Toute l'actualité de la Cybersécurité
SecurityMetrics Wins Most Promising SMB Cybersecurity Award from Cyber Defense Magazine
2026-06-02 15:59:59
SecurityMetrics has won an award for their tool, Shopping Cart Monitor (SCM) which helps SMBs strengthen their cybersecurity posture and defend against e-commerce threats.
The Hidden Cost of Compute: Why We're Building the Wrong AI Infrastructure
2026-06-02 15:54:51
to be deleted
Instagram users locked out after Meta AI abused to steal accounts
2026-06-02 15:47:33
Multiple Instagram users had their accounts hijacked after attackers convinced Meta's AI-powered support tools that they were the legitimate owners. [...]
Halo Security Honored with 2026 MSP Today Product of the Year Award
2026-06-02 12:00:17
Miami Beach, FL, USA, 2nd June 2026, CyberNewswire
U.S. CISA adds Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog
2026-06-02 15:18:52
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added...
Hackers Abused Meta's AI Support Bot to Hijack Major Instagram Accounts
2026-06-02 14:58:17
Hackers abused Meta's AI support bot to hijack major Instagram accounts, bypassing security checks as videos showed the flaw before Meta fixed the issue.
USN-8371-1: Linux kernel vulnerabilities
2026-06-02 14:46:10
It was discovered that the Linux kernel did not properly handle shared page
fragments during socket buffer operations, collectively known as Dirty
Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem...
PC Workman Earns a 58 Proof of Usefulness Score by Building a Real-Time System Monitor That Explains Why Your PC Is Slow
2026-06-02 14:40:31
PC Workman is a Windows system-monitoring and optimization tool that uses a local AI assistant, hck_GPT, to explain system behavior in plain language rather than simply displaying hardware statistics....
CISA Warns of Two-Year-Old Oracle WebLogic Server Vulnerability Exploited in Attacks
2026-06-02 14:31:57
CISA has issued a fresh warning highlighting active exploitation of a critical Oracle WebLogic Server vulnerability, tracked as CVE-2024-21182, adding it to its Known Exploited Vulnerabilities (KEV) catalog...
Why the browser is now the front line for AI security
2026-06-02 14:30:40
AI-powered attacks and shadow AI adoption are creating new security risks inside the browser. Push Security explains why browser visibility is becoming critical for both threat detection and AI governance....
Critical KMW CCTV Vulnerability Let Attackers Gain Unauthorized Access to Camera Feeds
2026-06-02 14:27:38
A critical security flaw in KMW CCTV security cameras could allow attackers to gain full, unauthorized access to live camera feeds and device settings. The vulnerability, tracked as CVE-2026-5386, has...
Assistants de codage : au régime agentique, un autre paysage concurrentiel
2026-06-02 14:18:50
Sous le prisme agentique, la dynamique concurrentielle du marché des assistants de codage évoluent... au désavantage des hyperscalers face aux fournisseurs de modèles de fondation.
The post Assistants...
Anthropic Expands Project Glasswing Claude Mythos Preview to 150 New Organizations
2026-06-02 14:17:39
Anthropic has significantly broadened the reach of Project Glasswing, its collaborative AI-driven cybersecurity initiative, by extending access to Claude Mythos Preview to approximately 150 new organizations....
Your AI Vendor's "Zero Training" Promise Doesn't Mean What You Think
2026-06-02 14:15:55
This article argues that enterprise buyers frequently misunderstand AI vendors' "we do not train on your data" commitments. While such clauses typically prevent customer data from being used to train...
The TechBeat: Nobody Told Me Securing APIs Was My Problem in OutSystems (6/2/2026)
2026-06-02 14:01:16
How are you, hacker?
🪐Want to know what's trending right now?:
The Techbeat by HackerNoon has got you covered with fresh content from our trending stories of the day! Set email preference here.
...
359 Blog Posts To Learn About Innovation
2026-06-02 14:00:49
Let's learn about Innovation via these 359 free blog posts. They are ordered by HackerNoon reader engagement data. Visit the Learn Repo or LearnRepo.com to find the most read blog posts about any technology.
“If...
Oracle livre ses premiers correctifs de sécurité mensuels
2026-06-02 13:53:29
Comme prévu, Oracle a publié ses premiers correctifs de sécurité dans le cadre de son nouveau cycle mensuel de mises à (...)
USN-8370-1: Linux kernel vulnerabilities
2026-06-02 13:52:18
It was discovered that the Linux kernel did not properly handle shared page
fragments during socket buffer operations, collectively known as Dirty
Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem...
CISA Flags Palo Alto Networks PAN-OS Vulnerability as Exploited in Attacks
2026-06-02 13:48:15
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Palo Alto Networks PAN-OS vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw...
Microsoft MSRC Allegedly Dismissed Dependency Confusion Vulnerability, Claims Researcher
2026-06-02 13:45:05
A dependency confusion vulnerability affecting Microsoft’s Azure Portal after the Microsoft Security Response Center (MSRC) closed the case, claiming the confirmed remote code execution evidence...
Mustang Panda Deploys PlugX RAT Through Multi-Stage LNK and PowerShell Attack Chain
2026-06-02 13:43:29
A well-known Chinese state-sponsored threat group called Mustang Panda has been caught running a sophisticated cyberattack campaign using its signature remote access tool, PlugX. The group used a cleverly...
Modern iOS Networking Beyond REST APIs
2026-06-02 13:42:49
Modern iOS networking has evolved far beyond traditional REST APIs. Technologies such as HTTP/3, WebSockets, GraphQL, gRPC, QUIC, and Network.framework are reshaping how iOS applications handle real-time...
Tech Boost'her oriente les femmes vers les métiers IT et industriels
2026-06-02 13:38:05
Malgré les actions lancées en faveur de la féminisation dans l’IT, force est de constater que la mixité n’a pas significativement (...)
Hackers Use 34 Malicious Packages to Steal Cloud Keys, Wallets, and SSH Credentials
2026-06-02 13:35:16
Hackers have planted 34 malicious packages across three major open-source ecosystems, quietly stealing cloud credentials, SSH keys, and blockchain wallet data from developers who never suspected a thing....
I Built an AI-Assisted Data Quality Layer for Operations Dashboards
2026-06-02 13:33:39
This article proposes an AI-assisted data quality layer that sits between raw data sources and business dashboards. Combining schema validation, business-rule enforcement, anomaly detection, severity...
How to Steer an AI's Decision Without Touching It
2026-06-02 13:32:40
AI agents can be quietly influenced by what they read before making a decision. In tests, biased feeds pushed smaller models toward planted choices, including risky security decisions. Stronger models...
SolyxImmortal Python Malware Steals Browser Passwords, Cookies, Files, and Keystrokes
2026-06-02 13:30:30
A new Python-based malware called SolyxImmortal has been found quietly stealing browser passwords, cookies, sensitive files, and keystrokes from infected Windows systems. The malware uses well-known Python...
Anthropic file vers une IPO à plus de 1 000 milliards $
2026-06-02 13:23:30
Anthropic a déposé confidentiellement son dossier auprès du gendarme boursier américain. Une course de vitesse s'engage avec OpenAI et SpaceX.
The post Anthropic file vers une IPO à plus de 1 000...
Plusieurs distributions Linux vulnérables à la faille CIFSwitch
2026-06-02 13:23:11
Après Copy Fail et Dirty Frag, une autre faille menace les environnements Linux. La CVE-2026-46243, baptisée CIFSwitch est restée (...)
How to Move a Magento Store to Hyvä Without Breaking Everything
2026-06-02 13:19:20
Magento's default Luma theme is slow — RequireJS, jQuery, and Knockout drag mobile performance down. Hyvä rebuilds the storefront on Tailwind +
Alpine.js for big Core Web Vitals gains, but migrating...
USN-8369-1: Apache Tomcat Connectors vulnerability
2026-06-02 13:16:16
It was discovered that Apache Tomcat Connectors used incorrect default
permissions for shared memory on Unix-like systems. A local attacker
could possibly use this issue to view or modify mod_jk configuration
data...
USN-8368-1: libeconf vulnerability
2026-06-02 13:09:17
It was discovered that libeconf did not properly check the size of
input when copying data to a buffer. An attacker could possibly use
this issue to cause libeconf to crash, resulting in a denial of
service....
USN-8367-1: tar-fs vulnerabilities
2026-06-02 13:00:16
It was discovered that tar-fs did not properly limit paths when
extracting crafted tar files. An attacker could possibly use this
issue to write or overwrite files outside the intended extraction
directory....
Claude Down for Users Worldwide as Hundreds Report Service Issues
2026-06-02 12:56:23
Anthropic's popular AI assistant, Claude, experienced a significant disruption today, with users worldwide reporting that both web and code-related services were slow, unstable, or completely unavailable....
ESPN Journalist Dan Wetzel On Matt Weiss Hacking Allegations
2026-06-02 12:55:43
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Jun. 2, 2026 – Listen to the podcast In Dec. 2025, ESPN reported that former University of Michigan...
Inside Orbs V5: The B Layer-3 Just Shipped Its Cross-Chain Verification Primitive
2026-06-02 12:53:04
What does on-chain trading infrastructure look like once we stop pretending bridges are a long-term answer?
\
By the Chainalysis mid-year tally for 2025, over .17 billion in crypto was already stolen...
USN-8366-1: Luanti vulnerabilities
2026-06-02 12:48:54
It was discovered that Luanti, when using LuaJIT, did not properly
enforce Lua sandbox restrictions. An attacker could possibly use
this issue to execute arbitrary code. (CVE-2026-40959)
It was discovered...
USN-8365-1: Dovecot vulnerabilities
2026-06-02 12:42:17
It was discovered that Dovecot incorrectly treated some variable expansion
pipelines as safe in authentication filters. An attacker could possibly use
this issue to perform SQL or LDAP injection attacks....
USN-8364-1: Apache Commons Lang vulnerability
2026-06-02 12:42:11
It was discovered that Apache Commons Lang incorrectly handled recursion
in the ClassUtils.getClass method. An attacker could possibly use this
issue to cause Apache Commons Lang to crash, resulting in...
CISA flags two-year-old Oracle flaw as actively exploited in attacks
2026-06-02 12:40:33
CISA has ordered government agencies to secure their systems against a high-severity Oracle WebLogic Server vulnerability that was patched two years ago and is now actively exploited in attacks. [...]
New WordPress Malware Uses Steam Profile Comments to Hide C2 Instructions
2026-06-02 12:29:22
GoDaddy researchers found WordPress malware using Steam Community profile comments to hide encoded command and control data, with nearly 1,980 sites affected.
USN-8363-1: MySQL vulnerabilities
2026-06-02 12:24:56
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.
MySQL has been updated to 8.0.46 in Ubuntu 22.04 LTS and Ubuntu 24.04 LTS.
Ubuntu...
Campus AI : la France se branche sur 3 gigawatts
2026-06-02 12:23:07
Mistral AI, Bpifrance et le fonds émirati MGX ont annoncé l'extension spectaculaire du Campus AI. Un doublement de la mise initiale pour atteindre une capacité de calcul de 3 gigawatts, équivalente...
Intel mise sur l'efficacité énergétique avec ses puces Xeon 6+ et Xe3P
2026-06-02 12:10:22
A l’occasion du salon Computex qui se déroule à Taïwan du 2 au 5 juin, Intel a fait plusieurs annonces pour équiper les (...)
Compete for Over K in the Decentralize AI Hackathon by HackerNoon, Nosana, Arweave, and MEXC
2026-06-02 12:00:36
HackerNoon, Nosana, Arweave, and MEXC have launched the Decentralize AI Hackathon, a two-round competition focused on decentralized AI infrastructure. Participants can compete for more than ,750 in...
Wardriving assessment across Mexico: Preparing for the 2026 World Cup
2026-06-02 12:00:33
In the lead-up to the 2026 FIFA World Cup, Kaspersky GReAT experts conducted a wardriving assessment in Mexico City, Monterrey, and Guadalajara to evaluate Wi-Fi hotspot security configurations and potential...
Beyond Assume-Breach: How AI-Native Security Will Reshape Enterprise Defense
2026-06-02 12:00:00
Twenty years after Dark Reading launched, we're looking ahead at what's next for enterprise security. Spoiler: It's hyper-segmented, AI-orchestrated, and way more sophisticated than your dad's firewall....
AI-Driven Exploitation is Destroying Vulnerability Management. Here's How to Handle It.
2026-06-02 11:58:00
AI-driven exploitation timelines are rapidly shrinking, and they are not going to stop shrinking. Vulnerabilities are being discovered, reproduced, and weaponized faster than ever in the history of enterprise...
Google fixes one actively exploited Android zero-day, 124 flaws
2026-06-02 11:10:15
Google has released the June 2026 Android security patches to address 124 vulnerabilities, including one zero-day flaw exploited in targeted attacks. [...]
Cyberattaque contre Dashlane : le gestionnaire de mots de passe verrouille temporairement des comptes
2026-06-02 10:35:56
Dashlane a été visé par une cyberattaque par force brute, qui a provoqué une montagne de tentatives de connexion frauduleuses. Dos au mur, la société française a été obligée de verrouiller temporairement...
How Leading Organizations Are Turning EDR Into Operational Resilience
2026-06-02 10:30:00
Most organizations now recognize that endpoint protection alone is no longer sufficient.
That's why adoption of endpoint detection and response (EDR) has accelerated rapidly in recent years. Organizations...
Optic 2000, Auchan Optique, Atol : les lunetiers français ciblés par une cyberattaque sans précédent
2026-06-02 10:07:53
Quatre grandes enseignes d'optique françaises, plus de 6 millions de clients potentiellement exposés, et une faille si simple qu'elle tient en une ligne d'URL. Le secteur de la santé visuelle vient...
Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor
2026-06-02 10:00:31
Operation FlutterBridge is a malvertising campaign targeting macOS users. It distributed the new backdoor FlutterShell, built using the Flutter framework.
The post Operation FlutterBridge: macOS Malvertising...
23andMe exposed genetic information of millions, lawsuit says
2026-06-02 09:53:19
What began with stolen passwords ended with the exposure of nearly seven million users' DNA-related data, according to California's lawsuit.
Concerts de Céline Dion à Paris : alerte sur les cyberattaques sophistiquées
2026-06-02 09:35:50
Alors que l'engouement pour les concerts de Céline Dion à Paris s'installe durablement, il crée un terreau fertile pour des cyberattaques sophistiquées. Ce contexte de forte demande représente...
Cloud et logiciels : ce que les hausses de prix coûtent à l'économie européenne
2026-06-02 09:19:19
Après avoir chiffré la valeur ajoutée échappant à l'Europe du fait des achats de services cloud et logiciels américains, le cabinet Asterès y donne suite sous l'angle des hausses tarifaires.
The...
Google corrige 22 failles critiques dans Chrome 148
2026-06-02 09:18:26
Les versions de Chrome 148.0.7778.216/217 pour Windows, 148.0.7778.2015/216 pour macOS et 148.0.7778.215 pour Linux corrigent plus de 150 failles de sécurité. (...)
USN-8362-1: XZ Utils vulnerability
2026-06-02 09:17:00
It was discovered that XZ Utils did not properly manage memory when
attempting to append data to a decoded index that contained no records.
An attacker could possibly use this issue to cause XZ Utils...
Pakistan-Linked SideCopy Targets Afghanistan Finance Ministry with Xeno RAT
2026-06-02 09:05:40
Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy group targeting Afghanistan's Ministry of Finance with an open-source remote...
Avec le développement IA, les RSSI inquiets de la fuite des secrets
2026-06-02 09:04:06
Lorsque Matt Schlicht a créé Moltbook, un réseau social où des agents IA communiquent entre eux, il n'a pas écrit le (...)
Fake virus alerts are invading mobile games
2026-06-02 09:03:55
"Your device is infected!" Fake account warnings and virus alerts are turning some in-game ads into malware traps.
ENISA NIS360 2026: Progress Across the Board, But the Sectors That Matter Most Are Still Falling Short
2026-06-02 08:19:37
ENISA NIS360 2026 shows cybersecurity improving across EU critical sectors, but health, water, rail, and space remain in the risk zone. ENISA has published its third annual NIS360 report, assessing the...
Scandale de sécurité chez Meta : l'IA permettait de pirater n'importe quel compte Instagram en quelques clics
2026-06-02 08:01:42
Meta AI, le chatbot de Meta, a souffert d'une grave faille de sécurité. En conversant avec l'IA, il était possible de pirater un compte Instagram en quelques clics. En demandant simplement à l'intelligence...
GoDaddy found malware on 1,980 WordPress sites using Steam as C2 infrastructure
2026-06-02 05:38:31
Malware on approximately 2,000 WordPress sites hid C2 instructions in Steam profile comments using invisible Unicode. GoDaddy researchers spotted a command-and-control infrastructure for a malware campaign...
How I was able to Modify Ratings on a Target and Cause Business Impact
2026-06-02 05:08:30
Learn how I found this interesting bugContinue reading on InfoSec Write-ups »
Bug Bounty Bootcamp #41: Remote Command Execution — From Innocent Inputs to Full Server Takeover
2026-06-02 05:07:22
A stock checker that pings an IP. A comment box that echoes your name. These simple features hide a terrifying truth: they might be…Continue reading on InfoSec Write-ups »
The KQL Query That Caught 260 Brute Force Attempts in Microsoft Sentinel
2026-06-02 05:07:10
A real SSH brute force attack, a custom detection rule built from scratch, and the exact query that caught every single attempt before a single successful login.At 05:05 UTC, the first wave started. 48...
Auth Mastery Part 2: Sessions, Cookies, and Staying Authenticated
2026-06-02 05:06:49
Getting in once is easy. Staying in across ten requests is the skill.Series: curl — The Request Engine You Never Learned Properly Article: 6B of 16Article 6A got you authenticated. This article...
AI Threat Modelling: A Practical Walkthrough of the TryHackMe Room
2026-06-02 05:06:36
Link — https://tryhackme.com/room/aithreatmodellingTask 1: IntroductionArtificial Intelligence has rapidly moved from experimental labs into production environments. Today, organizations rely on...
Guided Pentest: Web | TryHackMe Write-up
2026-06-02 05:06:26
Non-members are welcome to access the full story here.Continue reading on InfoSec Write-ups »
Uncovering the Blind Spot: Bypassing a Security Patch (CVE-2026–24884) to Achieve Arbitrary File…
2026-06-02 05:05:56
Uncovering the Blind Spot: Bypassing a Security Patch (CVE-2026–24884) to Achieve Arbitrary File WriteBug hunting is rarely about running an automated scanner and waiting for a critical alert. More...
One Agent, Five Zero-Days: Turning Past CVEs Into SAST Rules
2026-06-02 05:04:34
IntroductionEvery security engineer has seen a bug get reported, patched, written up in a postmortem, and then watched a similar bug show up six months later in a different module of the same product....
Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded
2026-06-02 03:55:25
Password manager Dashlane has disclosed that "fewer than" 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-force attack launched by an unknown party.
On...
Over 80% of Organizations that Miss 24-Hour Patch Window Report Security Incidents Involving Known Vulnerabilities
2026-06-02 00:48:19
Survey of 900+ security leaders shows runtime is the breach battlefield
Even pre-production controls are not stopping known vulnerabilities in the AI age, as 82% of organizations lack real-time visibility...
List of 18 new domains
2026-06-02 00:00:00
.fr 1tortuga[.fr] (registrar: NETIM)
assistance-ameli[.fr] (registrar: Dynadot Inc)
baseusfr[.fr] (registrar: Hosting Concepts B.V. d/b/a Openprovider)
betifycasino-fra[.fr] (registrar: Dynadot Inc)
chu-nimas[.fr]...
Multiples vulnérabilités dans GLPI (02 juin 2026)
02/06/2026
De multiples vulnérabilités ont été découvertes dans GLPI. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à l'intégrité des données, une injection de code indirecte...
Multiples vulnérabilités dans Mozilla Firefox (02 juin 2026)
02/06/2026
De multiples vulnérabilités ont été découvertes dans Mozilla Firefox. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance.
Vulnérabilité dans les produits Ivanti (02 juin 2026)
02/06/2026
Une vulnérabilité a été découverte dans les produits Ivanti. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
Vulnérabilité dans Apache Kafka (02 juin 2026)
02/06/2026
Une vulnérabilité a été découverte dans Apache Kafka. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données et un contournement de la politique de sécurité.
Multiples vulnérabilités dans Google Android (02 juin 2026)
02/06/2026
De multiples vulnérabilités ont été découvertes dans Google Android. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation...
Multiples vulnérabilités dans Microsoft Edge (02 juin 2026)
02/06/2026
De multiples vulnérabilités ont été découvertes dans Microsoft Edge. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Multiples vulnérabilités dans les produits Microsoft (02 juin 2026)
02/06/2026
De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un problème de sécurité...