Toute l'actualité de la Cybersécurité


Phishing attack hides JavaScript using invisible Unicode trick

2025-02-19 20:14:09
A new JavaScript obfuscation method utilizing invisible Unicode characters to represent binary values is being actively abused in phishing attacks targeting affiliates of an American political action...

Lire la suite »

Russian CryptoBytes Hackers Exploiting Windows Machines To Deploy UxCryptor Ransomware

2025-02-19 19:45:25
The Russian cybercriminal group CryptoBytes has intensified its ransomware campaigns using a modified version of the UxCryptor malware, according to new findings from SonicWall’s Capture Labs threat...

Lire la suite »

The Ultralytics Supply Chain Attack: How It Happened, How to Prevent

2025-02-19 19:23:30
Get details on this recent supply chain attack and how to avoid falling victim to similar attacks. 

Lire la suite »

Protected: zQA Content Editing Styles

2025-02-19 19:20:08
There is no excerpt because this is a protected post.

Lire la suite »

Hackers Inject FrigidStealer Malware on Your macOS Via Fake Browser Updates

2025-02-19 19:10:25
A surge in malicious web inject campaigns has introduced FrigidStealer, a new macOS-specific information stealer, deployed via fake browser update prompts. Cybersecurity firm Proofpoint identified two...

Lire la suite »

Beware! New Fake Browser Updates Deploy NetSupport RAT & StealC Malware on Your Windows

2025-02-19 18:26:44
A sophisticated malware campaign attributed to the SmartApeSG threat actor (also tracked as ZPHP/HANEYMANEY) has targeted users through compromised websites since early 2024, deploying NetSupport RAT...

Lire la suite »

BlackLock Emerging As a Major Player In RaaS With Variants for Windows, VMWare ESXi, & Linux Environments

2025-02-19 18:04:41
Since its emergence in March 2024, the BlackLock ransomware operation (aka El Dorado) has executed a meteoric rise through the ransomware-as-a-service (RaaS) ranks, leveraging custom-built malware and...

Lire la suite »

Take Command | Rapid7's 2025 Cybersecurity Summit: First Look at Our Speaker Lineup

2025-02-19 18:00:00
Take Command Summit 2025 takes place on April 9, 2025, as a fully virtual, one-day event. Don't miss the opportunity to hear from industry leaders, engage with Rapid7 experts, and walk away with actionable...

Lire la suite »

New FrigidStealer infostealer infects Macs via fake browser updates

2025-02-19 17:42:39
The FakeUpdate malware campaigns are increasingly becoming muddled, with two additional cybercrime groups tracked as TA2726 and TA2727, running campaigns that push a new macOS infostealer malware called...

Lire la suite »

Australian fertility services giant Genea hit by security breach

2025-02-19 17:40:32
​Genea, one of Australia's largest fertility services providers, disclosed that unknown attackers breached its network and accessed data stored on compromised systems. [...]

Lire la suite »

Hackers Tricking Users Into Linking Devices to Steal Signal Messages

2025-02-19 17:37:12
Is your Signal, WhatsApp, or Telegram account safe? Google warns of increasing attacks by Russian state-backed groups. Learn…

Lire la suite »

Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for cyber-physical systems protection platforms​​

2025-02-19 17:00:00
We are excited to announce that Gartner has named  Microsoft a Leader in the 2024 Gartner® Magic Quadrant™ for Cyber Physical Systems Protection Platforms. Gartner defines Cyber-physical systems...

Lire la suite »

North Korean Hackers Using Dropbox & PowerShell Scripts To Infiltrate Organizations

2025-02-19 16:39:42
A coordinated cyber espionage campaign, attributed to North Korea's state-sponsored Kimsuky group (APT43), has targeted South Korean businesses, government agencies, and cryptocurrency users since late...

Lire la suite »

Patch Now: CISA Warns of Palo Alto Flaw Exploited in the Wild

2025-02-19 16:39:14
The authentication bypass vulnerability in the OS for the company's firewall devices is under increasing attack and being chained with other bugs, making it imperative for organizations to mitigate the...

Lire la suite »

USN-7277-1: Linux kernel vulnerabilities

2025-02-19 16:34:05
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; ...

Lire la suite »

Falcon Finance And DeXe Protocol Announce Strategic Partnership With M Allocation For Closed Beta

2025-02-19 16:30:11
Falcon Finance announces partnership with DeXe Protocol. DeXE has committed a million allocation to Falcon Finance's closed beta.

Lire la suite »

BingX Unveils New Futures Trading Page, Reinforcing Its Position Among Top 5 Derivatives Platforms

2025-02-19 16:23:45
BingX, a global leading cryptocurrency exchange, has unveiled its new futures trading page. The update comes at a pivotal moment as the platform proudly stands among the world's top five derivatives platforms...

Lire la suite »

AI Can Outsmart You, and Cybercriminals Know It

2025-02-19 16:21:01
The AI revolution has given rise to an arms race in cybersecurity. Novel attack vectors such as model poisoning have emerged. Old attack vectors such as phishing have been supercharged through AI. Organizations...

Lire la suite »

Diffuse And Symbiotic Partner To Introduce Collateral Abstraction In Decentralized Finance

2025-02-19 16:15:17
Diffuse, a zkServerless protocol, has announced a strategic collaboration with Symbiotic to implement Collateral Abstraction. This partnership aims to unlock the untapped potential of assets locked across...

Lire la suite »

Mira Network Launches Klok: A ChatGPT Alternative with Multiple AI Models and Rewards

2025-02-19 16:06:57
Klok is a multi-LLM chat app built on Mira Network's decentralised infrastructure that ensures AI outputs are verified, unbiased and uncompromised. Klok will allow users to participate in multiple AI...

Lire la suite »

Russian Hackers Target Signal Messenger Users to Steal Sensitive Data

2025-02-19 16:05:25
Russian state-aligned threat actors have intensified their efforts to compromise Signal Messenger accounts, targeting individuals of strategic interest, according to the Google Threat Intelligence Group...

Lire la suite »

The HackerNoon Newsletter: The Stupidest Requests on the Dark Web Come from Regular People (2/19/2025)

2025-02-19 16:04:33
How are you, hacker? 🪐 What's happening in tech today, February 19, 2025? The HackerNoon Newsletter brings the HackerNoon ...

Lire la suite »

Hackers Exploit Jarsigner Tool to Deploy XLoader Malware

2025-02-19 16:01:32
Security researchers at AhnLab Security Intelligence Center (ASEC) have uncovered a new campaign leveraging the legitimate JAR signing tool, jarsigner.exe, to distribute the XLoader malware. The attack...

Lire la suite »

Hackers Converting Stolen Payment Card Data into Apple & Google Wallets

2025-02-19 16:00:50
Cybercriminal groups, primarily based in China, are leveraging advanced phishing techniques and mobile wallet technologies to convert stolen payment card data into fraudulent Apple and Google Wallet accounts....

Lire la suite »

Snake Keylogger Targets Chrome, Edge, and Firefox Users in New Attack Campaign

2025-02-19 15:59:29
A new variant of the Snake Keylogger, also known as 404 Keylogger, has been detected targeting users of popular web browsers such as Google Chrome, Microsoft Edge, and Mozilla Firefox. FortiGuard Labs...

Lire la suite »

USN-7276-1: Linux kernel vulnerabilities

2025-02-19 15:58:57
Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted,...

Lire la suite »

Russian CryptoBytes Hackers Target Windows Machines with UxCryptor Ransomware

2025-02-19 15:58:48
The SonicWall Capture Labs threat research team has identified continued activity from the Russian cybercriminal group CryptoBytes, which has been active since at least 2023. This financially motivated...

Lire la suite »

North Korean Hackers Leverage Dropbox and PowerShell Scripts to Breach Organizations

2025-02-19 15:57:38
A recent cyberattack campaign, dubbed “DEEP#DRIVE,” has been attributed to the North Korean Advanced Persistent Threat (APT) group, Kimsuky. The operation, targeting South Korean businesses,...

Lire la suite »

BlackLock Ransomware Targets Windows, VMware ESXi, & Linux Environments

2025-02-19 15:55:59
BlackLock ransomware, first identified in March 2024, has rapidly ascended the ranks of the ransomware-as-a-service (RaaS) ecosystem, becoming the seventh most prolific group on data-leak sites by late...

Lire la suite »

Threat Actors Using Infostealer Malware to Compromise US Security

2025-02-19 15:54:01
A recent cybersecurity investigation has unveiled a troubling reality: U.S. military personnel and employees of major defense contractors, including Lockheed Martin, Boeing, and Honeywell, have been compromised...

Lire la suite »

Next Wave of ‘Scam-Yourself' Attacks Leverages AI-Generated Deepfake Videos

2025-02-19 15:53:03
Cybersecurity experts have uncovered a new wave of “Scam-Yourself” attacks that exploit AI-generated deepfake videos and malicious scripts to deceive users into compromising their own systems....

Lire la suite »

Malware-Infected Signal, Line, and Gmail Apps Alter System Defenses

2025-02-19 15:50:22
A recent cybersecurity analysis has uncovered a campaign targeting Chinese-speaking users through malicious installers of popular applications such as Signal, Line, and Gmail. These backdoored executables...

Lire la suite »

Securing multi-environment deployments: Cloud, on-premise, and air-gapped

2025-02-19 15:45:00
Modern software delivery makes use of many different deployment environments, from public cloud to private cloud and traditional on-premise data centers to highly secured air-gapped systems....

Lire la suite »

INE Security's Cybersecurity and IT Training Enhances Career Stability in Tech

2025-02-19 15:01:55
Cary, North Carolina, 19th February 2025, CyberNewsWire

Lire la suite »

Palo Alto Networks tags new firewall bug as exploited in attacks

2025-02-19 15:38:29
Palo Alto Networks warns that hackers are actively exploiting a critical authentication bypass flaw (CVE-2025-0108) in PAN-OS firewalls, chaining it with two other vulnerabilities to breach devices in...

Lire la suite »

The cyber threat to Universities

2025-02-19 15:23:16
Assessing the cyber security threat to UK Universities

Lire la suite »

Organisational use of Enterprise Connected Devices

2025-02-19 15:11:51
Assessing the cyber security threat to UK organisations using Enterprise Connected Devices.

Lire la suite »

RWPQC 2025 Unites Industry Leaders to Drive Cybersecurity and Quantum Innovation

2025-02-19 15:04:56
SandboxAQ, MITRE, and The Linux Foundation are pleased to present RWPQC Real World Post Quantum Cryptography (RWPQC) 2025, the third annual conference dedicated to advancing cybersecurity in the post-quantum...

Lire la suite »

The Browser Blind Spot: Why Your Browser is the Next Cybersecurity Battleground

2025-02-19 15:02:12
For years, defensive security strategies have focused on three core areas: network, endpoint, and email. Meanwhile, the browser, sits across all of them. This article examines three key areas where attackers...

Lire la suite »

Entity Framework 8 – Partial Classes Tricks You Should Know About

2025-02-19 15:00:04
In EF 8 – Database First approach the generated EF classes cannot be directly extended with additional functionality. To overcome this, we can leverage partial C# classes. This article presents useful...

Lire la suite »

What Is the Board's Role in Cyber-Risk Management in OT Environments?

2025-02-19 15:00:00
By taking several proactive steps, boards can improve their organization's resilience against cyberattacks and protect their critical OT assets.

Lire la suite »

Venture capital firm Insight Partners discloses security breach

2025-02-19 14:45:27
Venture capital firm Insight Partners suffered a cyberattack involving unauthorized access to its information systems. A cyber attack hit venture capital firm Insight Partners, threat actors gained unauthorized...

Lire la suite »

Des pirates russes ciblent les utilisateurs ukrainiens de Signal avec des QR codes QR malveillants

2025-02-19 14:42:36
Dernière découverte du groupe Google Threat Intelligence (Google Cloud Security). L'article complet sur leur blog est ICI. L’étude montre que les acteurs russes exploitent de plus en plus la...

Lire la suite »

Erasing data from donated devices

2025-02-19 14:32:42
How charities can erase personal data from donated laptops, phones and tablets, before passing them on.

Lire la suite »

Palo Alto Warns of Hackers Combining Vulnerabilities to Compromise Firewalls

2025-02-19 14:32:42
Palo Alto Networks has issued urgent warnings as cybersecurity researchers observe threat actors exploiting a combination of vulnerabilities in PAN-OS, the operating system powering its next-generation...

Lire la suite »

Firmware updates on Linux, and using data to influence procurement decisions

2025-02-19 14:31:15
Focused on automating UEFI firmware updates on Windows devices.

Lire la suite »

What exactly should we be logging?

2025-02-19 14:30:18
A structured look at what data to collect for security purposes and when to collect it.

Lire la suite »

An RFC on IoCs – playing our part in international standards

2025-02-19 14:29:22
The NCSC has published a new RFC on Indicators of Compromise to support cyber security in protocol design - and hopes to encourage more cyber defenders to engage with international standards.

Lire la suite »

Cyber Essentials Plus is for charities too!

2025-02-19 14:27:31
Sara Ward, the CEO of Black Country Women's Aid, discusses her organisation's experience of gaining Cyber Essentials Plus certification.

Lire la suite »

New cloud guidance: how to 'lift and shift' successfully

2025-02-19 14:24:38
Henry O discusses the pitfalls of performing a basic ‘lift and shift' cloud migration.

Lire la suite »

Drawing good architecture diagrams

2025-02-19 14:23:01
Some tips on good diagram drafting and pitfalls to avoid when trying to understand a system in order to secure it.

Lire la suite »

So long and thanks for all the bits

2025-02-19 14:19:07
Ian Levy, the NCSC's departing Technical Director, discusses life, the universe, and everything.

Lire la suite »

The future of telecoms in the UK

2025-02-19 14:17:33
NCSC Technical Director Dr Ian Levy explains how the security analysis behind the DCMS supply chain review will ensure the UK's telecoms networks are secure – regardless of the vendors used.

Lire la suite »

Studies in secure system design

2025-02-19 14:16:24
Worked examples for Operational Technology and Virtualised systems, using the NCSC's secure design principles

Lire la suite »

Multiple Vulnerabilities Discovered in NVIDIA CUDA Toolkit

2025-02-19 14:15:32
Unit 42 researchers detail nine vulnerabilities discovered in NVIDIA's CUDA-based toolkit. The affected utilities help analyze cubin (binary) files. The post Multiple Vulnerabilities Discovered in NVIDIA...

Lire la suite »

Ethical Intruders: From Tiger Teams In The 1970's To Today's AI-Powered Security Solutions

2025-02-19 14:02:44
This week in cybersecurity from the editors at Cybercrime Magazine –Read the Full Story in Horizon3.ai Sausalito, Calif. – Feb. 19, 2025 Penetration testing has been shaping cybersecurity for decades—long...

Lire la suite »

Malwarebytes introduces native ARM support for Windows devices

2025-02-19 14:00:00
Malwarebytes now protects ARM-based Windows devices, such as Microsoft's Surface Pro X and Lenovo's Yoga laptops.

Lire la suite »

Rapid7 Fills Gaps in the CVE Assessment Process with AI-Generated Vulnerability Scoring in Exposure Command

2025-02-19 14:00:00
To address this widening gap in vulnerability scoring and ensure our customers are making informed decisions with the most accurate understanding of their current risk posture we're excited to announce...

Lire la suite »

Lee Enterprises Ransomware Attack Compromises ‘Critical' Systems

2025-02-19 13:50:34
Lee Enterprises, one of the largest newspaper publishers in the U.S., has confirmed a cybersecurity attack involving adversarial encryption of critical business applications and data exfiltration through...

Lire la suite »

Hackers Turning Stolen Payment Card Data into Apple & Google Wallets

2025-02-19 13:43:53
Recent advances in cybercrime strategies are reviving the carding sector, with threat actors leveraging stolen credit card data to create fraudulent Apple Pay and Google Wallet accounts.  Dubbed...

Lire la suite »

Vous avez un logiciel malveillant : FINALDRAFT se cache dans vos brouillons

2025-02-19 13:41:58
Au cours d’une récente enquête (référence REF7707), Elastic Security Labs a découvert un nouveau logiciel malveillant ciblant un ministère des affaires étrangères d'un pays d'Amérique...

Lire la suite »

Threat Actors Using Infostealer Malware To Breach Critical US Security

2025-02-19 13:41:46
A new class of cyber threats leveraging infostealer malware kits has compromised critical U.S. military, defense contractor, and federal agency systems, exposing vulnerabilities in national security...

Lire la suite »

Google now allows digital fingerprinting of its users

2025-02-19 13:40:25
Google is allowing its advertizing customers to fingerprint website visitors. Can you stop it?

Lire la suite »

RYT Layer-1 Blockchain Promises Real-World Solutions with Innovative Proof Mechanism

2025-02-19 13:30:12
Layer-1 blockchains form the foundational layer upon which all other decentralized applications and protocols are built. RYT has unveiled its alternate layer-1 blockchain, a platform built on its patented...

Lire la suite »

Oracle9: ELSA-2025-1329: doxygen security Moderate Security Advisory Updates

2025-02-19 13:14:01
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Lire la suite »

Oracle9: ELSA-2025-0936: mingw-glib2 Moderate Security Advisory Updates

2025-02-19 13:14:00
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Lire la suite »

Oracle9: ELSA-2025-20114: NetworkManager Critical Security Advisory Updates

2025-02-19 13:13:56
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Lire la suite »

Oracle8: ELSA-2025-1517: libxml2 security Moderate Security Advisory Updates

2025-02-19 13:13:48
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Lire la suite »

Oracle8: ELSA-2025-20113: NetworkManager Critical Security Advisory Updates

2025-02-19 13:13:46
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Lire la suite »

How Blockchain Games Ensure Transparency and Fairness

2025-02-19 13:10:51
The advancement of technology has also impacted sectors like gaming. Blockchain technology has surfaced as an asset that…

Lire la suite »

Elon Musk n'est pas employé du DOGE selon la Maison Blanche

2025-02-19 13:08:54
Les tentatives de remise en cause du pouvoir d'Elon Musk et de son équipe du DOGE (department of governement efficiency) quant à la fermeture (...)

Lire la suite »

Cybersecurity Talent Crisis: Future Defenders Rise to the Challenge in CTF Showdown

2025-02-19 13:03:27
The UK is facing a cybersecurity talent crisis, with nearly half (44%) of businesses struggling to find professionals equipped to combat the evolving cyber threat landscape, according to the UK Government’s...

Lire la suite »

Macs targeted by infostealers in new era of cyberthreats

2025-02-19 12:51:51
Info stealers are thriving on Mac, with one specific variant accounting for 70% of all info stealer detections at the end of 2024.

Lire la suite »

Product Managers Where They Shouldn't Be: Music Industry Edition

2025-02-19 12:43:08
Product management is the understated powerhouse driving artists to success. Product managers help artists identify and develop a brand, setting the stage for the next chapter.

Lire la suite »

Struggling With DolphinScheduler Setup? This FAQ Can Help

2025-02-19 12:38:41
Struggling with #DolphinScheduler setup? Our latest FAQ covers environment configuration, service startup issues & common errors like database connections & Zookeeper conflicts! 🐬 ✅ Step-by-step...

Lire la suite »

Geospatial Data Holds Immense Value for the Pacific Islands

2025-02-19 12:33:38
The time has come for Pacific Islanders to recognize the treasure we hold in our digital mapping data.

Lire la suite »

10 Best LMS SaaS Platforms for Scalable Online Learning

2025-02-19 12:33:22
The education sector is changing quickly as it adopts digital tools for better learning experiences. These days, learning…

Lire la suite »

SUSE: 2025:0589-1 important: emacs Security Advisory Updates

2025-02-19 12:30:14
* bsc#1237091 Cross-References: * CVE-2025-1244

Lire la suite »

OpenSSH bugs allows Man-in-the-Middle and DoS Attacks

2025-02-19 12:10:24
Two OpenSSH vulnerabilities could allow machine-in-the-middle (MitM) and denial-of-service (DoS) attacks under certain conditions. The Qualys Threat Research Unit (TRU) has discovered two vulnerabilities...

Lire la suite »

Russian phishing campaigns exploit Signal's device-linking feature

2025-02-19 11:59:51
Russian threat actors have been launching phishing campaigns that exploit the legitimate "Linked Devices" feature in the Signal messaging app to gain unauthorized access to accounts of interest. [...]

Lire la suite »

Pangea Founder & CEO, Oliver Friedrichs, Answers 10 Questions for Every Startup Founder

2025-02-19 11:51:26
Founded in 2021 by cybersecurity veterans, Pangea provides AI security guardrails that protect organizations from generative AI threats, offering solutions like AI Guard and Prompt Guard to prevent data...

Lire la suite »

xAI annonce Grok 3

2025-02-19 11:18:17
La start-up d'Elon Musk, xAI, a présenté Grok 3, la dernière version de son grand modèle de langage, que le dirigeant décrit (...)

Lire la suite »

Xerox Versalink Printers Vulnerabilities Could Let Hackers Steal Credentials

2025-02-19 11:17:57
Xerox Versalink printers are vulnerable to pass-back attacks. Rapid7 discovers LDAP & SMB flaws (CVE-2024-12510 & CVE-2024-12511). Update…

Lire la suite »

Kaspersky rapporte près de 900 millions de tentatives de phishing en 2024, dans un contexte de multiplication des cybermenaces

2025-02-19 10:47:11
Les solutions de sécurité de Kaspersky ont bloqué plus de 893 millions de tentatives de phishing en 2024, soit une augmentation de 26 % par rapport à 2023, où le total s’élevait à près de...

Lire la suite »

DORA : un nouveau défi pour le secteur financier

2025-02-19 10:35:09
Depuis le 17 janvier, les institutions financières doivent se conformer à la loi DORA, qui impose des normes strictes de cybersécurité à 20 types d'entités, dont les banques et les assurances....

Lire la suite »

Spam and phishing in 2024

2025-02-19 10:00:31
We analyze 2024's key spam and phishing statistics and trends: the hunt for crypto wallets, Hamster Kombat, online promotions via neural networks, fake vacation schedules, and more.

Lire la suite »

Rapport : les malwares ciblant les endpoints, principalement via des services web légitimes et des documents, sont en hausse de 300%

2025-02-19 09:08:29
Le Threat Lab WatchGuard a également observé une résurgence des malwares de cryptomining, une augmentation des attaques basées sur des signatures et par ingénierie sociale, ainsi qu’une augmentation...

Lire la suite »

2025 s'annonce compliquée pour les DPO

2025-02-19 09:04:46
Chaque trimestre, l’association française des correspondants à la protection des données personnelles (AFCDP) interroge ses (...)

Lire la suite »

U.S. CISA adds SonicWall SonicOS and Palo Alto PAN-OS flaws to its Known Exploited Vulnerabilities catalog

2025-02-19 06:24:17
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SonicWall SonicOS and Palo Alto PAN-OS vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure...

Lire la suite »

Identify the AWS Account ID from a Public S3 Bucket

2025-02-19 05:15:15
Picture By Leonardo AI | AWSScenarioThe ability to expose and leverage even the smallest oversights is a coveted skill. A global Logistics Company has reached out to our cybersecurity company for assistance...

Lire la suite »

OTP Login Rate Limit Bypass — The Easiest Bug for Beginners to Discover

2025-02-19 05:14:57
“This story was originally published on my previous Medium account, which was unfortunately deleted. The original post garnered…Continue reading on InfoSec Write-ups »

Lire la suite »

How I Earned a Hall of Fame Spot at UNESCO by Bypassing 403 Forbidden

2025-02-19 05:11:19
Hello, amazing people and bug bounty hunters! 👋Continue reading on InfoSec Write-ups »

Lire la suite »

Unverified Email Change Flaw on Apps.Target.com: A Sneaky Account Takeover Trick

2025-02-19 05:09:38
READ IT FOR FREEContinue reading on InfoSec Write-ups »

Lire la suite »

Ever Found a Valid Bug/Leaks in JavaScript Files in Bug Bounties?

2025-02-19 05:08:33
Common Mistakes and Practical Techniques to Tackle them to Find Valid Bugs/Leaks in JS FilesContinue reading on InfoSec Write-ups »

Lire la suite »

Retro

2025-02-19 05:05:49
Retro | VulnLabAnd here we go again! It's Maverick, back with another VulnLab machine — this time diving into AD CS, specifically ESC1.Now, if you don't know what AD CS is… well, where have...

Lire la suite »

I Hacked FIDE.com — Call me Hacknus Carlsen!

2025-02-19 05:05:16
As a chess player, I have faced all kinds of pain — blundering my queen, losing to a 900-rated player, and watching my online chess rating…Continue reading on InfoSec Write-ups...

Lire la suite »

Free VPS for penetration testing and bug bounty part 2

2025-02-19 05:00:51
🚨👉 Free Link: click here 👈🚨Continue reading on InfoSec Write-ups »

Lire la suite »

North Korea's Kimsuky Taps Trusted Platforms to Attack South Korea

2025-02-19 02:00:00
The campaign heavily uses Dropbox folders and PowerShell scripts to evade detection and quickly scrapped infrastructure components after researchers began poking around.

Lire la suite »

List of 10 new domains

2025-02-19 00:00:00
.fr anekkefrance[.fr] (registrar: PDR Ltd. d/b/a PublicDomainRegistry.com) drmartensparis[.fr] (registrar: GRANSY s.r.o.) infoguv-amandess[.fr] (registrar: InterNetX GmbH) mondialreiay[.fr] (registrar:...

Lire la suite »

Vulnérabilité dans Mozilla Firefox (19 février 2025)

19/02/2025
Une vulnérabilité a été découverte dans les produits Mozilla. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Lire la suite »

Vulnérabilité dans Joomla! (19 février 2025)

19/02/2025
Une vulnérabilité a été découverte dans Joomla!. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Lire la suite »

Multiples vulnérabilités dans les produits Citrix (19 février 2025)

19/02/2025
De multiples vulnérabilités ont été découvertes dans les produits Citrix. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité...

Lire la suite »

Multiples vulnérabilités dans Google Chrome (19 février 2025)

19/02/2025
De multiples vulnérabilités ont été découvertes dans Google Chrome. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Lire la suite »

Multiples vulnérabilités dans les produits Atlassian (19 février 2025)

19/02/2025
De multiples vulnérabilités ont été découvertes dans les produits Atlassian. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un déni de service à...

Lire la suite »