Toute l'actualité de la Cybersécurité
AWS adapte Opensearch serverless à l'IA agentique
2026-05-29 15:29:39
La montée en puissance des agents IA oblige les éditeurs et les fournisseurs de cloud à revoir l’architecture de leurs offres. (...)
Malicious NuGet Package as Sicoob SDK Exfiltrates Banking Passwords
2026-05-29 14:37:23
A newly discovered malicious NuGet package masquerading as an official Sicoob software development kit (SDK) has been caught exfiltrating highly sensitive banking credentials, raising serious concerns...
From Attacks to Botnet-Powered Platforms: Inside the DDoS-as-a- Service Market
2026-05-29 14:32:02
DDoS attacks are increasingly being sold like subscription services, complete with pricing tiers, support, and reseller programs. Flare explores how the DDoS-as-a-Service market has evolved from scattered...
Dutch govt disrupts malware botnet with 17 million infected devices
2026-05-29 14:26:36
Dutch authorities have taken offline a massive botnet of 17 million devices and seized more than 200 servers at a local provider that supported the operation. [...]
Typosquatted npm Packages Steal Cloud and CI/CD Secrets From Developer Systems
2026-05-29 14:23:05
A new wave of malicious software packages has been caught stealing cloud credentials and CI/CD pipeline secrets from developer machines, raising fresh alarms about the security of the open-source software...
La Coupe du Monde de football déjà remportée par les pirates Chinois ?
2026-05-29 14:21:30
Faux sites FIFA, billets 2026 et phishing : les supporters visés par une fraude massive.
New ChatGPT Vulnerability Lets Attackers Turn Web Pages Into Phishing Payloads
2026-05-29 14:18:09
A browser-based prompt injection technique that transforms any web page into a phishing delivery surface by exploiting ChatGPT’s page summarization feature, rendering attacker-controlled links,...
Hackers Use Fake Video Player Updates to Deploy Miner and RAT Malware
2026-05-29 14:07:45
Hackers are using a clever trick to get people to install dangerous malware, and most victims have no idea it is happening. By visiting pirated movie and TV show streaming sites, users are met with a...
Snowflake renforce la sécurité des agents IA en rachetant Natoma
2026-05-29 13:41:03
Snowflake a annoncé l’acquisition de la start-up californienne Natoma pour renforcer la gouvernance, la sécurité et la (...)
Un prédateur numérique condamné à 33 ans
2026-05-29 13:37:34
Un prédateur condamné à 33 ans de prison pour chantage sexuel contre plus de 145 enfants en ligne.
Anthropic lève 65 milliards et dépasse OpenAI en valorisation
2026-05-29 13:31:58
Anthropic franchit un cap historique avec une valorisation de 965 milliards $, portée par une croissance commerciale sans précédent.
The post Anthropic lève 65 milliards et dépasse OpenAI en valorisation...
YouTube cible-t-il les VPN sur ses contenus sous licence ?
2026-05-29 13:27:58
YouTube renforce-t-il ses contrôles VPN sur les vidéos géo-restreintes, surtout sportives et sous licence ?
With Complex Cloud Integrations, Small Errors Lead to Major Compromises
2026-05-29 13:00:01
Researchers discover an exploit chain combining over-permissioned roles, secrets discovery, and non-human identities that could have compromised a popular automation service.
Telegram et DeepSeek bousculés en Russie
2026-05-29 12:59:49
Telegram, VPN et DeepSeek subissent des perturbations, entre filtrage présumé et risques cyber.
Chris Lamprecht: The First Person In History To Be Legally Banned From The Internet
2026-05-29 12:40:01
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – May. 28, 2026 – Listen to the podcast A 1997 WIRED story reported on Chris Lamprecht, the first person to...
Google Chrome adds session cookie theft protection for all users
2026-05-29 12:08:08
Google says the Chrome Device Bound Session Credentials (DBSC) security feature is now generally available and is rolling out to all users to prevent account takeovers. [...]
Signal users targeted in backup-stealing phishing attacks
2026-05-29 12:07:24
Cybercriminals are impersonating Signal Support to steal backup recovery keys, giving them access to victims' entire message archives.
'The Com' Cyberattacks Support Violence & Sexploitation
2026-05-29 12:00:00
Your organization's security failures have consequences for everyone else too, since this neo-Nazi-infested criminal gang uses its cyber winnings to support more violent and widespread crimes.
Avec le projet Lightwell, IBM et Red Hat gèrent les patchs des logiciels open source
2026-05-29 11:32:25
En début de semaine Anthropic a dressé un premier bilan du projet Glasswing reposant sur le modèle Mythos. Il revendiqué la (...)
New Russian-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks
2026-05-29 11:31:59
A previously undocumented threat actor dubbed GREYVIBE has been attributed to ongoing and persistent attacks targeting Ukraine and Ukraine-related entities since at least August 2025.
GREYVIBE, per WithSecure,...
Hackers Use Fake Adobe Document Cloud Pages to Deliver ScreenConnect Malware
2026-05-29 11:28:59
A sophisticated phishing campaign is actively targeting financial organizations by using fake Adobe Document Cloud pages to silently install ScreenConnect remote access malware on victim machines. The...
Legitimate-Looking Codex Remote UI Steals OpenAI Codex Authentication Tokens
2026-05-29 11:27:24
A polished, fully functional npm package has been caught secretly stealing OpenAI Codex authentication tokens from developers who trusted it. The package, named codexui-android, presented itself as a...
Oracle Critical Security Update – Patch for 35 New Vulnerabilities Across Products
2026-05-29 11:23:53
Oracle has rolled out its first Critical Security Patch Update (CSPU), delivering 35 new security fixes for serious vulnerabilities across several major product lines, including Oracle Database, Oracle...
DIL Observatory: when the World Escalates, the Underground Responds
2026-05-29 11:20:31
Digital Intelligence Lab (DIL) launches an observatory for reading cyber events as what they actually are: signals of a broader social and geopolitical reality. The timing rarely lies, and the connection...
Acumen Cyber and AttackIQ Partner to Strengthen Cyber Defense Validation
2026-05-29 11:11:39
Acumen Cyber has announced a strategic partnership with AttackIQ to help organizations continuously validate their cyber defenses against real-world threats and reduce exposure to modern attacks. The...
Man sent to prison for selling data of 7 millions elderly Americans
2026-05-29 11:07:07
A North Carolina man was sentenced to more than 10 years in prison for selling the personal information of over 7 million elderly Americans to Jamaican scammers. [...]
Microsoft Calls the Zero-Day Dumps Irresponsible. The Researcher Says Microsoft Started It.
2026-05-29 10:51:26
A researcher dropped 6 Windows zero-days with no warning. Three are now exploited in the wild. Microsoft is angry. The researcher says Microsoft ignored them first. Over the past month, a researcher going...
USN-8338-2: Apache HTTP Server regression
2026-05-29 10:47:55
USN-8338-1 fixed vulnerabilities in Apache HTTP Server. The update
introduced a regression that prevented mod_http2 from loading on Ubuntu
18.04 LTS. This update fixes the problem.
We apologize for the...
What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks
2026-05-29 10:30:00
Shadow AI used to mean employees pasting things they shouldn't into ChatGPT. It now means something bigger: employees building full applications with AI, wiring them into production systems, and publishing...
Mondial 2026 : alerte sur la gigantesque « surface d'attaque »
2026-05-29 10:19:55
La Coupe du Monde 2026 va devoir éprouver la résilience d'une architecture informatique temporaire, hautement distribuée et soumise à une pression cyber maximale.
The post Mondial 2026 : alerte sur...
Google corrige 151 failles de Chrome, dont 22 vulnérabilités critiques
2026-05-29 10:12:43
Google a publié une série de mises à jour majeures pour son navigateur Chrome en mai 2026. L'éditeur a colmaté pas moins de 151 failles de sécurité, dont 22 qualifiées de critiques par les équipes...
US charges Google security engineer with Polymarket insider trading
2026-05-29 10:11:44
A Google security engineer was charged with insider trading after winning .2 million using confidential company data to place bets on the cryptocurrency-based Polymarket decentralized prediction market....
The Deliverability Problem: How New Platforms Are Solving Inbox Placement
2026-05-29 09:53:36
Email still reaches more people than any other digital channel. Getting it to actually land in the inbox…
Pourquoi Mistral AI construit son propre datacenter d'inférence ?
2026-05-29 09:27:16
Opérationnel dès cet été, le site de 10 MW s'appuie sur les infrastructures de Digital Realty, les GPU NVIDIA GB300 et la plateforme de données de VAST Data.
The post Pourquoi Mistral AI construit...
A ,000 Bug. One JSON Field. Every Account on the Platform.
2026-05-29 09:19:27
One intercepted request. One parameter swap. Full access to any account on the platform.I was testing a shopping platform for authentication vulnerabilities.Standard scope. Phone number login, OTP over...
Hacking JSON Web Tokens: How Attackers Exploit API Authentication
2026-05-29 09:15:40
JWTs are trusted by millions of APIs worldwide: yet one small misconfiguration can turn a security feature into an attacker's gatewayWhat You'll LearnIn this blog, you will learn what JWT vulnerabilities...
Cybersploit 1 Walkthrough — OffSec | Beginner Guide & Screenshots
2026-05-29 09:15:21
Cybersploit 1 Walkthrough — OffSec | Beginner Guide & ScreenshotsI'm a professional penetration tester with hands-on red-team experience and OSCP-style practice. I treat every engagement — even...
Advanced Client Side Injection Secrets Leads To (SSRF , Prev Esc)
2026-05-29 09:15:10
Client-Side Injection(Advanced): How Small Bugs Lead To Big Bounties(SSRF , Prev Esc , KeyLogger , 30XSS)الحمد لله والصلاة والسلام على رسول الله وعلى آله وصحبه...
How We Bypassed an Axios Security Patch (CVE-2026–42043): The 16-Million IP Loophole
2026-05-29 09:14:46
When a patch for a critical vulnerability drops in a library downloaded over 500 million times a week, you expect it to be bulletproof. Developers quickly update their package.json, deploy to production,...
Android Lock Screen Bypass via Google Gemini — The Patch That Wasn't (Status: Not Fixed)
2026-05-29 09:12:39
TL;DR: On a fully patched Pixel 6a running Android 16, an attacker with physical access can escape the lock screen in under 60 seconds using Google Gemini's Deep Research feature — no PIN, no...
Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets
2026-05-29 09:11:25
Cybersecurity researchers have discovered a malicious NuGet package that masquerades as a C# software development kit for Sicoob, one of Brazil's largest cooperative financial systems, to siphon client...
Une faille dans le framework Starlette touche plusieurs outils IA
2026-05-29 08:55:33
Selon des experts de la société X4 D-Sec, un seul caractère mal formé dans une requête web peut suffire pour qu’un (...)
Plus nombreux, les incidents IT coûtent cher aux entreprises
2026-05-29 08:54:56
Des pertes financières immédiates jusqu'aux conséquences réputationnelles et boursières, les temps d'arrêt sur (...)
MicrosoftSystem64 Malware Uses HuggingFace Datasets for Stealthy Data Exfiltration
2026-05-29 08:54:28
A newly discovered malware called MicrosoftSystem64 has been quietly stealing data from infected computers by routing stolen files through HuggingFace, the popular AI platform used by researchers and...
Fortinet érige des pare-feux contre les dérives de l'IA
2026-05-29 08:46:22
Fortinet renforce sa gamme de firewalls FortiGate avec les modèles 3500G et 400G, particulièrement adaptés à la protection (...)
Cease, Desist, and Pay Up: How Copyright Trolls Turned Legal Threats Into a Business Model
2026-05-29 08:44:50
Getting a 0 copyright demand for a stock photo of pasta? It's not rights protection. It's industrialized legal intimidation, and it's worth fighting back.
Charter Communications data breach affects 4.9 million accounts
2026-05-29 08:29:40
The ShinyHunters extortion gang stole personal information from 4.9 million accounts after hacking the U.S. telecom giant Charter Communications in early April, according to data breach notification service...
BTMOB RAT Gives Criminals a Point-and-Click Kit to Take Over Your Android Phone
2026-05-29 08:22:04
BTMOB sells Android full-device takeover as a kit, no coding needed. It steals data, records screens, and hands attackers remote control for ,000 lifetime. Most Android malware requires at least some...
Summer Street
2026-05-29 08:00:26
After moving into Cissie Villa, the Emersons reconnect with the Honeychurch circle. Freddy, George, and Mr. Beebe escape social conventions during a wild bathing trip in a woodland pond, symbolizing freedom,...
Claude Mythos : Anthropic va ouvrir les vannes de l'IA qui débusque les failles de sécurité
2026-05-29 07:34:22
Après plusieurs semaines d'accès restreint, Anthropic va ouvrir les portes de Claude Mythos à tous ses clients. Ce modèle d'IA a déjà permis de débusquer plus de 10 000 failles de sécurité. Les...
What's in the container? Analyzing vulnerabilities, risks and protection with Kaspersky Container Security and the KIRA AI assistant
2026-05-29 07:00:51
What are the main risks for container environments: vulnerabilities, supply chain attacks, configuration errors; how to improve container security and how Kaspersky Container Security with the KIRA AI...
Schumann Protocol
2026-05-29 07:00:43
The Emersons officially move into Cissie Villa, forcing Lucy to confront the secret she still hides about George Emerson. Charlotte Bartlett warns her to confess the past to Cecil, but Lucy refuses, allowing...
Malicious RVTools Installer Abuses Sectigo Certificate to Bypass SmartScreen Warnings
2026-05-29 06:39:30
A trusted tool for VMware administrators has been weaponized. Attackers built a fake version of RVTools, a widely used utility for managing virtual infrastructure, and disguised it with a real digital...
Critical Samba Vulnerability Enables Remote Code Execution Attacks
2026-05-29 06:33:03
A critical vulnerability in the Samba printing subsystem, tracked as CVE-2026-4480, has been disclosed, allowing unauthenticated attackers to achieve remote code execution (RCE) on affected systems. The...
Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels
2026-05-29 05:57:41
The North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been attributed to a fresh set of cyber attacks targeting South Korean military and corporate entities through...
Typosquatted npm packages used to steal cloud and CI/CD secrets
2026-05-29 03:04:52
The Mini Shai-Hulud campaign used malicious npm packages to target cloud and CI/CD credentials across developer environments. This report details the attack chain, detection opportunities, and mitigation...
The Trick Behind the AI Magic: Explain AI to Your Manager in Plain English
2026-05-29 02:20:37
TL;DR: A 30-Second Coffee Chat AI Explainer
- Not a magic mind, still amazing: This is a plain-English way to explain AI and LLMs to almost anybody. AI is a powerful text predictor that generates answers...
308 Blog Posts To Learn About Founder Stories
2026-05-29 02:00:32
Let's learn about Founder Stories via these 308 free blog posts. They are ordered by HackerNoon reader engagement data. Visit the Learn Repo or LearnRepo.com to find the most read blog posts about any...
The Crypto Reviewer Earns a 39 Proof of Usefulness Score by Building a Social-Driven Cryptocurrency Ranking Platform
2026-05-29 01:59:59
TheCryptoReviewer ranks crypto coins by real community activity instead of market cap, using age-based tiers so every project has a fair path to #1. It's a social network where crypto communities drive...
The Next Battle in AI Music Is Not Generation — It's Distribution
2026-05-29 01:52:37
AI music platforms have largely solved generation quality, but distribution is becoming the industry's next major challenge. As AI-generated music floods streaming platforms, recommendation systems, creator...
Your Graph Database Treats Edges Like Dumb Pointers. Here's What You're Missing.
2026-05-29 01:51:09
In most graph models edges can only be traversed, not queried, so filtering on edge attributes forces a full scan of thousands of relationships—taking seconds. By treating edges as indexed table rows...
How to Make Docker Builds Smaller and Faster
2026-05-29 01:49:49
Learn practical Dockerfile changes that reduce image size, speed up rebuilds, and improve developer workflows for Python services.
How AI Helps QA Teams Think Beyond Happy Paths
2026-05-29 01:48:02
AI generates test cases fast and vast. Quality engineers make them precise and defensible. The future of QA is knowing the difference — and knowing how to close the gap.
ReaderGo Earns a 38.36 Proof of Usefulness Score by Building an Extensible Multi-View Thinking Tool
2026-05-29 01:46:54
ReaderGo is a unified thinking tool designed to bridge the gap between note-taking, visual canvases, and structured spreadsheets within a single, flexible ecosystem.
How AI Coding Tools Can 10x Developer Productivity — Without Losing Engineering Judgment
2026-05-29 01:45:51
AI coding tools are no longer just autocomplete helpers. They can analyze requirements, inspect codebases, create design documents, generate implementation plans, write tests, review code, and help debug...
Anthropic confirms Claude Mythos-class models will roll out to the public
2026-05-29 00:21:03
Anthropic has confirmed that it plans to bring Mythos-class models to the general public after delaying the rollout due to security risks to public and private software. [...]
Multiples vulnérabilités dans Centreon Web (29 mai 2026)
29/05/2026
De multiples vulnérabilités ont été découvertes dans Centreon Web. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un contournement de la politique...
Multiples vulnérabilités dans les produits Mattermost (29 mai 2026)
29/05/2026
De multiples vulnérabilités ont été découvertes dans les produits Mattermost. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Multiples vulnérabilités dans Elastic Kibana (29 mai 2026)
29/05/2026
De multiples vulnérabilités ont été découvertes dans Elastic Kibana. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à distance...
Multiples vulnérabilités dans Oracle Database Server (29 mai 2026)
29/05/2026
De multiples vulnérabilités ont été découvertes dans Oracle Database Server. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un déni de service à...
Multiples vulnérabilités dans le noyau Linux d'Ubuntu (29 mai 2026)
29/05/2026
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à...
Multiples vulnérabilités dans le noyau Linux de SUSE (29 mai 2026)
29/05/2026
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité...
Multiples vulnérabilités dans le noyau Linux de Red Hat (29 mai 2026)
29/05/2026
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Red Hat. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la...
Multiples vulnérabilités dans le noyau Linux de Debian (29 mai 2026)
29/05/2026
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité...
Multiples vulnérabilités dans les produits IBM (29 mai 2026)
29/05/2026
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation...