Toute l'actualité de la Cybersécurité
A security flaw at DavaIndia Pharmacy allowed attackers to access customers' data and more
2026-02-16 19:22:06
A security flaw at DavaIndia Pharmacy exposed customer data and gave outsiders full admin control of its systems. DavaIndia is a large Indian pharmacy retail chain focused on selling affordable generic...
Eurail says stolen traveler data now up for sale on dark web
2026-02-16 19:19:09
Eurail B.V., the operator that provides access to 250,000 kilometers of European railways, confirmed that data stolen in a breach earlier this year is being offered for sale on the dark web. [...]
Man arrested for demanding reward after accidental police data leak
2026-02-16 19:13:39
Dutch authorities arrested a 40-year-old man after he downloaded confidential documents that had been mistakenly shared by the police and refused to delete them unless he received "something in return."...
Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens
2026-02-16 18:43:00
Cybersecurity researchers disclosed they have detected a case of an information stealer infection successfully exfiltrating a victim's OpenClaw (formerly Clawdbot and Moltbot) configuration environment.
"This...
Study Uncovers 25 Password Recovery Attacks in Major Cloud Password Managers
2026-02-16 18:06:00
A new study has found that multiple cloud-based password managers, including Bitwarden, Dashlane, and LastPass, are susceptible to password recovery attacks under certain conditions.
"The attacks range...
Operation DoppelBrand: Weaponizing Fortune 500 Brands
2026-02-16 18:05:55
The GS7 cyberthreat group targets US financial institutions with near-perfect imitations of corporate portals to steal credentials and gain remote access.
Noodlophile Malware Creators Evolve Tactics with Fake Job Postings and Phishing Lures
2026-02-16 17:57:53
The Noodlophile information stealer, originally uncovered in May 2025, has significantly evolved its attack strategies to bypass security measures. Initially, this malware hid behind deceptive advertisements...
Infostealer malware found stealing OpenClaw secrets for first time
2026-02-16 17:32:26
With the massive adoption of the OpenClaw agentic AI assistant, information-stealing malware has been spotted stealing files associated with the framework that contain API keys, authentication tokens,...
Pour ses agents IA, OpenAI recrute le créateur d'OpenClaw
2026-02-16 17:24:39
En quête d'un responsable de l'IA agentique, OpenAI a trouvé la personne idéale. Il vient en effet d'embaucher Peter Steinberg, créateur (...)
Beware of Fake Shops from Threat Actors to Attack Winter Olympics 2026 Fans
2026-02-16 17:19:51
Cybercriminals are targeting fans of the Milano Cortina 2026 Winter Olympics through an extensive network of fake online merchandise stores designed to steal payment information and personal data from...
WinCalls, l'anti-arnaques qui coupe avant la sonnerie
2026-02-16 17:15:34
WinCalls bloque les appels indésirables et usurpation en local, avec règles ARCEP, NPV, masqués, étranger....
Evaluating 5 Best Security Platforms for Hybrid Cloud Environments
2026-02-16 17:13:10
Securing a hybrid cloud environment can be complex. As workloads move to on-premises data centers…
Evaluating 5 Best Security Platforms for Hybrid Cloud Environments on Latest Hacking News | Cyber...
Top 5 Software Development Companies for Law Firms
2026-02-16 17:02:53
Law firms don't just need “an app.” They need secure, permission-based systems that protect client…
Top 5 Software Development Companies for Law Firms on Latest Hacking News | Cyber Security...
Meet Twilio Segment: HackerNoon Company of the Week
2026-02-16 17:00:04
Twilio Segment is a customer data platform (CDP) that helps you collect, clean, and activate your customer data.
Une panne de stockage empêche les collectivités locales de gérer leurs comptes
2026-02-16 16:38:03
Depuis le 5 février, plusieurs collectivités locales et certains établissements hospitaliers sont dans l’incapacité de (...)
Single IP Dominates Exploitation Campaign Attacking Ivanti EPMM with RCE Vulnerability
2026-02-16 16:10:40
A critical remote code execution (RCE) flaw in Ivanti Endpoint Manager Mobile (EPMM), tracked as CVE-2026-1281, is being heavily exploited. GreyNoise shows that 83% of observed attacks come from a single...
Ces robots aspirateurs pouvaient transmettre des vidéos et cartographies de l'intérieur des maisons !
2026-02-16 16:03:38
Une faille de sécurité majeure a permis l'accès à distance à des milliers d'aspirateurs robots connectés Romo de la marque DJI. Au-delà du l'exploit involontaire d'un informaticien, c'est...
De la BI à la DI, un glissement surtout terminologique ?
2026-02-16 16:03:19
Le premier Magic Quadrant de la DI (decision intelligence) réunit 17 fournisseurs, dont 3 classés dans celui de la BI.
The post De la BI à la DI, un glissement surtout terminologique ? appeared first...
Joomla Novarain/Tassos Framework Vulnerabilities Enables SQL injection and Unauthenticated File Read
2026-02-16 15:50:36
Websites running the Novarain/Tassos Framework are vulnerable to critical security flaws that allow unauthenticated file read, file deletion, and SQL injection attacks, potentially leading to remote code...
Faille critique zero-day dans Chrome : l'action urgente que Google demande de faire soi-même
2026-02-16 15:23:15
Voici la première faille zero-day du millésime 2026 pour Google Chrome et elle est déjà exploitée par les pirates. Autant dire qu'il est urgent d'appliquer la toute nouvelle mise à jour critique...
Des cybercriminels pillent les capacités de raisonnement de Gemini
2026-02-16 15:16:49
Un rapport trimestriel sur les menaces publié par le Threat Intelligence Group de Google met en avant une campagne impliquant plus de 100 000 prompts (...)
{ Tribune Expert } – L'IA au travail : détecter les menaces, sécuriser les usages
2026-02-16 15:15:14
L'IA générative est devenue un outil clé dans le monde professionnel, mais elle expose les entreprises à de nouveaux risques cyber. Voici quelques risques et solutions possibles.
The post { Tribune...
Passwords to passkeys: Staying ISO 27001 compliant in a passwordless era
2026-02-16 15:02:12
Password-based authentication is increasingly risky as organizations adopt passkeys to strengthen security and meet ISO/IEC 27001 requirements. Passwork explains how to align passwordless adoption with...
ShinyHunters leaked 600K+ Canada Goose customer records, but the firm denies it was breached
2026-02-16 15:01:23
ShinyHunters leaked 600,000+ Canada Goose customer records, though the company insists its systems were not breached. Data extortion group ShinyHunters has published over 600,000 Canada Goose customer...
Hackers Can Weaponize ‘Summarize with AI' Buttons to Inject Memory Prompts Into AI Recommendations
2026-02-16 14:59:46
A new security threat has emerged targeting users of AI assistants through a technique called AI Recommendation Poisoning. Companies and threat actors embed hidden instructions in seemingly harmless “Summarize...
GPT-5.3 Codex vs. Claude Opus 4.6: Which Coding Assistant Should New Developers Choose?
2026-02-16 14:59:42
This hands-on comparison tests GPT-5.3 Codex and Claude Opus 4.6 across app building, debugging, and architectural review to determine which AI coding assistant better supports beginner developers. Codex...
An Image Engineer's Notes, Part 2: Good Image Quality Starts with "Light"
2026-02-16 14:34:45
Optical system is the first gatekeeper of image quality, yet it is also the most easily overlooked bottleneck. Even the most advanced algorithms are like building a skyscraper on quicksand—inefficient...
Caleb's Vein: The Fungus That Changed the Solar System
2026-02-16 14:24:37
Caleb Morse is the last registered owner of Shaft 19-B, a nickel hole the survey crews wrote off as dead. He found a narrow seam of black shale nobody had ever logged, threaded with pale fibers that glowed...
Refactoring 038: Reifying Collections for Type Safety
2026-02-16 14:20:37
Passing raw arrays or lists across your system leads to duplicated logic, weak encapsulation, and hidden business rules. By reifying collections into dedicated, type-safe objects, you align your code...
New Clickfix Variant ‘Matryoshka' Attacking Users to Deploy macOS Stealer Malware
2026-02-16 14:11:48
A sophisticated social engineering campaign targeting macOS users has emerged, deploying a dangerous stealer malware through an evolved version of the ClickFix attack technique. Named “Matryoshka”...
USN-8044-1: alsa-lib vulnerability
2026-02-16 14:01:32
It was discovered that alsa-lib incorrectly handled the topology mixer
control decoder. A local attacker could use a specially crafted topology
file to cause alsa-lib to crash, resulting in a denial of...
Pourquoi Peter Steinberger quitte OpenClaw pour OpenAI
2026-02-16 14:00:31
Le créateur de l'agent IA open-source rejoint les équipes de Sam Altman pour développer la prochaine génération d'agents. Un recrutement stratégique qui confirme l'offensive d'OpenAI sur ce segment.
The...
260K+ Chrome Users Duped by Fake AI Browser Extensions
2026-02-16 14:00:00
30 copycat apps tricked users, and Google itself, into thinking they're legitimate AI tools.
Ransomware Threatens SMBs. Cyberinsurance Isn't Always A Financial Backstop.
2026-02-16 13:57:11
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Feb. 16, 2026 –Read the full story in Forbes Cybercriminals are no longer concentrating their efforts on large...
USN-8043-1: GnuTLS vulnerabilities
2026-02-16 13:53:33
Tim Scheckenbach discovered that GnuTLS incorrectly handled malicious
certificates containing a large number of name constraints and subject
alternative names. A remote attacker could possibly use this...
Maintaining DKIM Integrity for Linux-Based Email Servers in Operation
2026-02-16 13:39:37
If you run Postfix, Exim, or OpenSMTPD on Linux, DKIM is already your problem. The private key lives on your box. If that key leaks or signing stops, your domain reputation moves without you.
LockBit's New 5.0 Version Attacking Windows, Linux and ESXI Systems
2026-02-16 13:39:33
A dangerous new version of LockBit ransomware has emerged, targeting multiple operating systems and threatening businesses worldwide. LockBit 5.0, released in September 2025, represents a major upgrade...
Ubuntu 24.04 LTS USN-8025-2 .NET Critical Bypass CVE-2026-21218
2026-02-16 13:32:55
.NET could be made to bypass security features.
Ubuntu 24.04 LTS Expat Critical Denial of Service USN-8022-2 CVE-2026-24515
2026-02-16 13:32:36
Several security issues were fixed in Expat.
IDS vs IPS: Blocking Traffic with Snort (Risks, Rules, and Reality)
2026-02-16 13:32:29
Intrusion detection and prevention systems are often treated as interchangeable. IPS is often described as IDS with blocking turned on. That sounds simple, but the moment traffic runs inline, mistakes...
Palo Alto Networks Completed Acquisition of Identity Security Firm CyberArk
2026-02-16 13:28:00
Palo Alto Networks has finalized its acquisition of CyberArk, a leading identity security firm, in a landmark billion deal. This completion, announced on February 11, 2026, positions identity security...
ClickFix added nslookup commands to its arsenal for downloading RATs
2026-02-16 13:09:37
Microsoft researchers found a ClickFix campaign that uses the nslookup tool to have users infect their own system with a Remote Access Trojan.
Gold, Pride, and a Locked Door: A Son's Final Goodbye
2026-02-16 13:00:02
In Chapter II, Henry Ivraine confronts his miserly father over money, dignity, and a life of emotional captivity at Paradise estate. Refusing to endure further humiliation, he walks away from wealth and...
How I Removed a Rogue "u######" Service Hiding in DcomLaunch
2026-02-16 12:59:00
A friend's laptop became noticeably slow and she asked me to take a look. What I found was a specific persistence pattern: a randomly named Windows service. I turned the manual steps into a single workflow...
Weekly Recap: Outlook Add-Ins Hijack, 0-Day Patches, Wormable Botnet & AI Malware
2026-02-16 12:55:00
This week's recap shows how small gaps are turning into big entry points. Not always through new exploits, often through tools, add-ons, cloud setups, or workflows that people already trust and rarely...
New ZeroDayRAT Attacking Android and iOS For Real-Time Surveillance and Data Theft
2026-02-16 12:33:38
ZeroDayRAT is a new mobile spyware platform sold openly through Telegram, with activity first observed on February 2, 2026. It targets Android (5–16) and iOS (up to 26), giving attackers one cross-platform...
CISA gives feds 3 days to patch actively exploited BeyondTrust flaw
2026-02-16 12:33:11
CISA ordered U.S. government agencies on Friday to secure their BeyondTrust Remote Support instances against an actively exploited vulnerability within three days. [...]
Sommet de l'IA 2026 : comment l'Inde veut tracer sa voie
2026-02-16 12:31:17
Entre course au compute, régulation et IA au service du développement, New Delhi joue veut prouver qu'elle peut tracer une quatrième voie face aux modèles américain, européen et chinois.
The post...
SUSE 15 SP6 Kernel Important Security Update 2026-0548-1 CVE-2025-38111
2026-02-16 12:30:17
An update that solves five vulnerabilities can now be installed.
openSUSE 15 SP6 Kernel Essential Update Notice SUSE-SU-2026-0458-1
2026-02-16 12:30:17
An update that solves five vulnerabilities can now be installed.
SUSE Linux Enterprise 15 SP6 Kernel Important Security Update 2026-0550-1
2026-02-16 12:30:11
An update that solves three vulnerabilities can now be installed.
openSUSE 15.6 Kernel Important Security Fix 2026-0550-1
2026-02-16 12:30:11
An update that solves three vulnerabilities can now be installed.
Microsoft alerts on DNS-based ClickFix variant delivering malware via nslookup
2026-02-16 12:24:39
Microsoft warns of a new ClickFix variant that tricks users into running DNS commands to fetch malware via nslookup. Microsoft has revealed a new ClickFix variant that deceives users into running a malicious...
Voyage Privé confirme un accès non autorisé via un partenaire
2026-02-16 12:22:35
Voyage Privé réagit à l'alerte ZATAZ et évoque un accès non autorisé via un partenaire du 3 au 5 février....
Critical Airleader Vulnerability Exposes Systems to Remote Code Execution Attacks
2026-02-16 12:16:03
A newly disclosed vulnerability in an industrial control system (ICS) monitoring solution has raised concerns across multiple critical infrastructure sectors. Published by CISA under advisory code ICSA-26-043-10,...
Safe and Inclusive E‑Society: How Lithuania Is Bracing for AI‑Driven Cyber Fraud
2026-02-16 11:55:00
Presentation of the KTU Consortium Mission ‘A Safe and Inclusive Digital Society' at the Innovation Agency event ‘Innovation Breakfast: How Mission-Oriented Science and Innovation Programmes Will...
Inquiétudes sur la fiabilité de l'IA industrielle
2026-02-16 11:54:02
Les systèmes industriels au coeur des infrastructures critiques des Etats sont-ils en danger ? C’est ce que pense le Gartner qui, dans un (...)
Des milliers de comptes Outlook volés via une extension délaissée
2026-02-16 11:26:16
Conçu pour connecter différents calendriers professionnels et personnels et partager plus facilement ses disponibilités, le module (...)
Comment ServiceNow se construit par croissance externe
2026-02-16 11:23:39
En filigrane de son virage agentique/data fabric, ServiceNow en est à une quizaine d'acquisitions depuis début 2023.
The post Comment ServiceNow se construit par croissance externe appeared first on...
Trapped in a Miser's Mansion: Two Brothers Plot Their Escape
2026-02-16 11:15:06
In a desolate Lincolnshire estate ruled by a miserly father, brothers Ernest and Henry Ivraine live in emotional and financial captivity. While Ernest endures in silence, Henry refuses to wait for inheritance...
Google automatise la révision de code dans Conductor
2026-02-16 11:01:44
Dévoilé en décembre dernier, Conductor AI propose aux développeurs des fonctions de planification et d’exécution (...)
Laurent Martini nommé directeur général EMEA d'Anaplan
2026-02-16 11:00:36
Anaplan confie la direction de sa région Europe, Moyen-Orient et Afrique à Laurent Martini, un vétéran du SaaS fort de 20 ans d'expérience.
The post Laurent Martini nommé directeur général EMEA...
Scaling on Demand: How Serverless Architectures Empower Agile and High-Performing Platforms
2026-02-16 11:00:07
Serverless architecture is a revolution in the way apps are built, implemented, and scaled. It is well integrated into workflows, whereby, to the extent that the development home base is in MacOS, cloud...
New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Theft
2026-02-16 10:24:00
Cybersecurity researchers have disclosed details of a new mobile spyware platform dubbed ZeroDayRAT that's being advertised on Telegram as a way to grab sensitive data and facilitate real-time surveillance...
How I Built a Fail-Safe Legal AI Engine for Singapore Laws Using Triple-Model RAG
2026-02-16 10:21:22
Operate under Singaporean laws and policies with a high-precision RAG engine with a triple-AI failover backend (Gemini/Llama/Groq). Constructed using Python and FAISS for semantic search, this open-source...
Google fixes first actively exploited Chrome zero-day of 2026
2026-02-16 10:10:46
Google patched Chrome zero-day CVE-2026-2441, a high-severity CSS use-after-free flaw actively exploited in the wild. Google has released urgent security updates to address a high-severity zero-day vulnerability,...
Versa Networks ajoute davantage d'IA à sa plateforme SASE
2026-02-16 10:04:48
La plateforme VersaONE Universal SASE s’étoffe afin de mieux protéger les actifs des entreprises et d'aider ses clients à améliorer (...)
USN-8042-1: FreeRDP vulnerabilities
2026-02-16 10:04:47
It was discovered that FreeRDP incorrectly handled memory under certain
circumstances, which could lead to a NULL pointer dereference. An
attacker could possibly use this issue to cause a denial of service.
(CVE-2026-23948)
It...
Google Ads and Claude AI Abused to Spread MacSync Malware via ClickFix
2026-02-16 09:37:47
Cybersecurity experts at Moonlock Lab have discovered a new ClickFix attack. Hackers are using hijacked Google Ads and fake Claude AI guides to trick Mac users into installing the data-stealing MacSync...
The Hard Truth About Machine Learning for Amazon FBA Sellers
2026-02-16 09:30:36
Amazon FBA demand forecasting breaks because the data is sparse, messy, and constantly shifting. Prophet and vanilla LSTMs often overfit and collapse under seasonality shifts. Real gains come from better...
Japanese sex toys maker Tenga discloses data breach
2026-02-16 08:31:24
Sex toy maker Tenga says a hacker accessed an employee's email account, potentially exposing customer names, emails, and order details. TENGA Co., Ltd. is a Tokyo-based Japanese sexual wellness and...
Stop Guessing Thread Pool Sizes: How to Plug AI into Spring Batch Safely
2026-02-16 08:30:17
Hard coding thread pool sizes in Spring Batch rarely works well in real production systems, where load and conditions constantly change. This article explains how to use executor based concurrency, fix...
Google patches first Chrome zero-day exploited in attacks this year
2026-02-16 08:19:19
Google has released emergency updates to fix a high-severity Chrome vulnerability exploited in zero-day attacks, marking the first such security flaw patched since the start of the year. [...]
A week in security (February 9 – February 15)
2026-02-16 08:02:00
A list of topics we covered in the week of February 9 to February 15 of 2026
USN-8022-2: Expat vulnerabilities
2026-02-16 07:59:27
USN-8022-1 fixed vulnerabilities in Expat. This update provides the
corresponding updates for Ubuntu 24.04 LTS.
Original advisory details:
It was discovered that Expat incorrectly handled the initialization...
USN-8025-2: .NET vulnerability
2026-02-16 07:49:37
USN 8025-1 fixed a vulnerability in .NET. This update provides the
corresponding fix for Ubuntu 24.04 LTS.
Original advisory details:
Kevin Jones discovered that the System.Security.Cryptography.Cose
...
APOIA.se - 450,764 breached accounts
2026-02-16 07:31:43
In December 2025, a database of the Brazilian crowdfunding platform APOIA.se was posted to an online forum. In January 2026, the company confirmed it had suffered a data breach. The incident exposed 451k...
New Chrome Zero-Day (CVE-2026-2441) Under Active Attack — Patch Released
2026-02-16 06:38:00
Google on Friday released security updates for its Chrome browser to address a security flaw that it said has been exploited in the wild.
The high-severity vulnerability, tracked as CVE-2026-2441 (CVSS...
Canada Goose investigating as hackers leak 600K customer records
2026-02-16 04:45:32
ShinyHunters, a well-known data extortion group, claims to have stolen more than 600,000 Canada Goose customer records containing personal and payment-related data. Canada Goose told BleepingComputer...
New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS
2026-02-16 00:29:00
Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns. [...]
List of 16 new domains
2026-02-16 00:00:00
.fr acces-compte[.fr] (registrar: Edomains LLC)
acpr-banquefrance[.fr] (registrar: IONOS SE)
ar24post[.fr] (registrar: AMEN / Agence des Médias Numériques)
billetterie-ffr[.fr] (registrar: EPAG Domainservices...
Vulnérabilité dans Google Chrome (16 février 2026)
16/02/2026
Une vulnérabilité a été découverte dans Google Chrome. Elle permet à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur. Google indique que la vulnérabilité CVE-2026-2441...
Multiples vulnérabilités dans les produits Mattermost (16 février 2026)
16/02/2026
De multiples vulnérabilités ont été découvertes dans les produits Mattermost. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.