Toute l'actualité de la Cybersécurité
Google accidentally exposed details of unfixed Chromium flaw
2026-05-21 18:13:50
Google has accidentally leaked details about an unfixed issue in Chromium that keeps JavaScript running in the background even when the browser is closed, allowing remote code execution on the device....
Indian Student Data Weaponized for Phishing, Social Engineering, and Financial Fraud
2026-05-21 18:03:21
India’s education sector is now at the center of a growing cybercrime storm. Millions of students across the country are being targeted by threat actors who have turned personal academic data into...
Global law enforcement operation takes First VPN offline
2026-05-21 17:57:24
Police seized First VPN in a global crackdown, exposed its cybercrime users, and shut down infrastructure tied to ransomware and data theft. A major international law enforcement operation has taken First...
Microsoft Defender vulnerabilities are being exploited in the wild
2026-05-21 17:36:52
CISA added seven known exploited vulnerabilities to its KEV catalog, including two Microsoft Defender flaws.
Selector muscle la visibilité réseau du multicloud de NetOps
2026-05-21 17:26:06
Les entreprises ne se contentent pas de migrer leurs applications vers le cloud. Elles y transfèrent le réseau lui-même. De plus en (...)
Apple Blocks Over 2 Million Apps in 2025 Fraud Crackdown
2026-05-21 17:21:55
Apple 2025 fraud report shows major App Store protections: over 2M apps rejected, 1B fake accounts blocked, and billions in fraud prevented. Apple ‘s annual fraud prevention report for 2025 paints...
Critical Chrome Vulnerabilities Enable Remote Code Execution Attacks – Patch Now!
2026-05-21 17:16:45
Google has released an urgent security update for Chrome, addressing 16 vulnerabilities including two rated Critical that could allow attackers to execute arbitrary code on affected systems. The Stable...
Authorities Have Taken Down “First VPN” Used in Ransomware Attacks
2026-05-21 16:56:34
In a major international law enforcement success, authorities from seven countries dismantled First VPN, a criminal virtual private network linked to global cybercrime, during a coordinated operation...
Les modèles de fondation tabulaires émergent en alternative au ML
2026-05-21 16:52:36
H2O.ai a repris et amélioré l'architecture de TabICL pour développer son propre modèle de fondation tabulaire.
The post Les modèles de fondation tabulaires émergent en alternative au ML appeared...
Mini Shai-Hulud Compromises @antv npm Packages to Steal CI/CD Credentials
2026-05-21 16:49:54
A new and sophisticated supply chain attack has been uncovered, targeting one of the most trusted corners of the open-source software world. Dubbed “Mini Shai-Hulud,” this campaign went after...
Proofpoint Integrates with the Claude Compliance API to Extend Data Security and Governance to Claude
2026-05-21 16:34:27
Un modèle IA malveillant piége les utilisateurs sur Hugging Face
2026-05-21 16:33:53
Baptisé Open-OSS/privacy-filter, un dépôt malveillant sur Hugging Face s’est fait passer pour une publication officielle d’OpenAI (...)
Pas de correctif pour la faille zero day YellowKey contournant BitLocker
2026-05-21 16:29:19
Microsoft envisagerait de publier un correctif pour la faille zero day baptisée YellowKey. La faille, référencée en tant que (...)
L'illusion du contrôle : les entreprises européennes exposent les communications qu'elles pensent protéger
2026-05-21 16:15:54
Une nouvelle étude de Retarus révèle un écart entre la souveraineté perçue et la souveraineté réelle des communications par e-mail. 8 organisations réglementées sur 10 estiment maîtriser leurs...
Étude WatchGuard : face à la montée des cybermenaces, les PME et ETI font des MSP leurs alliés stratégiques
2026-05-21 16:04:57
WatchGuard dévoile les résultats d'une étude internationale : face à la montée des cybermenaces, les PME et ETI font des MSP leurs alliés stratégiques. Avec 65 % des entreprises françaises...
Deleted Google API Keys Remain Active up to 23 Minutes, Study Finds
2026-05-21 16:03:12
Deleted Google API Keys remain active for up to 23 minutes after deletion, exposing GCP, Gemini, BigQuery, and Maps data to attackers.
What's new in Microsoft Security: May 2026
2026-05-21 16:00:00
Microsoft Security's latest updates extend visibility, control, and protection across expanding ecosystems as organizations accelerate AI adoption.
The post What's new in Microsoft Security: May 2026...
Is Your Project Product-Ready? A 3-Step Checklist to Find Out
2026-05-21 15:59:27
Most startups don't fail because the product is bad — they fail because they skipped the readiness check. Here's what that check looks like in 3 steps.
L'intimité mentale menacée par les progrès de l'IA cognitive : Kaspersky souligne quatre risques émergents
2026-05-21 15:58:06
L’intelligence artificielle est de plus en plus développée pour analyser les signaux neuronaux, modéliser les comportements et anticiper les schémas de prise de décision. Cela marque un changement...
EU AI Act et risques de sécurité
2026-05-21 15:55:42
Voici une tribune de Tim Pfaelzer, General Manager & Senior Vice President, EMEA chez Veeam, sur la récente actualité liée à la directive NIS2 : en effet, la transposition de NIS2 dans le droit...
AI Agents Are Shifting Identity Security Budget Dynamics
2026-05-21 15:43:37
AI agent projects are proliferating throughout the enterprise, and those AI agent identities require management, security, and governance. New Omdia research shows the AI agent identity budget dynamics...
MCP and A2A Don't Solve the Biggest Problem with Multi-Agent Systems
2026-05-21 15:36:37
This article argues that while protocols like MCP and A2A standardize tool access and agent coordination, they leave a major gap unresolved: networking between agents in real production environments....
The npm Threat Landscape: Attack Surface and Mitigations (Updated May 21)
2026-05-21 15:30:33
Unit 42 analyzes npm supply chain evolution post-Shai Hulud. Discover wormable malware, CI/CD persistence, multi-stage attacks and more.
The post The npm Threat Landscape: Attack Surface and Mitigations...
Windows Privilege Escalation: Bypass UAC
2026-05-21 15:12:27
Overview This article delivers a complete, hands-on walkthrough of User Account Control (UAC) bypass techniques against a default-configured Windows 10 host. The walkthrough begins with
The post Windows...
Apple blocked over billion in App Store fraud in 6 years
2026-05-21 15:11:08
Apple revealed that it blocked over billion in fraudulent App Store transactions over the last six years, more than .2 billion in potentially fraudulent App Store transactions in 2025 alone. [...]...
Nvidia, architecte et financier de l'écosystème IA
2026-05-21 14:52:20
En l'espace de seize mois, Nvidia s'est transformé en l'un des investisseurs les plus actifs et les plus stratégiques du secteur de l'IA.
The post Nvidia, architecte et financier de l’écosystème...
Telegram, l'identifiant qui inquiète
2026-05-21 14:34:27
Telegram : un audit confirme un risque de suivi passif via une clé d'authentification, malgré les démentis de l'entreprise.
Le VPN préféré des cybercriminels a été démantelé, et tous ses utilisateurs « identifiés »
2026-05-21 14:30:44
Une vaste opération de police, menée par la France et les Pays-Bas, vient d'aboutir à la fermeture forcée de First VPN, un service massivement utilisé par les cybercriminels. Les serveurs du VPN...
Attackers are bypassing MFA on SonicWall VPNs because something was wrong with previous fix
2026-05-21 14:29:21
Attackers bypassed MFA on patched SonicWall Gen6 VPNs because admins missed extra manual steps required to fully fix the flaw. There is a particular kind of security failure that is harder to catch than...
L'IA creuse le déficit de compétences en cybersécurité
2026-05-21 14:27:42
Face au développement de l’IA, un déficit supplémentaire de compétences en cybersécurité est en train d’émerger. (...)
Showboat Linux Malware Hits Middle East Telecom with SOCKS5 Proxy Backdoor
2026-05-21 14:17:09
Cybersecurity researchers have disclosed details of a new Linux malware dubbed Showboat that has been put to use in a campaign targeting a telecommunications provider in the Middle East since at least...
The TechBeat: Reinforcement Learning Breakthrough: AI Designs Faster Ways to Multiply Matrices (5/21/2026)
2026-05-21 14:01:12
How are you, hacker?
🪐Want to know what's trending right now?:
The Techbeat by HackerNoon has got you covered with fresh content from our trending stories of the day! Set email preference here.
...
53 Blog Posts To Learn About Chrome
2026-05-21 14:00:44
Let's learn about Chrome via these 53 free blog posts. They are ordered by HackerNoon reader engagement data. Visit the Learn Repo or LearnRepo.com to find the most read blog posts about any technology.
Chrome...
Inside a Crypto Drainer: How to Spot it Before it Empties Your Wallet
2026-05-21 14:00:10
Modern crypto drainers don't hack wallets. They trick users into approving malicious transactions. Flare explores how the Lucifer DaaS platform scales wallet theft through phishing and automation. [...]...
Chinese hackers target telcos with new Linux, Windows malware
2026-05-21 14:00:00
A Chinese cyber-espionage campaign has been targeting telecommunications providers with newly discovered Linux and Windows malware dubbed Showboat and JFMBackdoor, respectively. [...]
Chinese APTs Share Linux Backdoor in Central Asia Telco Attacks
2026-05-21 14:00:00
"Showboat" doesn't show off, but clearly it doesn't need to, as it's long helped China spy on small market communications providers.
Undefined Behavior: Ghosts in the Fog, or Boundaries of a Model?
2026-05-21 13:59:59
Undefined Behavior isn't compiler magic or a flaw in the standard. It's what happens when your program steps outside its computational model. The compiler trusts you to stay inside it. When you don't...
Max severity Cisco Secure Workload flaw gives Site Admin privileges
2026-05-21 13:58:33
Cisco has released security updates to address a maximum-severity vulnerability in Secure Workload that allows attackers to gain Site Admin privileges. [...]
Grok ne séduit pas les agences fédérales : un risque pour SpaceX ?
2026-05-21 13:55:33
Derrière la valorisation à 1750 milliards $ de SpaceX se cache une hypothèse : que Grok séduise les grandes organisations. Les données des agences fédérales américaines donnent une tout autre...
AppSec Tools Explained: SAST vs SCA vs DAST | Sonatype
2026-05-21 13:53:45
Application security (AppSec) tools are essential for identifying and fixing vulnerabilities throughout the software development lifecycle. As modern applications increasingly rely on open source...
Ce plugin WordPress vole les cartes bancaires sur des milliers de boutiques en ligne
2026-05-21 13:38:33
Une faille critique dans un plugin WordPress installé sur plus de 40 000 boutiques permet à des attaquants d'intercepter les numéros de carte bancaire saisis par les acheteurs au moment du paiement....
Cisco fixed maximum severity flaw CVE-2026-20223 in Secure Workload
2026-05-21 13:22:17
Cisco fixed a critical Secure Workload flaw (CVE-2026-20223) that could let attackers gain Site Admin privileges through crafted API requests. Cisco released patches for a critical vulnerability, tracked...
McDonald's France face au risque fidélité à la suite d'une fuite de données
2026-05-21 13:21:56
McDonald's France touché par des fraudes McDo+ : les cartes fidélité deviennent une cible cyber rentable à la suite d'une fuite de données.
USN-8291-1: Linux kernel (Intel IoTG Real-time) vulnerabilities
2026-05-21 13:09:58
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- SMB network file...
Police seize “First VPN” service used in ransomware, data theft attacks
2026-05-21 13:09:51
A virtual private network service called 'First VPN,' used in ransomware and data theft attacks, has been taken offline in a joint international law enforcement operation. [...]
Content Delivery Exploit Opens Websites to Brand Hijacking
2026-05-21 13:05:00
The Underminr domain-fronting attack allows threat actors to modify Web requests and leverage trusted websites to cloak malicious activity.
Q1 2026 Threat Landscape Report: Zero-clicks, geopolitical tensions, and some wins for law enforcement
2026-05-21 13:00:00
The first quarter of 2026 reinforced that attackers are moving faster, operating with greater coordination, and exploiting weaknesses before most organizations can respond effectively. From escalating...
Flipper Unveils New Flipper One Modular Linux Cyberdeck
2026-05-21 12:55:21
Flipper Devices has unveiled Flipper One, a modular Linux cyberdeck aimed at becoming a fully open, mainline-first ARM platform for hackers, researchers, and makers The company says the new device is...
Europol Seizes First VPN Used by Ransomware Gangs, Arrests Administrator
2026-05-21 12:52:09
Europol has seized First VPN, a service used by ransomware gangs, arrested its administrator and gained access to data linked to thousands of users.
P2PInfect Botnet Compromises Kubernetes Clusters Through Exposed Redis Instances
2026-05-21 12:27:42
A well-known botnet is now targeting cloud environments in a more calculated way than before. P2PInfect, a Rust-written peer-to-peer malware active since mid-2023, has been observed compromising Kubernetes...
Les exigences matérielles de VCF 9.1 interpellent
2026-05-21 12:24:07
VMware fait évoluer le back-end de gestion d'une manière potentiellement préjudiciable aux labs VCF sur fond de « RAMpocalypse ».
The post Les exigences matérielles de VCF 9.1 interpellent appeared...
Cyberattaque contre GitHub : des milliers de données privées ont été compromises
2026-05-21 12:03:49
GitHub a été la cible d'une cyberattaque sophistiquée menée par le gang TeamPCP. En glissant une extension corrompue dans la boutique officielle de Visual Studio Code pendant seulement 18 minutes,...
Riverbed étend les capacités IA d'Aternity Experience
2026-05-21 12:01:27
Présentées cette semaine, les dernières capacités IA de la plateforme Aternity Experience de Riverbed (rachetée en 2016) (...)
Proton Launches Credential Tokens to Tackle AI Agent Security Gap
2026-05-21 11:58:01
A growing tension sits at the heart of enterprise AI deployments: organisations want agents to act autonomously, yet handing over passwords and API keys to automated systems represents a significant and...
ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories
2026-05-21 11:52:14
This week starts small.
A token leaks. A bad package slips in. A login trick works. An old tool shows up again. At first, it feels like the usual mess. Then you see the pattern: attackers are not always...
Android Malware Spotted Subscribing Victims to Paid Services Without Consent
2026-05-21 11:41:11
Cybersecurity researchers expose a 10-month global Android malware campaign using fake apps to secretly charge users through premium SMS bills.
First VPN, le bouclier cybercriminel tombe
2026-05-21 11:30:35
First VPN démantelé : 33 serveurs saisis, plus de 5000 comptes liés à des enquêtes cyber. L'admin gardait les infos des clients !
Une faille critique empoisonne les administrateurs Drupal
2026-05-21 11:28:45
Les administrateurs de la plateforme de gestion de contenu open source Drupal s'empressent d'installer un correctif d'urgence publié afin de (...)
Publicités trompeuses : Que Choisir attaque Meta, TikTok et Google devant l'Arcom
2026-05-21 11:12:03
Malgré le DSA, Meta, TikTok et Google continuent de diffuser massivement des publicités porteuses d'arnaques financières. Trente associations de consommateurs européennes passent à l'action.
The...
Industry Reacts to Verizon DBIR 2026 as Vulnerability Exploitation Takes Top Spot
2026-05-21 11:08:54
The 2026 Verizon Data Breach Investigations Report (DBIR) has sparked widespread industry reaction, with security leaders warning that AI-enabled attacks, vulnerability exploitation, and third-party risk...
TikTok, YouTube, and Roblox face scrutiny, but age gates won't fix child safety
2026-05-21 11:08:37
Ofcom says TikTok and YouTube are "not safe enough" for children, but simply adding stricter age checks is not the answer.
Flipper One project needs community help to build open Linux platform
2026-05-21 11:00:00
Flipper Devices, the maker of the Flipper Zero pentesting tool, is asking the community to help build Flipper One, an open Linux platform for connected devices. [...]
Microsoft Warns of Two Actively Exploited Defender Vulnerabilities
2026-05-21 10:55:57
Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation in the wild.
The former, tracked as CVE-2026-41091, is rated 7.8 on the...
The Greenfield of Agentic Payments. Cross-Network Settlement is Still Up for Grabs.
2026-05-21 10:30:32
Consensus Miami 2026 made one thing clear: AI agents are about to drive up to T in commerce by 2030, and the race to power agentic payments is on. x402, Google's AP2, Stripe's MPP, Visa Intelligent...
When Identity is the Attack Path
2026-05-21 10:30:00
Consider a cached access key on a single Windows machine. It got there the way most cached credentials do - a user logged in, and the key stored itself automatically. Standard AWS behavior. No one misconfigured...
GitHub Internal Repositories Breached Via Weaponized VS Code Extension
2026-05-21 10:27:02
GitHub confirmed a significant security breach on May 18, 2026, after attackers leveraged a weaponized Visual Studio Code extension to compromise an employee’s device and exfiltrate data from the...
Catch spyware in the act with Windows Webcam Monitoring
2026-05-21 10:19:18
Know when a program tries to access your webcam so you can allow or block, in real time.
Microsoft's Retired IE Tool MSHTA Now Being Used in Fileless Malware Attacks
2026-05-21 10:18:11
Despite Internet Explorer's retirement, hackers are abusing the legacy MSHTA utility in stealthy fileless malware attacks targeting Windows users.
Researchers left AI agents alone in a virtual town and watched it all unravel
2026-05-21 10:01:54
Told not to commit crimes, the AI agents mostly did anyway. Arson, violence, romance, self-deletion, and general chaos quickly ensued.
Nine-year-old Linux Kernel Vulnerability Let Attackers Exfiltrate SSH Private Keys
2026-05-21 09:57:16
A newly disclosed Linux kernel vulnerability, tracked as CVE-2026-46333, exposes a serious local privilege escalation flaw that has remained undetected for nearly nine years. Security researchers at the...
New Microsoft Defender 0‑Days Actively Exploited in the Wild
2026-05-21 09:50:51
Two newly disclosed Microsoft Defender vulnerabilities are being actively exploited in the wild, enabling local attackers to elevate privileges to SYSTEM and potentially disrupt endpoint protection across...
Faille de Bitlocker : Microsoft propose 2 mesures d'urgence pour protéger votre PC Windows
2026-05-21 09:45:57
Une faille, baptisée YellowKey, permet de contourner BitLocker, le système de chiffrement de Windows 11, avec une clé USB et une simple manipulation au démarrage. Microsoft, qui n'a pas encore de...
Swatch et Audemars Piguet, le buzz piégé révélé
2026-05-21 09:45:50
Swatch x Audemars Piguet à 10 euros : faux sites, vidéos truquées et stealer piègent les acheteurs en ligne. Révélation ZATAZ.
BadIIS Malware Turns Hijacks IIS Servers and Redirect Users to Illicit Sites
2026-05-21 09:38:45
A dangerous piece of malware known as BadIIS has been actively targeting Internet Information Services (IIS) web servers, quietly hijacking them and redirecting unsuspecting visitors to illegal gambling...
Fraudes publicitaires : Meta, TikTok et Google visés
2026-05-21 09:33:01
Fraudes publicitaires : Meta, TikTok et Google visés par Que Choisir, le BEUC et l'Arcom au nom du DSA
1-15 May 2026 Cyber Attacks Timeline
2026-05-21 08:51:25
The threat landscape during May H1 was dominated by cyber crime and characterized by malware attacks, while the exploitation of public-facing applications led the initial access.
Young People Are Tired of Empty Scrolling. FaithTime Is Turning Feeds Into Real Connection
2026-05-21 08:45:27
FaithTime is building an AI-powered faith community designed to move users beyond passive scrolling into active participation and connection. The platform combines prayer interactions, faith-based games,...
La clinique de Garmisch-Partenkirchen isole ses données patient
2026-05-21 08:39:36
Les hôpitaux figurent parmi les cibles les plus prisées des cyberattaques, qu'elles soient menées par des criminels ou des états. (...)
« Pour une AI Gigafactory en France » : comment le consortium AION s'est organisé
2026-05-21 08:39:07
Structuré il y a près d'un an pour porter une candidature dans le cadre du programme européen des AI Gigafactories, le consortium AION compte désormais 28 membres.
The post « Pour une AI Gigafactory...
How Malware Hides Inside ZIP Files & Why Most Defenses Still Miss It
2026-05-21 08:34:13
The other day I was reading an article about zip files as a new attack vector. Yet this is as old as the beginning of the internet.So I analyzed several recent campaigns and summarized these vectors.ZIP...
Assertion101 Proving Grounds Walkthrough (Intermediate) | Complete Write-Up
2026-05-21 08:33:59
The first step in approaching this machine was reconnaissance. Understanding which services were exposed is key. To do this, I ran a full TCP port scan using Nmap with default scripts and version detection....
The Loud Failure: How a Broken WebSocket Leaked a Master Key to the Backend
2026-05-21 08:33:48
In bug bounty hunting, we often spend a lot of time looking for complex injection flaws or deep architectural logic errors. But sometimes, the most critical vulnerabilities present themselves when an...
Bug Bounty Bootcamp #37: SSRF in PDFs, Screenshots, and Bypassing Localhost Filters
2026-05-21 08:32:25
You found a PDF generator that fetches URLs. The developer blocked localhost and 127.0.0.1. Game over? Not even close. Learn the art of…Continue reading on InfoSec Write-ups »
Can Pure Modbus Break a Reactor? Oldsmar, Stuxnet & FrostyGoop, Tested
2026-05-21 08:31:28
You can speak Modbus to a chemical reactor as freely as its own engineer. Breaking it, though, isn't a yes or a no — it's a question of patience.In February 2021, the lye setpoint at a Florida...
How Use.AI Is Bringing Cohesion Back to the Workplace
2026-05-21 08:30:29
Use.AI is positioning itself as a unified workspace built to solve the fragmentation many companies face after adopting multiple AI tools. Instead of functioning as another standalone AI application,...
I Typed My Own Email Into 7 OSINT Tools. What Came Back Scared Me (PART 1)
2026-05-21 08:30:25
These free tools can build a complete digital profile on anyone — and most people have no idea they exist.I was doing routine recon for a personal project when I typed my own email into a lookup...
Odile Duthil (Caisse des Dépôts) : La résilience, un sport d'équipe
2026-05-21 08:25:19
Odile Duthil, Directrice Cybersécurité du Groupe Caisse des Dépôts et Présidente du Clusif, partage sa vision de la résilience opérationnelle. Entre gestion des risques d'intérêt général et...
Dell World 2026 : les futurs serveurs PowerEdge se dévoilent
2026-05-21 08:25:04
L’édition 2026 de Dell World qui se déroule à Las Vegas du 18 au 20 mai a renoué avec les annonces sur l’infrastructure (...)
ReverseLookup Is Helping Users Navigate Modern Interactions
2026-05-21 08:15:21
ReverseLookup is a public information platform designed to help users better understand unknown phone numbers, email addresses, usernames, and other digital contact points. Beyond basic lookup functionality,...
An AI-Enhanced Workflow for Signature Evasion Testing
2026-05-21 08:11:55
Developing a PowerShell AMSI Bypass with AIBackgroundContextIn offensive security, capabilities have a shelf life. A tool that delivered clean execution previously can be completely burned today by a...
How to Detect Lateral Movement with Elastic SIEM: SOC Analyst Hands-On Lab | Hunt Forward Lab #006
2026-05-21 08:10:54
Hunt Forward Lab #006 — Threat Hunting for Pass-the-Hash and Token Impersonation | MITRE ATT&CK T1550.002 | T1134.001 | T1021.002🔬 Difficulty: Intermediate — Estimated Time: 90 minutesWhat...
JobAssist Keeps Career Materials, Drafts, and Progress in One Place
2026-05-21 08:00:40
JobAssist is a browser-based platform designed to reduce the chaos of modern job searching by keeping CVs, cover letters, saved roles, drafts, and application tracking in one place. The platform combines...
Microsoft warns of new Defender zero-days exploited in attacks
2026-05-21 07:49:48
On Wednesday, Microsoft started rolling out security patches for two Defender vulnerabilities that have been exploited in zero-day attacks. [...]
9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros
2026-05-21 07:35:53
Cybersecurity researchers have disclosed details of a vulnerability in the Linux kernel that remained undetected for nine years.
The vulnerability, tracked as CVE-2026-46333 (CVSS score: 5.5), is a case...
Fuite de données chez Foxconn : les plans secrets des serveurs Apple ont été volés
2026-05-21 07:29:30
Foxconn, l'un des sous-traitants d'Apple, a été victime d'une cyberattaque. Les pirates ont dérobé les plans secrets des serveurs Apple. Des documents confidentiels qui, selon nos confrères d'AppleInsider,...
Configurateur PC en ligne : créez votre ordinateur sur mesure sans exploser le budget
2026-05-21 06:56:02
Créer son PC sur mesure en ligne permet d'obtenir une machine adaptée à ses besoins, sans payer pour des composants inutiles. Une solution pratique pour la bureautique, le gaming ou les usages professionnels....
GitHub links repo breach to TanStack npm supply-chain attack
2026-05-21 06:54:01
GitHub says the hackers who breached 3,800 internal repositories gained access via a malicious version of the Nx Console VS Code extension, compromised in last week's TanStack npm supply-chain attack....
Discord adds end-to-end encryption to voice and video calls by default
2026-05-21 06:40:53
Discord now enables end-to-end encryption by default for all voice and video calls, making conversations inaccessible even to the platform itself. No announcement fanfare, no opt-in required, no settings...
Production Observability for Spring AI Agents on Amazon Bedrock Without Writing Tracing code
2026-05-21 05:33:51
You're already running Spring AI on Bedrock. You're going to need cost telemetry, request correlation, PII safety, error classification, and you're going to need it for every agent without writing tracing...
Debugging Multi Agent Memory Loss in Long Running Pipelines
2026-05-21 05:30:50
Long-running AI agents often experience "Agentic Amnesia," losing their train of thought over extended execution windows. This failure occurs because standard frameworks rely on naive context truncation...
USN-8202-3: jq regression
2026-05-21 05:15:51
USN-8202-1 fixed vulnerabilities in jq. The update caused a regression
for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This update fixes the problem.
We apologize for the inconvenience.
Original advisory...
Dragonica Lunaris - 126,293 breached accounts
2026-05-21 04:41:32
In December 2025, the European Dragonica private server Dragonica Lunaris suffered a data breach. The incident exposed 126k email addresses, usernames, dates of birth and bcrypt password hashes. The service...
GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension
2026-05-21 04:27:01
GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise of an employee device involving a poisoned version of the Nx Console Microsoft Visual...
Windows93 / Myspace93 - 46,105 breached accounts
2026-05-21 03:45:15
In January 2021, the parody site Windows93 suffered a data breach of the Myspace93 sub-site after a beta application was exploited to download server files. The compromised data was later leaked in June...
Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks
2026-05-21 03:44:11
Drupal has released security updates for a "highly critical" security vulnerability in Drupal Core that could be exploited by attackers to achieve remote code execution, privilege escalation, or information...
List of 14 new domains
2026-05-21 00:00:00
.fr adidasspezials[.fr] (registrar: Hosting Concepts B.V. d/b/a Openprovider)
celinesoldes[.fr] (registrar: Hosting Concepts B.V. d/b/a Openprovider)
connect-nickel[.fr] (registrar: Dynadot Inc)
dromejeunesservices[.fr]...
Multiples vulnérabilités dans Progress MOVEit Automation (21 mai 2026)
21/05/2026
De multiples vulnérabilités ont été découvertes dans Progress MOVEit Automation. Elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de...
Multiples vulnérabilités dans les produits Apereo (21 mai 2026)
21/05/2026
De multiples vulnérabilités ont été découvertes dans les produits Apereo. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données.
Multiples vulnérabilités dans ISC BIND (21 mai 2026)
21/05/2026
De multiples vulnérabilités ont été découvertes dans ISC BIND. Elles permettent à un attaquant de provoquer un déni de service à distance et un problème de sécurité non spécifié par l'éditeur....
Multiples vulnérabilités dans les produits Splunk (21 mai 2026)
21/05/2026
De multiples vulnérabilités ont été découvertes dans les produits Splunk. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité...
Vulnérabilité dans Cisco Secure Workload (21 mai 2026)
21/05/2026
Une vulnérabilité a été découverte dans Cisco Secure Workload. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
Vulnérabilité dans Drupal (21 mai 2026)
21/05/2026
Une vulnérabilité a été découverte dans Drupal. Elle permet à un attaquant de provoquer une injection SQL (SQLi). L'éditeur précise que la vulnérabilité CVE-2026-9082 affecte uniquement les...