Toute l'actualité de la Cybersécurité


Ingram Micro outage caused by SafePay ransomware attack

2025-07-05 15:58:49
An ongoing outage at IT giant Ingram Micro is caused by a SafePay ransomware attack that led to the shutdown of internal systems, BleepingComputer has learned. [...]

Lire la suite »

“CitrixBleed 2” Vulnerability PoC Released – Warns of Potential Widespread Exploitation

2025-07-05 13:39:40
Critical flaw in Citrix NetScaler devices echoes infamous 2023 security breach that crippled major organizations worldwide. The new critical vulnerability in Citrix NetScaler devices has security experts...

Lire la suite »

Russia Jailed Hacker Who Worked for Ukrainian Intelligence to Launch Cyberattacks on Critical Infrastructure

2025-07-05 12:37:24
Russian Federal Security Service (FSB) officers have detained two hackers in Siberia who conducted cyberattacks on critical infrastructure facilities under direct orders from Ukrainian intelligence services....

Lire la suite »

Threat Actors Turning Job Offers Into Traps, Over 4 Million Lost in 2024 Alone

2025-07-05 12:18:58
Cybercriminals are exploiting the economic uncertainty and remote work trends to orchestrate sophisticated employment fraud schemes, with victims losing over 4 million in 2024 alone according to FBI...

Lire la suite »

Instagram Started Using 1-Week Validity TLS Certificates and Changes Them Daily

2025-07-05 12:18:56
Instagram has adopted an unprecedented approach to web security by implementing daily rotation of TLS certificates that maintain validity periods of just one week, according to a recent technical analysis. ...

Lire la suite »

Writable File in Lenovo's Windows Directory Enables a Stealthy AppLocker Bypass

2025-07-05 12:07:59
A significant security vulnerability has been discovered in Lenovo’s preloaded Windows operating systems, where a writable file in the Windows directory enables attackers to bypass Microsoft’s...

Lire la suite »

New Phishing Attack Impersonates as DWP Attacking Users to Steal Credit Card Data

2025-07-05 11:56:58
A sophisticated phishing campaign targeting UK citizens has emerged, masquerading as official communications from the Department for Work and Pensions (DWP) to steal sensitive financial information. The...

Lire la suite »

XWorm – The Most Active RAT Uses New Stagers and Loaders to Bypass Defenses

2025-07-05 11:29:35
XWorm has emerged as one of the most versatile and actively distributed remote access trojans in the current threat landscape, establishing itself as a formidable tool in cybercriminals’ arsenals....

Lire la suite »

Threat Actors Abused AV – EDR Evasion Framework In-The-Wild to Deploy Malware Payloads

2025-07-05 11:03:36
Cybersecurity researchers have uncovered a concerning development as malicious actors began exploiting SHELLTER, a commercial anti-virus and endpoint detection response (EDR) evasion framework, to deploy...

Lire la suite »

How Digital Executive Protection Shields Top Leaders from Modern Threats

2025-07-05 10:57:07
Cybersecurity threats have emerged so quickly that most companies struggle to keep up and executives are often the…

Lire la suite »

Scattered Spider Upgraded Their Tactics to Abuse Legitimate Tools to Evade Detection and Maintain Persistence

2025-07-05 09:44:43
The cybercriminal group known as Scattered Spider has significantly evolved its attack methodologies, demonstrating alarming sophistication in exploiting legitimate administrative tools to maintain persistent...

Lire la suite »

Hackers Exploit Legitimate Inno Setup Installer to Use as a Malware Delivery Vehicle

2025-07-05 08:34:02
Cybercriminals have increasingly turned to legitimate software installation frameworks as vehicles for malware distribution, with Inno Setup emerging as a preferred tool for threat actors seeking to bypass...

Lire la suite »

The TechBeat: AI Security Posture Management (AISPM): How to Handle AI Agent Security (7/5/2025)

2025-07-05 06:10:55
How are you, hacker? 🪐Want to know what's trending right now?: The Techbeat by HackerNoon has got you covered with fresh content from our trending stories of the day! Set email preference here. ...

Lire la suite »

Web Monitoring Tools For OSINT Investigation

2025-07-05 02:46:58
must-have tools for OSINT investigatorsContinue reading on InfoSec Write-ups »

Lire la suite »

The Password I Never Reset — And Still Got In

2025-07-05 02:46:50
😶 The Password I Never Reset — And Still Got In“Wait… I didn't even set a new password. How am I inside the account?”That's not how it's supposed to work… right?But that's exactly...

Lire la suite »

Just Wanted to Be a Driver, Ended Up Discovering a Time Capsule

2025-07-05 02:46:44
I just wanted to hustle and make some side cash. Instead, I unearthed a digital fossil from the Yahoo era.Continue reading on InfoSec Write-ups »

Lire la suite »

Behind the Scenes: How Pre-Prod Leaks Led Me to Prod Secrets

2025-07-05 02:46:37
Hey there!😁Continue reading on InfoSec Write-ups »

Lire la suite »

Why Multi-Factor Authentication Still Isn't Enough

2025-07-05 02:46:30
Last month, a company got breached. The attackers waltzed through their systems like they owned the place. Every single user had…Continue reading on InfoSec Write-ups »

Lire la suite »

The Rise of Ransomware-as-a-Service

2025-07-05 02:46:24
How cybercriminals transformed from lone wolves into organized crime syndicatesContinue reading on InfoSec Write-ups »

Lire la suite »

Quantum Computing vs. Current Encryption: The Ticking Time Bomb

2025-07-05 02:46:18
The cryptographic foundation of our digital world is about to crumble.Continue reading on InfoSec Write-ups »

Lire la suite »

Incident Response: What It Really Means

2025-07-05 02:46:12
Before we dive into the step-by-step of incident response, let’s get one thing straight:  Not every little glitch or ping deserves to be…Continue reading on InfoSec Write-ups »

Lire la suite »

,000 Bounty: Breaking Capability Enforcement in CosmWasm Contracts

2025-07-05 02:46:04
How One Line of Compiler Code Let Attackers Execute Unauthorized Actions on Restricted ChainsContinue reading on InfoSec Write-ups »

Lire la suite »

Enumerating Subdomains With Python

2025-07-05 02:45:57
Source: https://www.ceeyu.io/resources/blog/subdomain-enumeration-tools-and-techniquesIntroductionSubdomain enumeration is a critical reconnaissance phase in security assessments that involves systematically...

Lire la suite »

Fedora 41: FEDORA-2025-d3dee9f37d critical: yarnpkg pbkdf2 library fix

2025-07-05 01:46:06
Update bundled pbkdf2 library.

Lire la suite »