Toute l'actualité de la Cybersécurité
US and allied Governments' Recommendations: Securing Network Devices Against Russian APT Groups
2026-07-15 18:59:09
US and allies warn of Russian APT groups targeting routers and network devices to compromise critical infrastructure worldwide. The US and allied governments warn that Russian state-sponsored APT groups...
CVE-2026-15746 - Credential disclosure in Strands Agents Tools elasticsearch_memory tool
2026-07-15 18:49:07
Bulletin ID: 2026-056-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 07/15/2026 11:30 AM PDT
Description:
Strands Agents is an open-source Python SDK for building and...
TuxBot v3 Evolution Shows Signs of LLM-Assisted IoT Botnet Development
2026-07-15 18:43:08
Cybersecurity researchers have disclosed details of a previously unreported Internet-of-Things (IoT) botnet framework dubbed TuxBot v3 Evolution that shows signs of being developed with assistance from...
Hackers Expanding Destiny Stealer Across the US and Europe. Is Your Organization Ready to Defend?
2026-07-15 18:37:13
Destiny Stealer activity is rising across Europe and the US, putting corporate accounts, remote access, email data, and sensitive business information at risk. A single infected endpoint can expose passwords,...
Google Gemini CLI abused as a hacking agent, malware botnet operator
2026-07-15 18:33:48
A Russian-speaking threat actor known as "bandcampro" used Google's open-source Gemini CLI AI tool as a hacking agent and to operate a small-scale botnet. [...]
Guten Tag, Bonjour, Hola to Our European Cyber Defenders!
2026-07-15 18:08:56
We're thrilled to unveil the latest evolution of Dark Reading's DR Global section — your go-to source for region-specific cybersecurity intelligence beyond North America.
GPT-5.6 Sol Ultra Builds Full Chrome Exploit Chain From Security Patches
2026-07-15 17:52:29
OpenAI’s GPT-5.6 Sol Ultra model independently constructed a complete, working exploit chain for Google Chrome, using nothing but publicly available security patch commits as its starting point....
Hackers Abuse Shared Claude Chats and Google Ads to Deploy MacSync Stealer on macOS
2026-07-15 17:15:43
Threat actors are hijacking Anthropic’s Claude AI platform and Google Ads to trick Mac users into infecting themselves with a dangerous new information-stealing malware called MacSync Stealer, according...
Is 'Tech-xit' Imminent? UK Steps Up Sovereignty Push Amid AI Strife
2026-07-15 17:03:23
The US government's restrictions on Anthropic and OpenAI frontier models have intensified calls in the UK and other countries to reduce their reliance on US tech companies, with significant cyber implications....
Chaotic Eclipse Unveils LegacyHive Exploit Affecting Fully Patched Windows Systems
2026-07-15 16:57:55
LegacyHive PoC exposes a Windows Privilege Escalation flaw affecting fully patched Windows desktop and server systems. Just hours after Microsoft’s July 2026 Patch Tuesday, security researcher Nightmare...
Fake Céline Dion Paris Tickets Sold on Facebook and Ticketmaster Clones
2026-07-15 16:36:17
Group-IB says scammers are targeting Céline Dion fans through Facebook, duplicate digital tickets and fake websites impersonating Ticketmaster, AXS and the venue site.
Rapid7 MDR Team Discovers New SonicWall SMA1000 Zero Days being Actively Exploited (CVE-2026-15409, CVE-2026-15410)
2026-07-15 16:19:26
OverviewOn July 14, 2026, SonicWall published a security advisory addressing two vulnerabilities affecting SMA1000 Series remote access appliances, including the critical server-side request forgery (SSRF)...
Q&A: Businesses Are Running Out of Time to Prepare for the Quantum Threat, Warns Moona Ederveen-Schneider
2026-07-15 16:17:23
Moona Ederveen-Schneider is a cybersecurity expert (and Most Inspiring Woman in Cyber Award winner 2026) with more than 20 years of experience across financial services, risk and cyber resilience. She...
Turning threat intelligence into decisive action with Defender Experts
2026-07-15 16:00:35
Security teams have never had more visibility, yet rarely have they felt more uncertain. Signal pours in from endpoints, identities, cloud workloads, and a sprawling mix of third-party tools.
The post...
AsyncAPI npm packages infected with credential-stealing malware
2026-07-15 15:37:27
Five malicious versions of AsyncAPI packages were published to the Node Package Manager (npm) in a supply-chain attack that delivered a remote access trojan with info-stealing capabilities. [...]
OkoBot Malware Framework Injects Seed Phrase Phishing Into Ledger and Trezor Apps
2026-07-15 15:30:30
A malware framework called OkoBot has been running on Windows machines since April 2025, and one of its modules is built to con hardware wallet owners out of their recovery phrase.
On an infected PC,...
Claude Flaw Automatically Sends Malicious Prompts to AI Agents
2026-07-15 15:27:35
When combined with another exploit, the "PromptFiction" vulnerability, which has been fixed, could have enabled an end-to-end attack on a targeted system.
USN-8552-1: Sympa vulnerability
2026-07-15 14:50:01
It was discovered that Sympa did not properly validate input on the
generic SSO login. A remote attacker could possibly use this issue to
perform a path traversal attack and gain unintended access.
Critical Cursor 0-Day Flaw Allows Malicious Git Repos to Trigger Automatic Windows Code Execution
2026-07-15 14:37:44
A critical unpatched vulnerability in Cursor, the popular AI-powered code editor used by over 7 million developers, allows attackers to achieve arbitrary code execution on Windows systems. Simply opening...
Claude for Chrome flaw could let rogue extensions access your Gmail
2026-07-15 14:25:53
The ClaudeBleed vulnerability still lets malicious Chrome extensions abuse Claude for Chrome's permissions.
Insignary Launches Clarity On-Demand: SBOMs, No Annual Commitment Required
2026-07-15 13:00:06
Toronto, Canada, 15th July 2026, CyberNewswire
Hacker Used Gemini CLI to Build a Live C&C Botnet in 6 Minutes
2026-07-15 14:19:31
A Russian-speaking threat actor known as “bandcampro” has weaponized Google’s Gemini CLI AI agent to migrate, deploy, and operate a live command-and-control (C&C) botnet. Remarkably,...
USN-8551-1: Tomcat vulnerabilities
2026-07-15 14:15:28
It was discovered that Tomcat incorrectly handled authorization when
multiple method constraints defined the same HTTP method. A remote
attacker could possibly use this issue to bypass authorization
restrictions....
We built a vulnerability vending machine: AI tokens in, zero-days out
2026-07-15 14:01:11
Intruder built an AI-powered "vulnerability vending machine" that combines code slicing with LLMs to automatically discover complex software vulnerabilities. The company explains how the system found...
The TechBeat: The 10 Best AI Tools for SOC 2 Compliance in 2026 (7/15/2026)
2026-07-15 14:01:06
7/15/2026: Trending stories on Hackernoon today!
145 Blog Posts To Learn About C Sharp
2026-07-15 14:00:52
Learn everything you need to know about C Sharp via these 145 free HackerNoon blog posts.
Secure Boot : Microsoft a laissé durant 13 ans une faille fragilisant Windows et Linux
2026-07-15 14:00:07
Des chercheurs en sécurité ont dévoilé une faille majeure affectant depuis treize années le système Secure Boot de Microsoft. Censé protéger votre PC au démarrage contre les programmes malveillants,...
USN-8550-1: libslirp vulnerability
2026-07-15 13:59:22
It was discovered that libslirp incorrectly handled TCP urgent data. A
privileged attacker inside a guest VM could possibly use this issue to
obtain sensitive information from the host process memory.
Fondation OpenClaw : l'Europe largement exclue de la gouvernance
2026-07-15 13:57:50
Cherchant à renforcer son empreinte dans la gouvernance des fondations open source, l'Europe se retrouve largement écartée de celle constituée autour du projet OpenClaw.
The post Fondation OpenClaw...
US Charges Two “Bulletproof Hosting” Companies for Helping Hackers Steal Tens of Millions of Dollars
2026-07-15 13:54:46
The Department of Justice has unsealed an indictment in the Northern District of Ohio charging three Russian nationals and two Russia-based “bulletproof hosting” companies. The entities are...
Risk Ledger Raises M Led by Axiom Equity to Take Its Supply Chain Security Network to the US
2026-07-15 13:48:08
Risk Ledger raises M (£24M) led by Axiom Equity with Mercia Ventures to expand its 16,000-organisation supply chain security network into the US.
USN-8549-1: idna vulnerability
2026-07-15 13:46:50
It was discovered that idna did not properly reject oversized inputs before
performing expensive processing. An attacker could possibly use this issue
to cause idna to consume significant resources, leading...
Oracle Linux 9 Git-LFS Important Update ELSA-2026-39319 CVE-2026-33811
2026-07-15 13:42:08
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
Oracle Linux 9 libxml2 Low CVE-2025-6170 Advisory ELSA-2026-39317
2026-07-15 13:42:07
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
Oracle Linux 9 ELSA-2026-39316 Cups Moderate Control Character Injection
2026-07-15 13:42:05
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
Oracle Linux 9 libsolv Moderate Buffer Overflow Advisory ELSA-2026-39315
2026-07-15 13:42:03
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
Oracle Linux 9 qemu-kvm Low Heap Overflow Fix ELSA-2026-39311
2026-07-15 13:42:02
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
Oracle Linux 9 Kernel Important Security Issues ELSA-2026-36645
2026-07-15 13:41:58
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
Oracle Linux PackageKit Important CVE-2026-41651 Update ELSA-2026-19354
2026-07-15 13:41:56
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
Oracle Linux 8 python3-pillow Important Threat Advisory ELSA-2026-39127
2026-07-15 13:41:47
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
Oracle Linux 8 ELSA-2026-39083 Kernel Important Security Update
2026-07-15 13:41:45
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
Oracle Linux 8 nginx Important Denial of Service Fix ELSA-2026-38847
2026-07-15 13:41:43
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
Oracle Linux 8 Kernel Important Bug Fix Advisory ELSA-2026-36349
2026-07-15 13:41:41
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
Oracle glibc Moderate Buffer Overflow Advisory ELSA-2026-33126
2026-07-15 13:41:39
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
Pulse Security Debuts Operational Management Platform Built for Security Leaders
2026-07-15 13:35:08
San Francisco, United States, 15th July 2026, CyberNewswire
Firefox, Chrome, Adobe, and VMware Updates Fix Multiple Critical Security Flaws
2026-07-15 13:18:53
Mozilla has released updates to address two critical flaws in Firefox for which it warned that exploit code has been published.
The vulnerabilities are listed below -
CVE-2026-15718, an invalid pointer...
Russian-Speaking Hacker Uses Gemini CLI to Deploy C2 Botnet in Six Minutes
2026-07-15 13:16:00
A Russian-speaking threat actor tracked as “bandcampro” used Google Gemini CLI as an end-to-end operational assistant to migrate a command-and-control server, deploy a replacement VPS, configure Cloudflare...
Cloud hybride : une décision de maîtrise, pas un choix technique
2026-07-15 13:14:07
Le cloud hybride n'est ni une version édulcorée du cloud public, ni une simple stratégie multi-fournisseurs. C'est un choix de maîtrise pour les organisations qui doivent avancer sur l'IA,...
Windows Privilege Escalation: SeTcbPrivilege
2026-07-15 13:03:26
Overview SeTcbPrivilege — formally “Act as part of the operating system” — is one of the most powerful Windows privileges in existence. It grants the
The post Windows Privilege Escalation:...
Investigating Persistence Mechanisms in AWS
2026-07-15 13:00:00
OverviewIn the cloud, your infrastructure may be short-lived, but an attacker's persistence doesn't have to be. While your environment scales and changes in seconds, adversaries are embedding themselves...
2-Click Cursor Exploit Enables Dev Environment Takeover
2026-07-15 13:00:00
Simple age-old bugs give bad actors access to developers' secrets and source code-rich environments.
Daemon Fairless, Host Of “Hunting Warhead”, On The Cybercrime Magazine Podcast
2026-07-15 12:51:05
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Jul. 15, 2026 – Listen to the podcast Hunting Warhead is an award-winning investigative true-crime podcast...
OkoBot Malware Uses ClickFix and SeedHunter to Steal Ledger and Trezor Seed Phrases
2026-07-15 12:46:03
A newly documented malware framework dubbed OkoBot is targeting cryptocurrency users with a multi-stage intrusion chain designed to capture Ledger and Trezor recovery phrases, browser credentials, wallet...
Microsoft Blocks Windows 11 Security Update on Dell PCs Over Intel Driver Causing Shutdowns and Battery Drain
2026-07-15 12:43:06
Microsoft has temporarily halted delivery of the July 14, 2026, Windows 11 security update to a limited number of Dell devices due to an incompatibility with an Intel driver that causes significant stability...
Multiple Dell PowerProtect Vulnerabilities Allow Hackers to Gain Full System Access Remotely
2026-07-15 12:37:54
Dell has released security updates to address multiple critical vulnerabilities in its PowerProtect Data Domain products that could allow an unauthenticated remote attacker to gain complete control of...
PromptFiction Flaw Auto-Submitted Hidden Prompts in Claude Desktop
2026-07-15 12:29:42
A one-click Claude Desktop flaw allowed attackers to submit concealed instructions without review, exposing chats and enabling code execution on some systems remotely.
3 Russian Nationals Indicted for Running Bulletproof Hosting Network Behind Million Cyberattacks
2026-07-15 12:26:23
Three Russian nationals and two St. Petersburg-based companies have been indicted in the United States for allegedly operating a bulletproof hosting network that facilitated ransomware, malware, phishing,...
July 2026 Patch Tuesday fixes 622 Microsoft CVEs, including three zero-days
2026-07-15 12:21:11
Microsoft's July 2026 Patch Tuesday sets yet another record, fixing 622 Microsoft CVEs—three times as many as last month.
Multiple Windows RDP Vulnerabilities Allow Attackers to Access Sensitive Data
2026-07-15 12:18:31
Microsoft has released security updates to address a series of information disclosure vulnerabilities in the Windows Remote Desktop Protocol (RDP). These vulnerabilities could allow attackers to read...
Hackers Abuse FaceTime Calls to Impersonate Banks and Hijack Victims' Accounts
2026-07-15 12:15:05
Apple has issued a security advisory warning iPhone and iPad users to treat unexpected FaceTime calls with the same scrutiny as standard phishing emails. A newly tracked wave of social engineering scams...
USN-8548-1: Linux kernel vulnerabilities
2026-07-15 12:07:51
It was discovered that a logic flaw existed in the XFRM ESP-in-TCP
subsystem in the Linux kernel when handling socket buffer fragments. This
flaw is known as Fragnesia. A local attacker could use this...
Helping small businesses with free, hands-on cyber consultancy
2026-07-15 12:00:00
Cyber Advisors are offering free 30-minute consultations to help small businesses get started with cyber security.
Microsoft's July 2026 Patch Tuesday fixes 622 flaws and 2 exploited zero-days
2026-07-15 11:56:59
Microsoft's July 2026 Patch Tuesday fixes 622 CVEs, including exploited AD FS and SharePoint flaws, plus the disclosed BitLocker bypass requiring urgent action.
AsyncAPI npm Supply Chain Attack: Malware Injected Into Packages With 2 Million Weekly Downloads
2026-07-15 11:55:46
AsyncAPI npm packages with 2M weekly downloads were compromised, spreading malware with info-stealing, crypto-theft and RAT capabilities. OX Security researchers disclosed on July 14 that the AsyncAPI...
SASE Has An AI Blind Spot. Inspecting Packets Is No Longer Enough.
2026-07-15 11:50:01
For years, routing traffic through cloud proxies was good enough. Then work moved to the browser, AI entered the workflow, and the inspection model stopped keeping up.
Enterprise workflows now live across...
LabubaRAT Rust Malware Masquerades as NVIDIA Software to Backdoor Windows Systems
2026-07-15 11:41:46
A previously undocumented Rust-based remote access trojan, dubbed LabubaRAT, which masquerades as legitimate NVIDIA software to establish persistent access on Windows systems. The malware was identified...
Proton Launches Business Continuity Service to Keep Firms Communicating Through Outages
2026-07-15 11:37:03
Swiss encrypted communications provider Proton has launched a dedicated business continuity service, aimed at helping organisations keep email and video communications running when their primary IT infrastructure...
Researcher Drops New Windows Zero-Day PoC Hours After Microsoft Patch Tuesday
2026-07-15 11:07:07
Security researcher Chaotic Eclipse (aka Nightmare-Eclipse) has released a new proof-of-concept (PoC) exploit called LegacyHive.
It has been described as a Windows User Profile Service arbitrary hive...
New Webinar: Closing the Approval Gap in AI-Era Ad Tech
2026-07-15 11:06:57
A single approved marketing tag can quietly load fourth-party code your security team has never seen, granting full access to your forms, customer data, and checkout pages.
This on-demand webinar reveals...
USN-8547-1: Linux kernel vulnerabilities
2026-07-15 10:59:34
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- RISC-V architecture;
...
Cursor Flaw Lets Malicious Cloned Repositories Trigger Windows Code Execution
2026-07-15 10:55:22
Open a repository in Cursor on Windows and, if a file named git.exe is sitting in the project root, Cursor runs it. No click, no approval dialog, no warning that anything in the folder...
U.S. CISA adds SonicWall and Microsoft flaws to its Known Exploited Vulnerabilities catalog
2026-07-15 10:49:45
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SonicWall and Microsoft flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency...
Dell Warns of Critical PowerProtect Data Domain Flaws Allowing Remote Attackers to Take Complete Control
2026-07-15 10:30:18
Dell has recently disclosed two critical vulnerabilities in PowerProtect Data Domain appliances that could allow unauthenticated remote attackers to gain complete control of affected systems. These vulnerabilities...
Ce que risque la France pour ne pas avoir transposé NIS 2
2026-07-15 10:30:00
Bruxelles traîne la France devant la CJUE pour son retard sur NIS 2, avec à la clé une amende forfaitaire et des astreintes journalières.
The post Ce que risque la France pour ne pas avoir transposé...
11 Malicious NuGet Game Cheat Packages Deploy Pepesoft Windows Surveillance Malware
2026-07-15 10:03:46
11 malicious NuGet packages masquerading as game cheats, automation bots, and management “panels” that deploy a Windows payload called pepesoft.exe. The packages were published as .NET command-line...
TuxBot v3: Inside an IoT Botnet Framework With LLM-Assisted Development
2026-07-15 10:00:54
TuxBot v3 Evolution, an IoT botnet framework built with LLMs. Read our analysis of its cross-compiled binaries, C2 architecture and bugs.
The post TuxBot v3: Inside an IoT Botnet Framework With LLM-Assisted...
CISA warns admins to patch actively exploited SharePoint flaws
2026-07-15 09:44:52
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned Tuesday that attackers are actively exploiting three vulnerabilities to hack Internet-exposed on-premises SharePoint Server instances....
L'IA, refrain douloureux pour IBM
2026-07-15 09:38:43
Nouvelle journée noire en Bourse pour IBM, dont l'activité mainframe souffre des réallocations de budgets consécutives à la « course à l'IA ».
The post L’IA, refrain douloureux pour IBM...
140 millions d'euros volés par des arnaques en ligne en Europe : la police démantèle un réseau criminel tentaculaire
2026-07-15 09:21:22
La Police nationale espagnole a démantelé un vaste réseau de cybercriminels. Cette organisation tentaculaire est responsable du vol de 140 millions d'euros dans plusieurs pays européens. Quatre escrocs...
Compromised AsyncAPI npm Packages Deliver Multi-Stage Botnet Malware
2026-07-15 09:16:13
Four compromised npm packages in the @asyncapi namespace have been observed distributing a multi-stage botnet loader, according to findings from OX Security, SafeDep, Socket, and StepSecurity.
The affected...
First VPN santionné par la justice américaine
2026-07-15 09:03:01
Un VPN connu et deux internautes accusés de soutenir des groupes de rançongiciel.
SheetAgent RAT Runs 14 Virtual Machine Checks and Self-Deletes When Analysis Is Detected
2026-07-15 09:02:34
A threat campaign targeting Indian government job seekers is using a recruitment notice for Senior Field Officer positions in the Cabinet Secretariat as a lure to deploy a custom remote access Trojan,...
Top Prediction Market Projects in 2026: From Polymarket to the MEXC Combo Paradigm Shift
2026-07-15 09:02:05
Explore top prediction market projects in 2026, from Polymarket and Kalshi to MEXC Combo and multi-event capital efficiency.
This fake Apple app can unlock your Mac’s password vault
2026-07-15 08:42:03
Disguised as Apple's CrashReporter, CrashStealer steals passwords, browser data, crypto wallets, and other sensitive information.
Doxbin : un faux administrateur condamné au pays de Galles
2026-07-15 08:35:24
Un jeune internaute condamné pour swatting avait usurpé l'identité du véritable administrateur d'un site pirate.
AI's Physical Constraints: How AI Rewired the Data Center
2026-07-15 08:30:51
Explore the five physical limits reshaping AI data centers—from GPU shortages and memory constraints to power, cooling, and grid capacity.
Designing High-Availability Identity Systems Processing Billions of API Calls
2026-07-15 08:30:48
Explore how high-availability identity systems handle billions of API calls with scalable architecture, resilience, security, and reliability.
USN-8546-1: Linux kernel (Raspberry Pi) vulnerabilities
2026-07-15 08:26:52
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
...
Microsoft: Some Dell PCs shut down after recent Windows updates
2026-07-15 08:26:48
Microsoft is blocking this month's Windows 11 security updates on some Dell devices because they are causing shutdowns and performance issues. [...]
The Analyst Trying to Make Enterprise Data Actually Useful
2026-07-15 08:15:22
Discover how Uday Surendra's IEEE research explores cloud-native analytics that unify fragmented enterprise data to improve forecasting and decision-making.
Your Shot List Was Built for a Human Crew. AI Video Generation Needs a Different Document.
2026-07-15 08:09:24
Traditional shot lists assume a crew with memory. AI video models have none. Here is the shot list format that actually survives generation.
Network Discipline: Prioritizing Messages on Constrained Backhaul (Linx + Gateway Patterns)
2026-07-15 08:09:11
Field-tested Linx priority queueing and gateway patterns for the SpecFive Ranger — keeping critical messages alive when backhaul bandwidth runs thin.
AI Is Forcing Us to Rethink the Economic Operating System
2026-07-15 08:05:56
As AI reshapes work, UBI should be seen less as charity and more as human infrastructure for stability, learning, and adaptation.
Vous retardez vos mises à jour Windows ? Microsoft épingle cette mauvaise habitude pour une bonne raison
2026-07-15 08:03:38
Repousser la mise à jour Windows du mardi soir, c'était presque un art de vivre. Microsoft vient d'y mettre fin : trois jours de délai maximum, parce que les pirates ont désormais une IA plus rapide...
Why AI Agents Fail on Messy Enterprise Data
2026-07-15 08:03:08
Real-world data is messy, and it is causing your AI agents to fail silently. Discover the structural engineering fixes needed to handle chaotic data at scale.
Un hébergeur russe au cœur d'un réseau cybercriminel
2026-07-15 08:02:35
Washington accuse la société Media Land d'avoir fourni l'infrastructure ayant soutenu rançongiciels, phishing et fraude.
SonicWall warns of active exploitation of two SMA 1000 zero-days
2026-07-15 08:02:20
SonicWall warns of active attacks exploiting two SMA 1000 zero-days, including a flaw enabling arbitrary command execution. SonicWall confirmed the active exploitation of two zero-day vulnerabilities...
Your Ledger Stores Balances. I Built One That Stores Intentions.
2026-07-15 08:01:43
A blockchain ledger records who owns what. I built one that records what each unit was given for, as a consensus rule, with spending gated by on-chain proof
Fluke - 821,100 breached accounts
2026-07-15 08:01:04
In July 2026, electronic test and measurement equipment company Fluke was targeted in a ShinyHunters "pay or leak" extortion campaign. The group subsequently published more than 100GB of data allegedly...
Open Source, Open Infrastructure, and the Space Between
2026-07-15 08:00:01
When good infrastructure works, most people do not think about it. They might even forget. But when it stops working, everyone notices.
Nigeria Deepens Cybersecurity Efforts as Cybercriminals See More Profits
2026-07-15 08:00:00
The West African country advanced rules to force organizations to disclose cyberattacks, joining other nations in a shift to mandated transparency.
USN-8545-1: Linux kernel (HWE) vulnerabilities
2026-07-15 07:57:03
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
- ARM64 architecture;
...
US charges alleged operators of Russian bulletproof hosting service
2026-07-15 07:45:50
U.S. federal prosecutors have unsealed charges against three Russian nationals, accusing them of providing bulletproof hosting (BPH) services to ransomware gangs that caused over million in damages...
FaceTime Scammers Combine Credential Theft, Remote-Access Apps, and iOS Exploits for Device Takeover.
2026-07-15 07:21:09
Apple-focused scam operations are increasingly using FaceTime as a high-trust social-engineering channel to steal credentials and, in higher-risk cases, prepare victims for device compromise. Apple said...
Microsoft Fixes Multiple Windows RDP Flaws Exposing Sensitive Data Over the Network
2026-07-15 07:03:10
Microsoft has addressed multiple information-disclosure vulnerabilities in the Windows Remote Desktop Protocol (RDP). This widely used service enables remote administration and access to Windows systems....
Nouveau record pour Windows : Microsoft corrige 570 failles de sécurité avec un seul Patch Tuesday
2026-07-15 07:00:47
Microsoft vient de corriger 570 failles de sécurité dans Windows. C'est un nouveau record absolu. Pour débusquer toutes ces failles, Microsoft s'est servi de l'intelligence artificielle. Parmi elles,...
Two Joomla Extensions Hit by Zero-Day File Upload Attacks Before Patches Landed
2026-07-15 06:19:24
CISA added CVE-2026-48939 and CVE-2026-56291 to its Known Exploited Vulnerabilities catalog after automated attackers exploited file upload flaws in iCagenda and Balbooa Forms weeks before either bug...
11 Old Signed UEFI Shims Just Broke Secure Boot on Millions of PCs
2026-07-15 06:06:49
ESET found 11 Microsoft-signed UEFI shims, some over a decade old, that let attackers bypass Secure Boot without a single new exploit.
11 Old Signed UEFI Shims Just Broke Secure Boot on Millions of PCs...
Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands
2026-07-15 05:30:21
SonicWall has warned of active exploitation of two zero-day vulnerabilities impacting Secure Mobile Access (SMA) 1000 series appliances, one of which could be exploited to achieve arbitrary command execution.
The...
Goose Creek - 6,574,121 breached accounts
2026-07-15 05:03:14
In June 2026, a party claiming to have access to data from Goose Creek Candle Company sent emails to a number of the company's customers, claiming the company had a security vulnerability and suffered...
Cribl Adds Agentic Detection Engineering & Boosts SecOps With CardinalOps Deal
2026-07-15 00:05:31
CardinalOps will give Cribl customers the ability to map detection rules and security controls to the MITRE ATT&CK framework. SecOps teams can identify coverage gaps and operationalize threat intelligence....
List of 135 new domains
2026-07-15 00:00:00
.fr abukingcasino[.fr] (registrar: PDR Ltd. d/b/a PublicDomainRegistry.com)
active-recharge[.fr] (registrar: Hostinger operations UAB)
amunracasinoo[.fr] (registrar: PDR Ltd. d/b/a PublicDomainRegistry.com)
banzai-casino-fr[.fr]...
Multiples vulnérabilités dans Microsoft Edge (15 juillet 2026)
15/07/2026
De multiples vulnérabilités ont été découvertes dans Microsoft Edge. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et...
Multiples vulnérabilités dans Microsoft Office (15 juillet 2026)
15/07/2026
De multiples vulnérabilités ont été découvertes dans Microsoft Office. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges...
Multiples vulnérabilités dans Microsoft Windows (15 juillet 2026)
15/07/2026
De multiples vulnérabilités ont été découvertes dans Microsoft Windows. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation...
Multiples vulnérabilités dans Microsoft .Net (15 juillet 2026)
15/07/2026
De multiples vulnérabilités ont été découvertes dans Microsoft .Net. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation...
Multiples vulnérabilités dans Microsoft Azure (15 juillet 2026)
15/07/2026
De multiples vulnérabilités ont été découvertes dans Microsoft Azure. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et...
Multiples vulnérabilités dans les produits Microsoft (15 juillet 2026)
15/07/2026
De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation...
Multiples vulnérabilités dans Microsoft Azure Linux (15 juillet 2026)
15/07/2026
De multiples vulnérabilités ont été découvertes dans Microsoft Azure Linux. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Multiples vulnérabilités dans Google Chrome (15 juillet 2026)
15/07/2026
De multiples vulnérabilités ont été découvertes dans Google Chrome. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Multiples vulnérabilités dans Sonicwall Secure Mobile Access 1000 (15 juillet 2026)
15/07/2026
De multiples vulnérabilités ont été découvertes dans Sonicwall Secure Mobile Access 1000. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et une falsification...
Multiples vulnérabilités dans Apache Tomcat (15 juillet 2026)
15/07/2026
De multiples vulnérabilités ont été découvertes dans Apache Tomcat. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité et un problème de sécurité non...
Multiples vulnérabilités dans les produits SAP (15 juillet 2026)
15/07/2026
De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte...
Vulnérabilité dans Veeam Backup & Replication (15 juillet 2026)
15/07/2026
Une vulnérabilité a été découverte dans Veeam Backup & Replication. Elle permet à un attaquant de provoquer une élévation de privilèges.
Multiples vulnérabilités dans les produits Fortinet (15 juillet 2026)
15/07/2026
De multiples vulnérabilités ont été découvertes dans les produits Fortinet. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de privilèges...
Multiples vulnérabilités dans les produits Siemens (15 juillet 2026)
15/07/2026
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation...
Vulnérabilité dans Schneider Electric EcoStruxure (15 juillet 2026)
15/07/2026
Une vulnérabilité a été découverte dans Schneider Electric EcoStruxure. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
Vulnérabilité dans ESET Inspect Connector (15 juillet 2026)
15/07/2026
Une vulnérabilité a été découverte dans ESET Inspect Connector. Elle permet à un attaquant de provoquer une élévation de privilèges.
Multiples vulnérabilités dans Progress LoadMaster (15 juillet 2026)
15/07/2026
De multiples vulnérabilités ont été découvertes dans Progress LoadMaster. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un contournement de la politique...
Vulnérabilité dans Xen XAPI (15 juillet 2026)
15/07/2026
Une vulnérabilité a été découverte dans Xen XAPI. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
Multiples vulnérabilités dans les produits Citrix (15 juillet 2026)
15/07/2026
De multiples vulnérabilités ont été découvertes dans les produits Citrix. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité...
Vulnérabilité dans Tenable Nessus Agent (15 juillet 2026)
15/07/2026
Une vulnérabilité a été découverte dans Tenable Nessus Agent. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance et un contournement de la politique de sécurité....
Multiples vulnérabilités dans Mozilla Firefox (15 juillet 2026)
15/07/2026
De multiples vulnérabilités ont été découvertes dans Mozilla Firefox. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité et un problème de sécurité non...