trend Research found that the Qilin ransomware group (aka Agenda) used a Linux...

Lire la suite »

Predatory Sparrow Strikes: Coordinated Cyberattacks Seek to Cripple Critical Infrastructure

2025-10-27 10:42:52
A sophisticated cyber-sabotage group known as Predatory Sparrow has emerged as one of the most destructive threat actors targeting Iranian critical infrastructure over the past several years. Unlike traditional...

Lire la suite »

Blockchain, métavers, neuromining… Retour sur 10 ans de prédictions technologiques par Gartner

2025-10-27 09:49:36
Lors de son IT Symposium/Xpo d'Orlando, Gartner émet traditionnellement des prévisions technologiques. Retour sur celles effectuées depuis 10 ans. The post Blockchain, métavers, neuromining…...

Lire la suite »

SICW 2025 : L'ANSSI fer de lance de la coopération franco-singapourienne en matière de cyber

2025-10-27 09:04:12
SICW 2025 : L'ANSSI fer de lance de la coopération franco-singapourienne en matière de cyber anssiadm lun 27/10/2025 - 09:04 Alors que la France célèbre cette année...

Lire la suite »

Qilin Ransomware Combines Linux Payload With BYOVD Exploit in Hybrid Attack

2025-10-27 08:55:00
The ransomware group known as Qilin (aka Agenda, Gold Feather, and Water Galura) has claimed more than 40 victims every month since the start of 2025, barring January, with the number of postings on its...

Lire la suite »

Wordfence blocks 8.7M attacks exploiting old GutenKit and Hunk Companion flaws

2025-10-27 08:40:05
Hackers exploited old RCE flaws in WordPress GutenKit and Hunk Companion plugins. Wordfence firm blocked 8.7M attacks in two days. In September and October 2024, submissions revealed Arbitrary Plugin...

Lire la suite »

AI Parsing of Commercial Proposals: How to Accelerate Proposal Processing and Win Clients

2025-10-27 08:18:22
In 2025, many organizations still rely on manual processing of B2B proposals. Managers spend hours extracting line items, prices, and delivery terms instead of actually talking to customers. AI systems...

Lire la suite »

ChatGPT Atlas Browser Can Be Tricked by Fake URLs into Executing Hidden Commands

2025-10-27 07:29:00
The newly released OpenAI ChatGPT Atlas web browser has been found to be susceptible to a prompt injection attack where its omnibox can be jailbroken by disguising a malicious prompt as a seemingly harmless...

Lire la suite »

A week in security (October 20 – October 26)

2025-10-27 07:15:00
A list of topics we covered in the week of October 20 to October 26 of 2025

Lire la suite »

The TechBeat: The Day the Cloud Cracked: AWS Outage Exposes Fragility of Centralized Internet (10/27/2025)

2025-10-27 06:11:05
How are you, hacker? 🪐Want to know what's trending right now?: The Techbeat by HackerNoon has got you covered with fresh content from our trending stories of the day! Set email preference here. ...

Lire la suite »

GetBlock Launches 50% Discount Program for BlastAPI Users as Platform Shuts Down

2025-10-27 05:09:23
BlastAPI is shutting down on October 31, 2025. Therefore, GetBlock steps in with a limited‑time migration program offering up to  50% off shared RPC node subscriptions. New users can use promo...

Lire la suite »

Code Smell 312 - You Put Multiple Assertions in One Test, Making Failures Hard to Analyze

2025-10-27 05:04:42
You put multiple assertions in one test, making failures hard to analyze.

Lire la suite »

From 50 Pages of Handwritten Notes to a Digital Manuscript with Python and AI

2025-10-27 04:51:33
Apple's HEIC (High-Efficiency Image Container) is great for saving space, but not so great for compatibility. Many APIs and libraries are optimized for older, more universal formats like JPEG. The beauty...

Lire la suite »

Building a Newsletter Prompt That Actually Converts

2025-10-27 04:51:18
I spent six months trying to crack email marketing. My open rates hovered around 18%. Click-through rates barely hit 2%. I read every "expert guide" out there. I even hired a freelance copywriter. Nothing...

Lire la suite »

Never Miss a Streaming Release: Building a Passion Project After a Traffic Collapse

2025-10-27 04:51:16
Deindexed, rebranded, relaunched. Bingebase combines clean calendars, AI-checked dates, and email alerts—turning a programmatic-SEO mistake into a product people return to

Lire la suite »

AI Agents to Discover Drugs

2025-10-27 04:49:11
A synthetic, cross-disciplinary team of AI agents to solve drug discovery problems. The code is written in Python. The goal is to create a team of three specialized agents to tackle a drug discovery problem....

Lire la suite »

Building a TikTok Hook Generator Prompt That Actually Works

2025-10-27 04:47:34
TikTok's algorithm is unforgiving, so a good prompt needs to be. The prompt is structured in layers: Role Definition, Input, Output, Quality Standards, and Industry Examples.

Lire la suite »

Private by Design: Why Confidentiality Is the New Competitive Edge in Web3

2025-10-27 04:46:17
As Web3 evolves, privacy is becoming the foundation for institutional adoption. Advances in zero-knowledge proofs and modular privacy layers now make it possible to protect data while proving compliance....

Lire la suite »

Mem3nt0 mori – The Hacking Team is back!

2025-10-27 03:00:20
Kaspersky researchers discovered previously unidentified commercial Dante spyware developed by Memento Labs (formerly Hacking Team) and linked it to the ForumTroll APT attacks.

Lire la suite »

MyVidster (2025) - 3,864,364 breached accounts

2025-10-27 02:40:29
In October 2025, the data of almost 4M MyVidster users was posted to a public hacking forum. Separate to the 2015 breach, this incident exposed usernames, email addresses and in a small number of cases,...

Lire la suite »

Vulnérabilité dans les produits Belden (27 octobre 2025)

27/10/2025
Une vulnérabilité a été découverte dans les produits Belden. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.

Lire la suite »

Vulnérabilité dans le pilote ODBC de MongoDB (27 octobre 2025)

27/10/2025
Une vulnérabilité a été découverte dans le pilote ODBC de MongoDB. Elle permet à un attaquant de provoquer une élévation de privilèges.

Lire la suite »

Vulnérabilité dans Xen (27 octobre 2025)

27/10/2025
Une vulnérabilité a été découverte dans Xen. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données et un contournement de la politique de sécurité.

Lire la suite »

Vulnérabilité dans Microsoft Configuration Manager (27 octobre 2025)

27/10/2025
Une vulnérabilité a été découverte dans Microsoft Configuration Manager. Elle permet à un attaquant de provoquer une élévation de privilèges.

Lire la suite »

Vulnérabilité dans le client VPN de TheGreenBow (27 octobre 2025)

27/10/2025
Une vulnérabilité a été découverte dans le client VPN de TheGreenBow. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.

Lire la suite »

Vulnérabilité dans Microsoft Windows Server Update Service (27 octobre 2025)

27/10/2025
Une vulnérabilité a été découverte dans Microsoft Windows Server Update Service. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance. L'éditeur a publié un nouveau...

Lire la suite »