Toute l'actualité de la Cybersécurité
New Mirai Botnet Variant ‘Broadside' Actively Attacking Users in the Wild
2025-12-09 10:50:15
A sophisticated new variant of the Mirai botnet, named “Broadside,” has emerged as an active threat targeting maritime shipping companies and vessel operators. The malware exploits a critical...
Microsoft Copilot Disruption in the UK: Users Face Access Issues and Degraded Features
2025-12-09 10:30:10
Microsoft 365 services encountered a snag today, leaving users in the United Kingdom struggling to access Microsoft Copilot or experiencing reduced functionality in key features. The outage, flagged on...
{ Tribune Expert } – L'évolution du risque interne
2025-12-09 10:08:36
À mesure que les adversaires utilisent des sites de confiance pour se dissimuler à la vue de tous, ils se connectent plutôt que de « pirater » leur accès aux organisations.
The post { Tribune Expert...
Polish Police arrest 3 Ukrainians for possessing advanced hacking tools
2025-12-09 10:03:42
Poland arrested three Ukrainian nationals accused of using hacking devices to target IT systems and obtain sensitive defense-related data. Polish police arrested three Ukrainian nationals for allegedly...
AI-Powered Free Security-Audit Checklist for 2026 – ISO 27001, SOC 2, NIST, NIS 2 and GDPR Compliance
2025-12-09 10:00:15
In many companies, audit preparation in 2025 still feels like 2005: Excel lists, scattered evidence, copy & paste from old answers, long coordination loops. At the same time, requirements are increasing...
STAC6565 Targets Canada in 80% of Attacks as Gold Blade Deploys QWCrypt Ransomware
2025-12-09 09:35:00
Canadian organizations have emerged as the focus of a targeted cyber campaign orchestrated by a threat activity cluster known as STAC6565.
Cybersecurity company Sophos said it investigated almost 40 intrusions...
Vade acquis par Proofpoint : Bercy valide sans répondre aux inquiétudes
2025-12-09 09:31:53
En contrepartie d'engagements portant essentiellement sur l'emploi, la France autorise Proofpoint à mettre - indirectement - la main sur Vade.
The post Vade acquis par Proofpoint : Bercy valide sans...
Authorities Arrested Hackers With Specialized FLIPPER Hacking Equipment Used to Attack IT Systems
2025-12-09 09:30:29
Authorities in Warsaw have arrested three suspected hackers found carrying specialized FLIPPER hacking equipment. Other tools are allegedly intended to attack IT and telecommunications systems. The suspects,...
Zimperium découvre un nouveau variant plus sophistiqué du spyware ClayRat
2025-12-09 09:21:24
zLabs, la division de recherche de Zimperium annonce la découverte d'une variante nettement plus sophistiquée de ClayRat, une famille de spyware Android, présentée dans le rapport d'octobre 2025...
Operation FrostBeacon Attacking Finance and Legal Departments with Cobalt Strike Malware
2025-12-09 09:00:19
A sophisticated malware campaign has emerged targeting financial and legal sectors in the Russian Federation, delivering the notorious Cobalt Strike remote access tool to organizations handling sensitive...
Axis acquiert FF Group pour enrichir ses caméras de surveillance
2025-12-09 08:53:49
Axis Communications, le fabricant de caméras de vidéosurveillance vient d’acquérir FF Group, un éditeur tchèque (...)
Notifications Apple : le CERT-FR alerte sur l'espionnage
2025-12-09 08:47:18
Depuis 2021, Apple prévient certaines cibles d'opérations de surveillance sophistiquées. Le CERT-FR vient de lancer une recherche auprés de français impactés....
New Multi-stage JS#SMUGGLER Malware Attack Delivers ‘NetSupport RAT' to Gain Full System Control
2025-12-09 08:25:36
A new malware campaign using multiple attack stages has been discovered that delivers NetSupport RAT through hidden web-based redirects and obfuscated code. The attack unfolds in three stages, starting...
CISA Warns of D-Link Routers Buffer Overflow Vulnerability Exploited in Attacks
2025-12-09 08:20:51
A critical buffer overflow vulnerability affecting D-Link routers has been added to the CISA catalog of Known Exploited Vulnerabilities, indicating active exploitation in the wild. The flaw, tracked as...
Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data
2025-12-09 08:07:00
Cybersecurity researchers have discovered two new extensions on Microsoft Visual Studio Code (VS Code) Marketplace that are designed to infect developer machines with stealer malware.
The VS Code extensions...
SAP Security Patch Day: Fix for Critical Vulnerabilities in SAP Solution Manager, NetWeaver, and Other Products
2025-12-09 07:54:02
SAP released 14 new security notes on its monthly Security Patch Day on December 9, 2025, addressing vulnerabilities across key products, including SAP Solution Manager, NetWeaver, Commerce Cloud, and...
USN-7916-1: python-apt vulnerability
2025-12-09 06:41:41
Julian Andres Klode discovered that python-apt incorrectly handled
deb822 configuration files. An attacker could use this issue to cause
python-apt to crash, resulting in a denial of service.
Burp Suite's Scanning Arsenal Powered With Detection for Critical React2Shell Vulnerabilities
2025-12-09 06:27:24
PortSwigger has enhanced Burp Suite’s scanning arsenal with the latest update to its ActiveScan++ extension, introducing detection for the critical React2Shell vulnerabilities (CVE-2025-55182 and...
USN-7412-3: GnuPG vulnerability
2025-12-09 05:14:53
USN-7412-1 fixed a vulnerability in GnuPG. This update provides the
corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that GnuPG incorrectly...
AIs Quiet Move Into the Linux Kernel Raises New Linux Kernel Security Questions
2025-12-09 03:12:59
AI-written patches are starting to land in kernel discussions, and the timing has people watching closely. The code looks ordinary at first glance, yet the review notes keep circling the same point: something...
Fedora 41 ABRT Critical Command Injection Vulnerability Fix CVE-2025-12744
2025-12-09 01:38:40
Fix CVE-2025-12744
Fedora 42: mingw-libpng Important Heap Buffer Overflow Vuln 2025-9d0f04f316
2025-12-09 01:11:17
Update to libpng-1.6.51.
Fedora 43: mingw-libpng Critical Buffer Overflow Advisories 2025-f54c75f2f9
2025-12-09 00:54:28
Update to libpng-1.6.51.
FinCEN data shows .5B in ransomware payments, record spike in 2023
2025-12-09 00:26:49
Ransomware payments reported to FinCEN exceeded .5B by 2024, with 2023 marking a record year at .1B across 1,512 incidents. FinCEN analyzed ransomware trends using Bank Secrecy Act (BSA) reports filed...
Ransomware gangs turn to Shanya EXE packer to hide EDR killers
2025-12-09 00:00:05
Several ransomware groups have been spotted using a packer-as-a-service (PaaS) platform named Shanya to assist in EDR (endpoint detection and response) killing operations. [...]