Toute l'actualité de la Cybersécurité
USN-8015-2: Linux kernel (Real-time) vulnerabilities
2026-02-04 20:52:36
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
...
USN-8016-1: Linux kernel (NVIDIA) vulnerabilities
2026-02-04 20:43:42
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
...
USN-8013-3: Linux kernel (Real-time) vulnerabilities
2026-02-04 20:32:31
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
...
USN-8013-2: Linux kernel (FIPS) vulnerabilities
2026-02-04 20:31:02
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
...
Taiwanese operator of Incognito Market sentenced to 30 years over 5M darknet drug ring
2026-02-04 19:23:26
A Taiwanese man was sentenced to 30 years for running Incognito Market, a major darknet drug site that sold over 5 million in illegal drugs. Rui-Siang Lin (24) was sentenced to 30 years in prison for...
USN-8015-1: Linux kernel vulnerabilities
2026-02-04 18:53:08
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
...
USN-8014-1: Linux kernel vulnerabilities
2026-02-04 18:36:31
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
...
USN-8013-1: Linux kernel vulnerabilities
2026-02-04 18:04:53
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- Cryptographic API;
...
Microsoft Develops Scanner to Detect Backdoors in Open-Weight Large Language Models
2026-02-04 17:52:00
Microsoft on Wednesday said it built a lightweight scanner that it said can detect backdoors in open-weight large language models (LLMs) and improve the overall trust in artificial intelligence (AI) systems.
The...
SystemBC Botnet Hijacked 10,000 Devices Worldwide to Use for DDoS Attacks
2026-02-04 17:48:02
The SystemBC malware family, a persistent threat first documented in 2019, has evolved into a massive botnet infrastructure controlling over 10,000 hijacked devices globally. Functioning primarily as...
CISA: VMware ESXi flaw now exploited in ransomware attacks
2026-02-04 17:38:46
CISA confirmed on Wednesday that ransomware gangs have begun exploiting a high-severity VMware ESXi sandbox escape vulnerability that was previously used in zero-day attacks. [...]
The Future of Dependency Management in an AI-Driven SDLC
2026-02-04 17:38:10
AI coding assistants now power a growing share of modern software delivery. They span the SDLC, helping teams move faster from idea to implementation, expanding what individual developers can...
PhantomVAI Custom Loader Uses RunPE Utility to Attack Users
2026-02-04 17:24:44
A sophisticated custom loader named PhantomVAI has emerged in global phishing campaigns, delivering various stealers and remote access trojans (RATs) to compromised systems. This malware loader operates...
DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files
2026-02-04 17:24:00
Threat hunters have disclosed details of a new, stealthy malware campaign dubbed DEAD#VAX that employs a mix of "disciplined tradecraft and clever abuse of legitimate system features" to bypass traditional...
Scale Computing unifie virtualisation et edge
2026-02-04 17:21:16
Créée en 2008 à Indianapolis pour simplifier l’hyperconvergence (HCI) dans les PME et les environnements (...)
Interlock Ransomware Actors New Tool Exploiting Gaming Anti-Cheat Driver 0-Day to Disable EDR and AV
2026-02-04 17:00:22
The Interlock ransomware group has emerged as a distinct threat in the cybersecurity landscape, particularly targeting the education sector in the United States and United Kingdom. Unlike many contemporary...
Reinforcement Learning on Non-Euclidean Spaces: Swarms, Spheres, and Hyperbolic RL
2026-02-04 17:00:22
Discover the emerging field of Reinforcement Learning (RL) on non-Euclidean spaces. Learn about stochastic policies using Bingham, spherical Cauchy, and hyperbolic latent representations.
A New Cyber-Insurance Model Uses Game Theory to Protect Smart Power Grids
2026-02-04 17:00:03
This paper proposes a mutual cyber-insurance framework for smart power grids that combines epidemic cyber-risk modeling, reliability analysis, and Shapley value pricing to fairly distribute losses while...
Detecting backdoored language models at scale
2026-02-04 17:00:00
We're releasing new research on detecting backdoors in open-weight language models and highlighting a practical scanner designed to detect backdoored models at scale and improve overall trust in AI systems.
The...
Supervised Learning for Swarms on Manifolds: Training Kuramoto Networks and Stochastic Optimization
2026-02-04 16:45:03
Master the training of swarm dynamics and Kuramoto networks for supervised ML. Explore Maximum Likelihood, Score Matching, and Evolutionary Optimization (CMA ES) on manifolds.
L'Anssi livre son bilan de la menace IA en 2025
2026-02-04 16:39:29
Si la montée en puissance de l'IA constitue une promesse de gains potentiels (temps, productivité...) pour les entreprises, elle (...)
False Negatives Are a New SOC Headache. Here's the Fast Way to Fix It
2026-02-04 16:37:08
False negatives are becoming the most expensive “quiet” failure in SOCs. In 2026, AI-generated phishing and multi-stage malware chains are built to look clean on the outside, behave normally at first,...
Swarms on Manifolds for Deep Learning: Training Kuramoto Models and Trajectory Learning
2026-02-04 16:30:02
Learn how to train Kuramoto models and swarms on manifolds for Deep Learning. Discover parameter estimation for wrapped Cauchy and von Mises distributions in trajectory learning.
Probabilistic ML on Grassmannians and Orthogonal Groups: Langevin and Bingham Matrix Models
2026-02-04 16:15:03
Master statistical ML on Grassmannians and orthogonal groups. Learn how matrix Bingham and matrix Langevin distributions derive from vMF spherical models.
One Identity Appoints Gihan Munasinghe as Chief Technology Officer
2026-02-04 05:32:44
Alisa Viejo, United States, 4th February 2026, CyberNewsWire
The HackerNoon Newsletter: Cell Service Is Escaping Earth (2/4/2026)
2026-02-04 16:03:09
How are you, hacker?
🪐 What's happening in tech today, February 4, 2026?
The
HackerNoon Newsletter
brings the HackerNoon
...
How to Become a Pro at Researching and Reaching Out for Interviews
2026-02-04 16:00:22
Find good sources and don't play a game of telephone with your sources. Don't link to random articles that don't talk about your subject matter. Reach out to potential interview subjects by finding...
Hyperbolic Space Statistical Models: Geometric Deep Learning & Inference
2026-02-04 16:00:03
Discover how statistical models over hyperbolic spaces enable inference, sampling, and density estimation in Geometric Deep Learning for hierarchical data and word embeddings.
Mutuum Finance Crosses Major Funding Threshold as MUTM Hits 3x With Over .2M Raised
2026-02-04 15:49:48
Mutuum Finance (MUTM) is a new crypto specialized protocol designed to transform how people access decentralized credit. The token has seen a massive 300% surge in value. Mutuum Finance has officially...
MomentProof Deploys Patented Digital Asset Protection
2026-02-04 13:00:19
Washington, DC, 4th February 2026, CyberNewsWire
CISA warns of five-year-old GitLab flaw exploited in attacks
2026-02-04 15:42:31
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their systems against a five-year-old GitLab vulnerability that is actively being exploited in attacks....
Paris raid on X focuses on child abuse material allegations
2026-02-04 15:23:02
French prosecutors raided X offices in Paris over illegal content; Elon Musk and CEO summoned for voluntary interviews in April. French prosecutors, with France's National Gendarmerie and Europol support,...
How I hacked a website just by looking at the source code Part-2
2026-02-04 15:09:01
This is a very easy P4 bug.Continue reading on InfoSec Write-ups »
Active Directory Lab for PenTest. Manual Deployment Guide
2026-02-04 15:08:07
This guide is a manual, step-by-step deployment of a GOAD-Mini Active Directory environment on VirtualBox/VagrantComplete Step-by-Step…Continue reading on InfoSec Write-ups »
All About OWASP Top 10 for Agentic AI Applications
2026-02-04 15:07:32
Hello Hackers, Hope you guys are doing well and hunting lots of bugs and Dollars!Today, we're diving deep into the “OWASP Top 10 for Agentic Applications 2026" a practical security framework...
This Mobile App Trusted My Phone More Than It Should Have ⚠️
2026-02-04 15:07:11
Free Link 🎈Continue reading on InfoSec Write-ups »
1. Web Cache Deception When Private User Data Becomes Public
2026-02-04 15:06:46
Free Article LinkContinue reading on InfoSec Write-ups »
Active Directory Penetration Testing
2026-02-04 15:06:23
A Deep Dive into GOAD-Mini Lab Assessment. Step-by-step guide.Continue reading on InfoSec Write-ups »
The Double-Edged Sword of Non-Human Identities
2026-02-04 15:05:15
Leaked non-human identities like API keys and tokens are becoming a major breach driver in cloud environments. Flare shows how exposed machine credentials quietly grant attackers long-term access to enterprise...
Proving Grounds Linux lab Levram ( Road to OSCP )
2026-02-04 15:05:09
We can achieve that by using various of tools and techniques to obtain foothold on the target, by using enumeration, scanning and other…Continue reading on InfoSec Write-ups »
How to Hack Swagger UI Complete Guide.
2026-02-04 15:04:11
Earn rewards using this simple method.Continue reading on InfoSec Write-ups »
I Followed the Password Reset Flow — and Ended Up Resetting Everyone's Password
2026-02-04 15:03:20
Hey there!😁Continue reading on InfoSec Write-ups »
Supply Chain Attack Abused Notepad++ Update Infrastructure to Deliver Targeted Malware
2026-02-04 15:01:41
The developers of Notepad++ disclosed a critical security breach on February 2, 2026, affecting their update infrastructure. The popular text editor, widely used by developers worldwide, became the target...
Infrastructure, sécurité et LLM principaux défis de l'IA selon Cisco
2026-02-04 15:00:27
En guise d’ouverture du Cisco AI Summit qui s’est tenu le 3 février dernier à San Francisco, Chuck Robbins, CEO de Cisco, a affirmé (...)
The Web3 UX Problem AI Agents Are Accidentally Solving
2026-02-04 15:00:02
Web3 has a dirty little secret that everyone knows but nobody wants to admit: it's basically unusable for normal humans. The truth is much more simple and uncomfortable: Web3 isn't hard for humans because...
Chinese Mustang Panda Used Fake Diplomatic Briefings to Spy on Officials
2026-02-04 14:58:25
A new spy campaign by Mustang Panda uses fake US diplomatic briefings to target government officials. Discover how this silent surveillance operation works.
GreyNoise tracks massive Citrix Gateway recon using 63K+ residential proxies and AWS
2026-02-04 14:49:36
GreyNoise spotted a dual-mode Citrix Gateway recon campaign using 63K+ residential proxies and AWS to find login panels and enumerate versions. Between Jan 28 and Feb 2, 2026, GreyNoise tracked a coordinated...
OT attacks surge as threat actors embrace cloud and AI, warns Forescout
2026-02-04 14:42:41
Cyberattacks targeting operational technology (OT) environments rose sharply in 2025, according to new research from Forescout, highlighting growing risks to critical infrastructure as attackers adapt...
AI Belongs Inside DataOps, Not Just at the End of the Pipeline
2026-02-04 14:32:37
As AI drives higher demands for speed, scale, and governance, human-driven data operations no longer hold up. This article argues that AI must move upstream into DataOps, where it can automate enforcement,...
ValleyRAT Mimic as LINE Installer Attacking Users to Steal Login Details
2026-02-04 14:19:54
A sophisticated malware campaign has surfaced where threat actors are distributing the ValleyRAT backdoor disguised as a legitimate installer for the popular messaging application, LINE. This targeted...
EDR killer tool uses signed kernel driver from forensic software
2026-02-04 14:17:45
Hackers are abusing a legitimate but long-revoked EnCase kernel driver in an EDR killer that can detect 59 security tools in attempts to deactivate them. [...]
China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns
2026-02-04 14:09:00
Threat actors affiliated with China have been attributed to a fresh set of cyber espionage campaigns targeting government and law enforcement agencies across Southeast Asia throughout 2025.
Check Point...
Ransomware Damage To Cost The World B In 2026
2026-02-04 14:02:37
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Feb. 4, 2026 –Read the full story Cybersecurity Ventures publishes a chart at RansomwareCost.com containing...
New Amaranth Dragon cyberespionage group exploits WinRAR flaw
2026-02-04 14:00:00
A new threat actor called Amaranth Dragon, linked to APT41 state-sponsored Chinese operations, exploited the CVE-2025-8088 vulnerability in WinRAR in espionage attacks on government and law enforcement...
Kelly Hiscoe Recognized Among CRN 2026 Channel Chiefs for Innovation and Impact
2026-02-04 14:00:00
In 2026, security teams are still grappling with the challenges posed by expanding attack surfaces and persistent resource constraints. Together with the rapid onset of AI-driven threats, security leaders...
Grok continues producing sexualized images after promised fixes
2026-02-04 13:50:15
Journalists retested Grok and found it still generates offensive images even when told the subjects were vulnerable, non-consenting people.
Ubuntu 24.04 LTS Emacs Moderately Unsafe Code Execution Flaw USN-8011-1
2026-02-04 13:50:02
Several security issues were fixed in Emacs.
Codage agentique : le retour d'expérience de Spotify
2026-02-04 13:33:13
Spotify revient sur les étapes d'intégration d'une couche agentique dans son processus de maintenance logicielle.
The post Codage agentique : le retour d’expérience de Spotify appeared first...
Extra Extra! Announcing DR Global Latin America
2026-02-04 13:30:00
Dark Reading has something new hitting the newsstand: a content section purpose-built for Latin American readers, featuring news, analysis, features, and multimedia.
USN-8012-1: GitHub CLI vulnerabilities
2026-02-04 13:26:02
It was discovered that GitHub CLI could behave unexpectedly if users
downloaded a malicious GitHub Actions workflow artifact through gh run
download. An attacker could possibly use this issue to create...
Threat Actors Abuse Microsoft & Google Platforms to Attack Enterprise Users
2026-02-04 13:01:06
Enterprise security teams are facing a sophisticated new challenge as cybercriminals increasingly exploit trusted cloud platforms to launch phishing attacks. Instead of relying on suspicious newly registered...
Big Breach or Smooth Sailing? Mexican Gov't Faces Leak Allegations
2026-02-04 13:00:00
A hacktivist group claims a 2.3-terabyte data breach exposes the information of 36 million Mexicans, but no sensitive accounts are at risk, says government.
Microsoft rolls out native Sysmon monitoring in Windows 11
2026-02-04 12:58:20
Microsoft has started rolling out built-in Sysmon functionality to some Windows 11 systems enrolled in the Windows Insider program. [...]
CISA Warns of GitLab Community and Enterprise Editions SSRF Vulnerability Exploited in Attacks
2026-02-04 12:41:02
A critical GitLab vulnerability has been added to the Known Exploited Vulnerabilities (KEV) catalog. Threat actors are actively exploiting a server-side request forgery (SSRF) flaw in GitLab Community...
SUSE glib2 Important Buffer Underflow Buffer Overflow Vuln 2026-0373-1
2026-02-04 12:30:24
An update that solves three vulnerabilities can now be installed.
openSUSE 15.6 glib2 Important Buffer Overflow and Heap Access Patch
2026-02-04 12:30:24
An update that solves three vulnerabilities can now be installed.
SUSE Protobuf Moderate Threat Bypass CVE-2026-0994 Advisory 2026-0374-1
2026-02-04 12:30:19
An update that solves one vulnerability can now be installed.
Ubuntu 25 Alpha GRPC Enhanced Cycle Max Limit 2029-0689-4
2026-02-04 12:30:19
An update that solves one vulnerability can now be installed.
SUSE libvirt Security Fix CVE-2025-12748 Addresses Access Control Risk
2026-02-04 12:30:17
An update that solves two vulnerabilities and has one security fix can now be installed.
Hackers Using AI to Get AWS Admin Access Within 10 Minutes
2026-02-04 12:19:52
Threat actors leveraging artificial intelligence tools have compressed the cloud attack lifecycle from hours to mere minutes, according to new findings from the Sysdig Threat Research Team (TRT). In a...
Firefox is giving users the AI off switch
2026-02-04 12:07:50
Mozilla and other companies are starting to see why giving users a choice over AI features matters.
Orchid Security Introduces Continuous Identity Observability for Enterprise Applications
2026-02-04 11:58:00
An innovative approach to discovering, analyzing, and governing identity usage beyond traditional IAM controls.
The Challenge: Identity Lives Outside the Identity Stack
Identity and access management...
Microsoft enchaine les pannes Azure
2026-02-04 11:48:08
Après un gros souci en octobre dernier, les services Azure de Microsoft ont encore été affectés par des incidents avec (...)
Microsoft: Info-Stealing malware expands from Windows to macOS
2026-02-04 11:30:03
Microsoft warns info-stealing attacks are expanding from Windows to macOS, using cross-platform languages like Python and abusing trusted platforms. Microsoft warns info-stealing attacks are rapidly expanding...
AT&T à plein régime dans l'IA agentique
2026-02-04 11:29:43
AT&T n'est pas novice en matière d'IA. L'entreprise a investi massivement dans ses formes traditionnelles au fil des ans, les exploitant pour (...)
Owner of Incognito dark web drugs market gets 30 years in prison
2026-02-04 11:24:23
A Taiwanese man was sentenced to 30 years in prison for operating Incognito Market, one of the world's largest online narcotics marketplaces that sold over 5 million worth of illegal drugs to customers...
Google Looker Bugs Allow Cross-Tenant RCE, Data Exfil
2026-02-04 11:00:00
Attackers could even have used one vulnerable Lookout user to gain access to other GCP tenants' environments.
KnowBe4 alerte sur les escroqueries amoureuses par deepfake visant les consommateurs à l'approche de la Saint-Valentin
2026-02-04 10:54:58
À l'approche de la Saint-Valentin, les experts en cybersécurité de KnowBe4 tirent la sonnette d'alarme face à une recrudescence sophistiquée d'escroqueries amoureuses dopées à l'intelligence...
Exposed AWS Credentials Lead to AI-Assisted Cloud Breach in 8 Minutes
2026-02-04 10:31:10
Researchers recently tracked a high-speed cloud attack where an intruder gained
full admin access in just eight minutes. Discover how AI automation and a simple
storage error led to a major security breach....
Zero Touch, blueprints, automatisation, la nouvelle gestion IT de 2026
2026-02-04 10:06:24
Finies les opérations manuelles, chronophages et silotées. En 2026, voici comment se passe le déploiement, la configuration et la gestion d'un cloud privé. Indice : vite et bien.
The post Zero Touch,...
The First 90 Seconds: How Early Decisions Shape Incident Response Investigations
2026-02-04 10:00:00
Many incident response failures do not come from a lack of tools, intelligence, or technical skills. They come from what happens immediately after detection, when pressure is high, and information is...
USN-8011-1: Emacs vulnerabilities
2026-02-04 09:51:13
It was discovered that Emacs could trigger unsafe Lisp macro expansion,
when a user invoked elisp-completion-at-point on untrusted Emacs Lisp
source code. An attacker could possibly use this issue to...
Notepad++ compromis : les spécificités d'une campagne en trois temps
2026-02-04 09:51:07
Attribuée à une APT chinoise, la campagne contre Notepad++ semble avoir connu trois phases... et autant de modes opératoires.
The post Notepad++ compromis : les spécificités d’une campagne...
Hugging Face enrôlé pour diffuser un malware Android
2026-02-04 09:42:29
Des chercheurs de Bitdefender Labs ont découvert une campagne de malware sur le site Hugging Face, hébergeant des outils IA ouverts (...)
Olivier Nautet devient RSSI d'Axa
2026-02-04 09:09:08
RSSI groupe de BNP Paribas depuis 2015, un portefeuille s'étendant aux fraudes numériques depuis 2021, Olivier Nautet rejoint Axa en tant (...)
Phishing Campaigns Abuse Trusted Cloud Platforms, Raising New Risks for Enterprises
2026-02-04 08:48:33
ANY.RUN experts report a surge in phishing campaigns abusing trusted cloud and CDN platforms to bypass security controls and target enterprise users.
Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers
2026-02-04 07:42:00
Microsoft has warned that information-stealing attacks are "rapidly expanding" beyond Windows to target Apple macOS environments by leveraging cross-platform languages like Python and abusing trusted...
Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions
2026-02-04 06:26:00
The Eclipse Foundation, which maintains the Open VSX Registry, has announced plans to enforce security checks before Microsoft Visual Studio Code (VS Code) extensions are published to the open-source...
CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog
2026-02-04 05:50:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) to its Known Exploited Vulnerabilities (KEV) catalog,...
What Is SELinux? A Practical Take for Linux Admins
2026-02-04 03:31:19
Most of us meet SELinux when something breaks. A service won't start, a port won't bind, a perfectly reasonable file write gets blocked, and the quickest path back to green looks like turning it off....
Coinbase confirms insider breach linked to leaked support tool screenshots
2026-02-04 02:04:23
Coinbase has confirmed an insider breach after a contractor improperly accessed the data of approximately thirty customers, which BleepingComputer has learned is a new incident that occurred in December....
Why Smart People Fall For Phishing Attacks
2026-02-04 00:00:43
Why do successful phishing attacks target our psychology rather than just our software? Discover Unit 42's latest insights on defeating social engineering and securing your digital life.
The post Why...
List of 27 new domains
2026-02-04 00:00:00
.fr aquawin-fr[.fr] (registrar: Hostinger operations UAB)
arcteryx-outlet[.fr] (registrar: EPAG Domainservices GmbH)
casino-aquawin[.fr] (registrar: Hostinger operations UAB)
casinoboomerang[.fr] (registrar:...
Vulnérabilité dans Google Pixel (04 février 2026)
04/02/2026
Une vulnérabilité a été découverte dans Google Pixel. Elle permet à un attaquant de provoquer une élévation de privilèges.
Multiples vulnérabilités dans Google Chrome (04 février 2026)
04/02/2026
De multiples vulnérabilités ont été découvertes dans Google Chrome. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Multiples vulnérabilités dans Tenable Identity Exposure (04 février 2026)
04/02/2026
De multiples vulnérabilités ont été découvertes dans Tenable Identity Exposure. Elles permettent à un attaquant de provoquer un déni de service à distance et un problème de sécurité non spécifié...
Vulnérabilité dans les produits Moxa (04 février 2026)
04/02/2026
Une vulnérabilité a été découverte dans les produits Moxa. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
Multiples vulnérabilités dans GLPI (04 février 2026)
04/02/2026
De multiples vulnérabilités ont été découvertes dans GLPI. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une injection SQL (SQLi)...