Toute l'actualité de la Cybersécurité
Google Cloud Summit : Extension de S3ns en Allemagne et agents IA au menu
2026-06-04 17:50:10
Plus de 3 500 clients et partenaires de Google Cloud se sont donné rendez-vous ce 4 juin à Paris à l’occasion de l’édition (...)
La puce RTX Spark sur Arm redessine le marché des PC IA
2026-06-04 16:57:45
La présentation lors du salon Computex de la puce RTX Spark de Nvidia a fait sensation aussi bien sur les performances que sur l’impact d’un (...)
UN food agency discloses breach affecting 600,000 Gaza households
2026-06-04 16:38:49
The United Nations' World Food Programme (WFP), the world's largest humanitarian organization, revealed over the weekend that its self-registration application (SRA) for Palestine was breached. [...]
Cybercriminals Shift From Fake Login Pages to Infostealer Malware in Phishing Attacks
2026-06-04 15:44:34
Phishing attacks have always been one of the most common ways cybercriminals steal personal and business data. But something has quietly changed about how these attacks work. Instead of tricking people...
New Shai-Hulud Miasma Wave Hits Hundreds of npm Packages
2026-06-04 15:35:39
TL;DR
Sonatype Security Research is tracking a new Shai-Hulud Miasma wave with 281 malicious npm package versions that move beyond obvious preinstall and postinstall scripts in package.json....
New IronWorm malware hits 36 packages in npm supply-chain attack
2026-06-04 15:25:37
A new supply-chain attack has infected 36 packages on the Node Package Manager (npm) index with infostealer malware called IronWorm. [...]
Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
2026-06-04 15:15:26
A security researcher found a flaw in Anthropic's Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it, with nothing more than a single opened GitHub issue....
Proofpoint Warns TA4922 Deploys Atlas RAT, RomulusLoader, SilentRunLoader, and ValleyRAT
2026-06-04 15:09:02
A sophisticated cybercrime group known as TA4922 is raising alarms across the global security community. The group has been deploying a growing arsenal of malware, including Atlas RAT, RomulusLoader,...
Why eSIMs Are Replacing Traditional SIM Cards
2026-06-04 15:04:33
From SIM swap protection to remote provisioning, eSIMs are quickly replacing physical SIM cards. Here's why the shift matters for security and convenience.
Une vague de cyberattaques déferle sur les réservoirs de carburant
2026-06-04 15:00:05
Plusieurs agences fédérales américaines, dont le FBI et la NSA, alertent sur une multiplication des cyberattaques ciblant les systèmes de jaugeage automatique des réservoirs de carburant. Ces attaques...
How I Built Guardrails That Stopped My AI Agent From Going Rogue
2026-06-04 14:59:59
My agent leaked a customer's email address to another customer on day three. This was not a hypothetical scenario from a conference talk. It was my code, running in production, doing something I never...
Avec Horizon Context, Snowflake renforce la logique métier des agents IA
2026-06-04 14:27:58
Un défi de plus en plus évident attend les entreprises qui passent de l'expérimentation des agents IA aux déploiements en production (...)
86% Retention, M in 8 Weeks: Pred Just Opened Its Sports Exchange for the World Cup
2026-06-04 14:25:13
{
"@context": "https://schema.org",
"@type": "FAQPage",
"mainEntity": [
{
"@type": "Question",
"name": "What is Pred?",
"acceptedAnswer": {
"@type": "Answer",
...
Hackers Are After the Gaps in Your Vulnerability Program: Here's Their Playbook
2026-06-04 14:01:11
Threat actors are actively teaching newcomers how to find, exploit, and profit from vulnerable systems. Flare explores what a popular underground hacking tutorial reveals about modern attacker workflows....
The TechBeat: AI Is Writing More Code Than Ever. So, why is Software Quality Getting Worse? (6/4/2026)
2026-06-04 14:00:51
How are you, hacker?
🪐Want to know what's trending right now?:
The Techbeat by HackerNoon has got you covered with fresh content from our trending stories of the day! Set email preference here.
...
ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories
2026-06-04 14:00:49
It got stupid again.
The internet still feels held together with tape. Bad plugins, old bugs, fake tools, trusted apps doing shady things. Same mess, new wrapper. And now the weird stuff is normal. Forums...
125 Blog Posts To Learn About Jobs
2026-06-04 14:00:24
Let's learn about Jobs via these 125 free blog posts. They are ordered by HackerNoon reader engagement data. Visit the Learn Repo or LearnRepo.com to find the most read blog posts about any technology.
Jobs...
How the “Swiss Cheese” model can help you choose the right MDR provider
2026-06-04 13:53:41
Not all managed detection and response (MDR) solutions are equal. Finding the differences between vendors can be quite hard, and then understanding how those differences impact your business can be even...
Weaponized ChatGPT Download Site Delivers Malware Via Sponsored Search Results
2026-06-04 13:46:12
A new malvertising campaign is exploiting ChatGPT’s popularity by promoting a weaponized fake download site via sponsored search results, delivering malware to both Windows and macOS users. Security...
Microsoft blames unexpected Windows driver updates on caching issue
2026-06-04 13:41:42
On Wednesday, Microsoft fixed an issue that caused some Windows devices to install driver updates without notice despite policies configured to prevent auto-updates. [...]
Des sites Web peuvent tomber en 10 secondes : la nouvelle technique qui contourne les défenses et affole les experts
2026-06-04 13:38:30
Au lieu d'une armée massive de botnets, un seul ordinateur peut faire planter un site web ou un service, en menant à lui seul un nouveau type d'attaque DDoS. L'ensemble des principaux serveurs...
Critical Cisco Unified CM Bug Patched as Public Exploit Code Emerges
2026-06-04 13:10:12
Cisco patched a critical Unified CM flaw with public PoC code that allows unauthenticated attackers to launch SSRF attacks remotely. Cisco has addressed a high-severity vulnerability, tracked as CVE-2026-20230,...
Kali365 PhaaS Operation Expands Beyond Microsoft 365 to Target Okta and MAX Messenger
2026-06-04 13:01:57
A new and fast-growing phishing operation is making waves in the cybersecurity world, and it is moving far beyond its original targets. Kali365, a phishing-as-a-service (PhaaS) platform first spotted...
Payouts King Ransomware Evades EDR With Obfuscation and Direct System Calls
2026-06-04 12:51:47
A new ransomware group known as Payouts King has quietly been building a reputation since it first appeared in April 2025. While it spent most of last year flying under the radar, early 2026 brought a...
Scam Compound Trafficking Victim To Cybercrime Whistleblower: Mohammad Muzahir's Story
2026-06-04 12:43:20
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Jun. 4, 2026 – Listen to the podcast Popular radio host Kim Komando tells Mohammad Muzahir’s Story on the Komando.com...
Lazarus Group Uses npm Brandjacking Campaign to Target Developers
2026-06-04 12:35:11
North Korean Lazarus Group targets npm developers with brandjacking packages that mimic trusted tools, drop malware and put credentials at risk.
Police dismantles fake ID marketplace used by migrant smugglers
2026-06-04 12:29:12
French and Spanish authorities took down an online marketplace selling fake identity documents to migrant smuggling rings operating within the European Union. [...]
Bitnob Launches Enterprise: Non-Custodial Infrastructure for Institutions
2026-06-04 12:27:05
Bitnob Enterprise lets banks, fintechs, and treasury teams build digital asset products while retaining control of custody and governance.
China-Linked TA4922 Expands Phishing Attacks to UK, Germany, Italy, and South Africa
2026-06-04 12:22:25
A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U.K., Germany, Italy, and South Africa.
These efforts have been complemented...
Une faille dans Poly VoIP de HP facilite les deepfakes vocaux
2026-06-04 12:07:32
HP a publié des correctifs pour une faille critique de type « débordement de mémoire tampon » affectant plusieurs téléphones (...)
Hackers Actively Exploiting WordPress Plugin Vulnerability to Inject Malicious PHP Code
2026-06-04 12:01:36
Hackers are actively exploiting a critical remote code execution (RCE) vulnerability in the Everest Forms Pro WordPress plugin, allowing unauthenticated attackers to inject and execute arbitrary PHP code...
Software supply chain attacks: check your dependencies
2026-06-04 12:00:00
Attackers are compromising open-source packages to spread malware. Cyber defenders are asked to review dependencies to reduce risks
Teams and Google Drive Leveraged to Compromise Systems Within 20 Minutes
2026-06-04 11:55:45
Hackers are increasingly abusing trusted enterprise platforms such as Microsoft Teams and Google Drive to deploy stealthy remote access malware, with a newly observed campaign leveraging social engineering...
Avec Majorana 2, Microsoft crédibilise son pari quantique
2026-06-04 11:48:05
Microsoft présente sa puce Majorana 2 comme une nouvelle étape importante de sa stratégie quantique, avec une nette amélioration de la stabilité des qubits topologiques.
The post Avec Majorana 2,...
Travel scams are everywhere. Here’s how to avoid them
2026-06-04 11:28:12
Learn how to spot travel scams, avoid risky bookings, and keep your personal information out of the wrong hands.
FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
2026-06-04 11:19:53
Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new backdoor called FlutterShell.
According to Palo Alto Networks Unit 42,...
Why Non-Human Identities Have Become a Critical Security Challenge
2026-06-04 11:17:57
This article argues that non-human identities—including service accounts, API keys, automated workloads, and AI agents—have become one of the fastest-growing security risks in modern infrastructure....
Meet the Writer: Hacker Noon's Contributor Disha Patel, Software Engineer & ML Researcher
2026-06-04 11:15:25
Apple engineer and ML researcher Disha Patel shares her journey from teaching iOS to building on-device AI systems 🚀
Cisco warns of critical Unified CM flaw with PoC exploit code
2026-06-04 11:09:50
Cisco has released security updates to patch a critical-severity Unified Communications Manager (Unified CM) flaw that allows attackers to gain root privileges. [...]
How to Achieve Your Goals Without Burning Out
2026-06-04 11:06:47
Drawing from personal experience and psychological research, this article explores how ambitious people can pursue meaningful goals without falling into burnout. The author examines goal-setting principles,...
Faux papiers : une boutique criminelle en ligne a été saisie par la police
2026-06-04 11:01:07
La France et l'Espagne ont démantelé une boutique en ligne spécialisée dans la vente de faux passeports, cartes d'identité et titres de séjour. Une opération conjointe à Alicante a abouti à l'arrestation...
Five Eyes Warns Chinese Spies Are Using Fake Job Ads to Target Military Staff
2026-06-04 10:53:45
Five Eyes warns that Chinese spies are using fake job ads on LinkedIn, Indeed, and Upwork to target military staff and steal sensitive data.
Gamaredon Uses WinRAR Vulnerability to Launch Modular Spy Campaign on Ukrainian Targets
2026-06-04 10:53:09
Gamaredon exploits a WinRAR flaw to drop modular, nearly fileless malware on Ukrainian targets, hiding payloads in Windows streams and resolving C2s via Telegram. Sekoia’s Threat Detection &...
IA en entreprise : pourquoi les RSSI ne peuvent plus porter seuls le risque
2026-06-04 10:46:10
{ Tribune Expert } - La gouvernance de l'IA concerne autant les directions métiers que les fonctions juridiques, les ressources humaines, la conformité, la DSI ou encore les instances dirigeantes.
The...
Comodo Internet Security 0-Day Vulnerability Lets Attacker Crash the User's Windows System
2026-06-04 10:30:21
An unpatched zero-day vulnerability in Comodo Internet Security’s firewall driver, Inspect.sys, after receiving no response from the vendor following multiple disclosure attempts. The vulnerability,...
Arnaques en ligne : Meta, Microsoft et Starlink ont court-circuité des millions d'escroqueries venues d'Asie
2026-06-04 10:01:22
Une coalition inédite regroupant des géants comme Meta, Microsoft, Coinbase, Starlink et les forces de l'ordre de cinq pays différents a frappé fort contre les réseaux d'arnaque d'Asie du Sud-Est....
Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS
2026-06-04 09:51:28
Cybersecurity researchers have flagged a large-scale operation that impersonates open-source and freeware projects to funnel unsuspecting users through a Traffic Distribution System (TDS) and deliver...
Frontline Workers Twice as Likely to Use Unapproved AI
2026-06-04 09:44:59
New research by Mitel has revealed a widening gap between AI adoption and enablement, with limited support and low confidence contributing to the rise of Shadow AI and unapproved AI usage. The State of...
Souveraineté technologique : l'Europe joue son va-tout
2026-06-04 09:39:38
La Commission européenne a dévoilé son très attendu « paquet souveraineté technologique ». Chips, cloud, IA, open source... Bruxelles joue son va-tout pour desserrer l'étau technologique américain....
Hackers Spied on a Stock Exchange Executive's Outlook Mailbox for Five Months
2026-06-04 09:33:57
Unknown attackers spent at least five months inside the Outlook mailbox of a senior executive at a major global stock exchange, copying the inbox out in small, repeated batches and routing it through...
Cisco Unified Communications Manager Vulnerability Exposed Along With PoC Exploit Code
2026-06-04 09:16:19
Cisco has disclosed a critical server-side request forgery (SSRF) vulnerability in its Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (SME). Tracked as CVE-2026-20230,...
Researcher Drops a New VS Code Zero-Day After Losing Trust in Microsoft's Disclosure Process
2026-06-04 09:13:29
A researcher publicly released a VS Code exploit within hours, citing past disputes with Microsoft over bug handling. The security researcher Ammar Askar found a new serious zero-day in Visual Studio...
Meta’s AI support bot happily handed Instagram accounts to hackers
2026-06-04 09:09:09
Hackers convinced an AI support bot to hand over Instagram accounts by changing recovery email addresses.
CISA Warns of Android Framework Integer Overflow Vulnerability Exploited in Attacks
2026-06-04 09:07:01
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a newly identified Android Framework vulnerability, tracked as CVE-2025-48595, to its Known Exploited Vulnerabilities (KEV) catalog,...
Lovell Consulting passe dans le giron de Squad
2026-06-04 08:51:02
Après deux acquisitions ciblées réalisées en 2024 dans la cybersécurité - celles de Newlode (intégration (...)
“Bug Bounty Bootcamp #43: Login Page?
2026-06-04 08:17:41
Let’s be real — you’ve hit that login wall more times than you’ve hit “snooze” on a Monday morning.Continue reading on InfoSec Write-ups »
I Bought a ₹1,599 Government Book for ₹1. The Server Approved It.
2026-06-04 08:17:26
The payment page showed ₹1.00. I had not touched the price field. I had only touched one number in one request.I was not looking for a vulnerability that day.I was clicking around a government website — an...
I Typed 000000 and the App Thought MFA Was Already On
2026-06-04 08:17:08
I never scanned the QR code. One intercepted response was enough.Six digits. All zeros.I type them into the MFA setup field and click Continue.I haven't opened an authenticator app. I haven't scanned...
Setting Up n8n Locally on Kali Linux Using Docker
2026-06-04 08:16:58
Continue reading on InfoSec Write-ups »
API Penetration Testing Checklist: How Real-World Attacks Break APIs Before Scanners Do
2026-06-04 08:16:42
How Real-World Attacks Break APIs Before Scanners DoAPIs are the backbone of modern applications: powering mobile banking, e-commerce, healthcare systems, AI integrations, and microservices.Today, APIs...
Des comptes Instagram se font encore pirater, Meta AI est-il toujours vulnérable ?
2026-06-04 08:16:36
Des comptes Instagram continuent de se faire pirater. Bien que Meta affirme que la faille de Meta AI a été colmatée, de nombreux comptes sont tombés entre les mains des cybercriminels. Tout porte...
I Finished My Thesis Defense — A Journey to Mobile Forensic
2026-06-04 08:16:28
I Finished My Thesis Defense — A Journey to Mobile ForensicThomas Shelby and May CarletonIf there is an award for making things complicated, I'd probably be the winner. The ultimate rule to...
“Bug Bounty Bootcamp #42: JWT Attacks — How a Stolen Token or a Weak Secret Can Grant You Admin…
2026-06-04 08:16:17
JSON Web Tokens are everywhere — in cookies, Authorization headers, and API calls.Continue reading on InfoSec Write-ups »
The Ultimate Guide to Stay Hidden Online: TOR and Proxy Chaining
2026-06-04 08:16:06
The Tale of Three Brothers (Harry Potter and The Deathly Hallows)Hi, it's me again. I've been superbly busy with college since this is my final year as a university student. I need to pass two more...
Frontend Security & Bug Hunting: The .env File Crisis and Real-World Exploitation
2026-06-04 08:15:57
The .env file is simultaneously one of the most convenient and most dangerous patterns in modern web development. The data is clear: over 12 million exposed files, 28 million credentials leaked on GitHub...
5 Windows Event IDs Every SOC Analyst Should Know (With Real Lab Evidence)
2026-06-04 08:15:45
These aren't just numbers from a study guide — they're the fingerprints attackers leave behind. Here's what each one looks like inside a real SIEM.By Ronak Mishra · Security+ Certified ·...
How Agoda Scaled Its Feature Store 50X with ScyllaDB
2026-06-04 08:00:24
After Agoda's feature store traffic surged 50x, the engineering team faced severe latency spikes and cache stampedes threatening production stability. By benchmarking ScyllaDB under cold-cache conditions,...
Crypto Meets Wall Street: MEXC Unveils 'RealStocks' Eith 0-fee U.S. Equity Trading And Real Dividend
2026-06-04 07:43:25
Mutsamudu, Comoros, June 4, 2026 – MEXC, a leading 0-fee cross-asset trading platform, today announced the official launch of 'RealStocks.' This innovative equity product is now accessible to eligible...
Recherche Proofpoint : un groupe cybercriminel chinois étend sa portée mondiale avec un nouvel arsenal de malwares
2026-06-04 07:32:08
Les chercheurs de Proofpoint dévoilent aujourd'hui une nouvelle étude mettant en lumière un acteur cybercriminel en rapide évolution, soupçonné d'être aligné sur la Chine et identifié sous...
29 Arrests, Nine Crime Groups Dismantled: Another Blow to Illegal Streaming
2026-06-04 07:08:33
International Operation KRATOS led by Europol dismantled illegal streaming networks, leading to 29 arrests and nine crime groups taken down. An international law enforcement operation, codenamed Operation...
Spoofing bancaire : comment les victimes obtiennent le remboursement en justice
2026-06-04 07:02:53
Le spoofing téléphonique est devenu la technique de fraude bancaire la plus redoutable en France. Le fraudeur usurpe le numéro du service client de la banque, appelle la victime, se présente comme...
How We Built Real-Time Usage Metering That Doesn't Lie to Your CFO
2026-06-04 07:02:50
Most AI billing systems settle usage at month-end, creating a dangerous gap between when costs occur and when revenue is recognized. As AI workloads become more variable and expensive, companies lose...
DoJ Disrupts Southeast Asia Crypto Fraud Networks, Freezes .8 Million in Assets
2026-06-04 06:06:25
The U.S. Department of Justice (DoJ) on Wednesday announced the results of a sweeping action undertaken by government authorities and private sector companies to combat cyber-enabled and cryptocurrency...
Un malware piège les joueurs de Minecraft sur YouTube
2026-06-04 05:08:14
Plus de 116 000 machines piégées, des mots de passe et des portefeuilles crypto siphonnés, et une arme distribuée gratuitement à qui la réclame. Le tout caché dans de faux mods pour le jeu le plus...
Gen AI Didn't Fix Enterprise Software's Biggest Bottleneck
2026-06-04 05:02:43
We optimised for code generation speed while the real bottleneck — cognitive overhead and knowing where to make changes — stayed completely untouched.
Pakistan Spies on Afghan Finance Ministry With Xeno RAT
2026-06-04 04:01:00
Despite broadly connected digital infrastructure, standard fare TTPs are enough to cause trouble for Afghanistan's porous cybersecurity.
List of 79 new domains
2026-06-04 00:00:00
.fr 1win-1[.fr] (registrar: Hosting Concepts B.V. d/b/a Openprovider)
ac-greenoblle[.fr] (registrar: Hostinger operations UAB)
allianzclient[.fr] (registrar: Hostinger operations UAB)
allyspinfrance[.fr]...
Multiples vulnérabilités dans les produits NetApp (04 juin 2026)
04/06/2026
De multiples vulnérabilités ont été découvertes dans les produits NetApp. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité.
Multiples vulnérabilités dans Synology Chat Server pour DSM (04 juin 2026)
04/06/2026
De multiples vulnérabilités ont été découvertes dans Synology Chat Server pour DSM. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à...
Multiples vulnérabilités dans FreeRadius (04 juin 2026)
04/06/2026
De multiples vulnérabilités ont été découvertes dans FreeRadius. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité...
Vulnérabilité dans les produits Cisco (04 juin 2026)
04/06/2026
Une vulnérabilité a été découverte dans les produits Cisco. Elle permet à un attaquant de provoquer une falsification de requêtes côté serveur (SSRF).