Toute l'actualité de la Cybersécurité
Alice Blue Partners with AccuKnox for Regulatory Compliance
2025-11-17 20:53:38
Menlo Park, CA, November 17th, 2025, CyberNewsWire.
Princeton University discloses data breach affecting donors, alumni
2025-11-17 19:36:52
A Princeton University database was compromised in a cyberattack on November 10, exposing the personal information of alumni, donors, faculty members, and students. [...]
Dutch police seizes 250 servers used by “bulletproof hosting” service
2025-11-17 19:19:31
The police in the Netherlands have seized around 250 physical servers powering a bulletproof hosting service in the country used exclusively by cybercriminals for providing complete anonymity. [...]
Microsoft mitigated the largest cloud DDoS ever recorded, 15.7 Tbps
2025-11-17 19:13:09
Microsoft says the Aisuru botnet launched a 15.7 Tbps DDoS on Azure from 500k IPs, using massive UDP floods peaking at 3.6 B pps. On October 24, 2025, Azure DDoS Protection detected and mitigated a massive...
Pig-Butchering Scams Operators Scaled Their Operations with The Support of AI-Assistants
2025-11-17 18:24:48
Pig-butchering scams have grown into one of the most damaging global cybercrime threats, causing billions of dollars in losses every year. These long-term investment fraud schemes work by building trust...
The price of ChatGPT's erotic chat? /month and your identity
2025-11-17 17:18:52
This is how surveillance gets normalized: one “safety” feature at a time.
Microsoft: Azure hit by 15 Tbps DDoS attack using 500,000 IP addresses
2025-11-17 17:13:15
Microsoft said today that the Aisuru botnet hit its Azure network with a 15.72 terabits per second (Tbps) DDoS attack, launched from over 500,000 IP addresses. [...]
Collaborative research by Microsoft and NVIDIA on real-time immunity
2025-11-17 17:03:54
Read about Microsoft and NVIDIA joint research on real-time immunity.
The post Collaborative research by Microsoft and NVIDIA on real-time immunity appeared first on Microsoft Security Blog.
Cybersécurité : comment la France prépare la défense de ses données à l'ère quantique
2025-11-17 17:03:28
Depuis longtemps, la physique quantique nourrit la science-fiction. Dans Star Trek, des capitaines utilisent le tunnel quantique et l'intrication pour téléporter des personnages vers des mondes lointains,...
Black Friday : CyberArk appelle à repenser la gestion des identités
2025-11-17 17:01:18
À l'occasion du Black Friday une période de fortes promotions en ligne, CyberArk leader mondial de la sécurité des identités, souhaite alerter sur un enjeu encore trop souvent négligé : la manière...
Endgame Europol : Proofpoint, partenaire déterminant du démantèlement de 1025 Serveurs
2025-11-17 16:58:24
L’Opération Endgame d’Europol vient de marquer un tournant majeur dans la lutte contre la cybercriminalité internationale. Tribune – Coordonnée du 10 au 13 novembre 2025 depuis La...
New EVALUSION ClickFix Campaign Delivers Amatera Stealer and NetSupport RAT
2025-11-17 16:53:00
Cybersecurity researchers have discovered malware campaigns using the now-prevalent ClickFix social engineering tactic to deploy Amatera Stealer and NetSupport RAT.
The activity, observed this month,...
The Ecological Cost of the Digital Revolution
2025-11-17 16:48:36
The digital revolution requires gargantuan levels of electricity consumption to sustain itself, exacerbating an already precarious climate change scenario. The social havoc being wreaked by relentless...
Everest Ransomware Says It Stole Data of Millions of Under Armour Users
2025-11-17 16:46:22
Everest ransomware claims to have breached Under Armour, stealing 343GB of data, including customer info, product records, and internal company files.
DoorDash email spoofing vulnerability sparks messy disclosure dispute
2025-11-17 16:32:09
A vulnerability in DoorDash's systems could allow anyone to send "official" DoorDash-themed emails right from company's authorized servers, paving a near-perfect phishing channel. DoorDash has now patched...
C'est inédit : une IA a planifié, exécuté et documenté une cyberattaque, les experts parlent d'un tournant
2025-11-17 16:18:06
Alors que l'intelligence artificielle s'impose dans la cybersécurité, Anthropic révèle la première campagne de cyberespionnage menée presque entièrement par une IA. Des hackers auraient détourné...
Pajemploi piraté, 1,2 million de données de salariés volées
2025-11-17 16:14:52
Après le piratage massif de France Travail, un autre service public a été pris pour cible par les pirates : Pajemploi. Ce service (...)
The HackerNoon Newsletter: Can ChatGPT Outperform the Market? Week 16 (11/17/2025)
2025-11-17 16:01:53
How are you, hacker?
🪐 What's happening in tech today, November 17, 2025?
The
HackerNoon Newsletter
brings the HackerNoon
...
The Evolving Role of Technical Leadership in the Age of AI: Rise of the Hybrid Leader
2025-11-17 16:01:35
As AI automates traditional management tasks, the classic process-driven technical leader is becoming obsolete. Mitesh Sinha's research highlights the rise of the “hybrid leader”—professionals...
Meet Catchpoint: HackerNoon Company of the Week
2025-11-17 16:00:07
This week, HackerNoon features Catchpoint, the internet performance monitoring platform used by Google, LinkedIn, Tencent, and many, many more!
Frentree Partners with AccuKnox to Expand Zero Trust CNAPP Security in South Korea
2025-11-17 13:45:43
Menlo Park, California, USA, 17th November 2025, CyberNewsWire
Can ChatGPT Outperform the Market? Week 16
2025-11-17 16:00:00
Another losing streak..
Pennsylvania AG confirms data breach after INC Ransom attack
2025-11-17 15:57:48
The office of Pennsylvania's attorney general has confirmed that the ransomware gang behind an August 2025 cyberattack stole files containing personal and medical information. [...]
Revolutionizing Supply Chain Efficiency: Nitin Agarwal's PreCheck AI Yard Check-In Camera System
2025-11-17 15:56:59
Nitin Agarwal revolutionized logistics with the PreCheck AI Yard Check-In System, replacing slow, error-prone manual truck entry with automated computer vision, OCR, and real-time WMS/YMS integration....
Your coworker is tired of AI “workslop” (Lock and Code S06E23)
2025-11-17 15:44:24
This week on the Lock and Code podcast, we speak with Dr. Kristina Rapuano about AI "workslop" and its impact on people and their attitudes.
Cursor Issue Paves Way for Credential-Stealing Attacks
2025-11-17 15:42:38
Researchers discovered a security weakness in the AI-powered coding tool that allows malicious MCP server to hijack Cursor's internal browser.
The Best PR Agencies Who Help Brands Show Up in Generative Search
2025-11-17 15:25:33
Generative search has become the new front door for brand discovery. ChatGPT, Gemini, Claude, and Perplexity now shape how buyers find companies. This guide breaks down the firms most commonly recommended...
Why DynamoDB Costs Explode
2025-11-17 15:00:00
DynamoDB's per-operation billing model hides costly pitfalls: rounded-up reads/writes, global table replication, DAX caching, and auto-scaling inefficiencies. Real-world cases show costs ballooning...
12 Best Web Scraping APIs in 2025
2025-11-17 14:59:59
Web scraping APIs have replaced traditional scrapers by automating proxies, browser emulation, and anti-bot evasion. This guide reviews the top 12 APIs of 2025—Oxylabs, Decodo, ScrapingBee, Zyte, Bright...
Microsoft: Windows bug blocks Microsoft 365 desktop app installs
2025-11-17 14:54:31
Microsoft is working to resolve a known issue preventing users from installing the Microsoft 365 desktop apps on Windows devices. [...]
Google relance Cameyo dans Chrome Enterprise
2025-11-17 14:51:27
Un an et demi après l'acquisition de Cameyo, Google rend la plateforme de virtualisation d'applications accessible à tous les utilisateurs (...)
Apple accélère la préparation de l'après Tim Cook
2025-11-17 14:50:36
Apple multiplie les discussions autour de la succession de son CEO, possiblement dès 2026. John Ternus, patron de l'ingénierie matérielle, apparaît comme le favori.
The post Apple accélère la préparation...
Avec La Tech pour Toutes, l'école 42 renouvelle son soutien à la mixité IT
2025-11-17 14:40:27
Dans la foulée de ses piscines Discovery, l’école d’informatique 42 poursuit son engagement en faveur de la mixité IT (...)
Jaguar Land Rover confirms major disruption and £196M cost from September cyberattack
2025-11-17 14:37:23
Jaguar Land Rover says the September 2025 cyberattack halted production, led to data theft, and cost £196M in the quarter. Jaguar Land Rover reported that a September 2025 cyberattack, claimed by Scattered...
Messari's Coverage Spotlights ChatAndBuild's Game-Changing Non-Fungible Agent Economy
2025-11-17 14:29:59
Messari's new report highlights ChatAndBuild's rise as it transforms NFTs into intelligent, auditable agents under the BAP-578 standard. With 150k+ users, major partnerships, and cross-chain plans,...
Gestion des actifs numériques : la GenAI ne rend pas les prix plus lisibles
2025-11-17 14:19:39
L'intégration de GenAI dans les solutions de gestion des actifs numériques ajoute à la complexité des tarifications.
The post Gestion des actifs numériques : la GenAI ne rend pas les prix plus lisibles...
TaskHound Tool – Detects Windows Scheduled Tasks Running with Elevated Privileges and Stored Credentials
2025-11-17 14:19:37
A new open-source security tool, TaskHound, helps penetration testers and security professionals identify high-risk Windows scheduled tasks that could expose systems to attacks. The tool automatically...
Scammers are sending bogus copyright warnings to steal your X login
2025-11-17 13:57:19
A copyright violation sounds serious, so cybercriminals are faking messages from the DMCA to lure you into handing over your X credentials.
Official 2026 Cybersecurity Market Report: Predictions And Statistics
2025-11-17 13:38:03
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Nov. 17, 2025 – Read the full report The imperative to protect increasingly digitized businesses, governments,...
EchoGram Flaw Bypasses Guardrails in Major LLMs
2025-11-17 13:20:46
HiddenLayer reveals the EchoGram vulnerability, which bypasses safety guardrails on GPT-5.1 and other major LLMs, giving security teams just a 3-month head start.
Hackers Leverages Microsoft Entra Tenant Invitations to Launch TOAD Attacks
2025-11-17 13:06:03
A new phishing campaign has emerged that weaponizes Microsoft Entra guest user invitations to deceive recipients into making phone calls to attackers posing as Microsoft support. The attack leverages...
CISA Warns of Fortinet FortiWeb WAF Vulnerability Exploited in the Wild to Gain Admin Access
2025-11-17 13:02:10
CISA has issued an urgent alert about a critical vulnerability in Fortinet’s FortiWeb Web Application Firewall (WAF), actively exploited by threat actors to seize administrative control of affected...
I Tested “Spiritual Technology” on My Genes and Discovered a Deception Detector
2025-11-17 12:41:01
David R. Hawkins' book is half spiritual guidebook, half philosophical treatise, and half scientific claim. He claims to have discovered a way to objectively distinguish truth from falsehood using nothing...
⚡ Weekly Recap: Fortinet Exploited, China's AI Hacks, PhaaS Empire Falls & More
2025-11-17 12:34:00
This week showed just how fast things can go wrong when no one's watching. Some attacks were silent and sneaky. Others used tools we trust every day — like AI, VPNs, or app stores — to cause damage...
EVALUSION Campaign Using ClickFix Technique to deploy Amatera Stealer and NetSupport RAT
2025-11-17 12:32:42
In November 2025, a new malware campaign emerged that combines social engineering tricks with advanced stealing tools. The attack starts when criminals trick users into running commands through the Windows...
Critical RCE Vulnerabilities in AI Inference Engines Exposes Meta, Nvidia and Microsoft Frameworks
2025-11-17 12:27:02
As artificial intelligence infrastructure rapidly expands, critical security flaws threaten the backbone of enterprise AI deployments. Security researchers at Oligo Security have uncovered a series of...
Iranian SpearSpecter Attacking High-Value Officials Using Personalized Social Engineering Tactics
2025-11-17 12:03:04
A dangerous espionage campaign is targeting senior government and defense officials worldwide. Iranian hackers are using fake conference invitations and meeting requests to trick victims. The attackers...
Building with AI: How Val Garnaga Is Advancing Medical Intelligence at Suki
2025-11-17 12:00:03
This interview dives into Val Garnaga's journey from early neural network research to leading Suki AI's machine learning platform and pioneering quantum-classical hybrid models for medical diagnostics....
5 Reasons Why Attackers Are Phishing Over LinkedIn
2025-11-17 11:55:00
Phishing attacks are no longer confined to the email inbox, with 1 in 3 phishing attacks now taking place over non-email channels like social media, search engines, and messaging apps.
LinkedIn in particular...
Dragon Breath Uses RONINGLOADER to Disable Security Tools and Deploy Gh0st RAT
2025-11-17 11:20:00
The threat actor known as Dragon Breath has been observed making use of a multi-stage loader codenamed RONINGLOADER to deliver a modified variant of a remote access trojan called Gh0st RAT.
The campaign,...
New MobileGestalt Exploit for iOS 26.0.1 Enables Unauthorized Writes to Protected Data
2025-11-17 11:11:07
A sandbox escape vulnerability affecting iPhones and iPads running iOS 16.2 beta 1 or earlier versions. The proof-of-concept (POC) exploits weaknesses in the itunesstored and bookassetd daemons, enabling...
Researchers Detailed Techniques to Detect Outlook NotDoor Backdoor Malware
2025-11-17 11:03:53
Outlook NotDoor backdoor malware first appeared in threat campaigns identified by Lab52, the intelligence arm of Spanish firm S2 Grupo. Linked to APT28/Fancy Bear, NotDoor leverages malicious Outlook...
North Korean threat actors use JSON sites to deliver malware via trojanized code
2025-11-17 10:53:41
North Korean Contagious Interview actors now host malware on JSON storage sites to deliver trojanized code projects, NVISO reports. North Korea-linked actors behind the Contagious Interview campaign have...
Focus sur Private Discuss, une solution française collaborative sécurisée
2025-11-17 09:50:46
Dans un contexte où la souveraineté numérique et la protection des données prennent une importance croissante, plusieurs éditeurs (...)
Akira : l'évolution d'un ransomware qui chiffre jusqu'aux VM Nutanix
2025-11-17 09:45:20
À un an et demi d'intervalle, la CISA a actualisé son bulletin relatif au ransomware Akira. Les techniques ont évolué, les cibles aussi.
The post Akira : l’évolution d’un ransomware qui...
L'IA sert à adapter automatiquement un malware
2025-11-17 09:28:17
Dans un dernier rapport, l'équipe de chercheurs en sécurité de Google (GTIG) a établi que des pirates ont utilisé (...)
LSN-0116-1: Kernel Live Patch Security Notice
2025-11-17 08:52:30
In the Linux kernel, the following vulnerability has been
resolved: net: atlantic: eliminate double free in error handling logic
Driver has a logic leak in ring data allocation/free, where aq_ring_free
could...
openSUSE: Kernel Important Security Update 2025:4111-1 173 Issues Fixed
2025-11-17 08:33:09
An update that solves 173 vulnerabilities, contains two features and has 19 security fixes can now be installed.
SUSE Security Update 2025:4111-1 Addresses Critical CVE Threats in Kernel
2025-11-17 08:33:08
* bsc#1065729 * bsc#1205128 * bsc#1206893 * bsc#1207612 * bsc#1207619
openSUSE Leap 15.3: openssh Moderate Threat Update 2025:4112-1
2025-11-17 08:30:23
An update that solves two vulnerabilities can now be installed.
openSUSE: openssh Moderate Code Execution Fix CVE-2025-61984 2025:4112-1
2025-11-17 08:30:22
* bsc#1251198 * bsc#1251199 Cross-References: * CVE-2025-61984
Fedora: libxml2 Critical Stack Overflow Issue 2025:5116-2
2025-11-17 08:30:15
An update that solves two vulnerabilities can now be installed.
SUSE: libxml2 Moderate Risk of Infinite Recursion - Advisory 2025:4115-1
2025-11-17 08:30:14
* bsc#1247850 * bsc#1249076 Cross-References: * CVE-2025-8732
RondoDox expands botnet by exploiting XWiki RCE bug left unpatched since February 2025
2025-11-17 08:04:19
RondoDox botnet exploits unpatched XWiki flaw CVE-2025-24893 to gain RCE and infect more servers, despite fixes released in February 2025. RondoDox is targeting unpatched XWiki servers via critical RCE...
A week in security (November 10 – November 16)
2025-11-17 08:02:00
A list of topics we covered in the week of November 10 to November 16 of 2025
Rust Adoption Drives Android Memory Safety Bugs Below 20% for First Time
2025-11-17 06:02:00
Google has disclosed that the company's continued adoption of the Rust programming language in Android has resulted in the number of memory safety vulnerabilities falling below 20% of total vulnerabilities...
AIPAC Discloses Data Breach, Says Hundreds Affected
2025-11-17 01:23:58
AIPAC reports data breach after external system access, hundreds affected, investigation ongoing with added security steps.
List of 10 new domains
2025-11-17 00:00:00
.fr caisse-dep[.fr] (registrar: Hostinger operations UAB)
comissairejustice[.fr] (registrar: KEY-SYSTEMS GmbH)
dpd-suivi[.fr] (registrar: IONOS SE)
geodis-idf[.fr] (registrar: IONOS SE)
glloball-transit[.fr]...
Multiples vulnérabilités dans les produits NetApp (17 novembre 2025)
17/11/2025
De multiples vulnérabilités ont été découvertes dans les produits NetApp. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité...
Multiples vulnérabilités dans Mozilla Thunderbird (17 novembre 2025)
17/11/2025
De multiples vulnérabilités ont été découvertes dans Mozilla Thunderbird. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un contournement...
Multiples vulnérabilités dans Mattermost Server (17 novembre 2025)
17/11/2025
De multiples vulnérabilités ont été découvertes dans Mattermost Server. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.