Toute l'actualité de la Cybersécurité


USN-8492-1: Linux kernel vulnerabilities

2026-07-01 16:57:11
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; ...

Lire la suite »

Webinar: Why traditional email security is no longer enough

2026-07-01 16:54:22
Modern phishing, business email compromise, and account takeover attacks increasingly exploit trusted identities and legitimate business workflows, making them harder for traditional email defenses to...

Lire la suite »

Fake “Google Notes” Browser Extension Caught Swapping Crypto Wallet Addresses

2026-07-01 16:51:19
McAfee says a Google Notes browser extension is replacing copied crypto payment details, putting wallet transfers at risk for Chrome, Brave, and Microsoft Edge users.

Lire la suite »

Pour 3 Md$, Schneider Electric absorbe Cognite, un concurrent sur l'IA industrielle

2026-07-01 16:47:50
D'origine norvégienne, Cognite a développé une plate-forme DataOps industrielle qu'il a progressivement assortie d'une couche agentique. The post Pour 3 Md$, Schneider Electric absorbe Cognite, un...

Lire la suite »

Hackers target Microsoft 365 accounts with 81 million login attempts

2026-07-01 16:38:01
An aggressive password-spraying campaign targeting Microsoft 365 environments generated more than 81 million login attempts over a two-week period. [...]

Lire la suite »

Indian Govt Halts Meta's WhatsApp Usernames Rollout Over Fraud Concerns

2026-07-01 16:33:37
The Indian government has issued a formal notice to WhatsApp LLC (Meta), directing the platform to justify why regulatory action should not be taken against its newly announced “usernames”...

Lire la suite »

USN-8488-1: Linux kernel vulnerabilities

2026-07-01 16:07:35
It was discovered that some AMD processors did not properly clear data in the floating point divider unit during speculative execution. A local attacker could use this to expose sensitive information....

Lire la suite »

Microsoft named a leader in the Frost Radar for cloud and application runtime security

2026-07-01 16:00:00
Frost & Sullivan names Microsoft a leader as cloud and application security converge into unified, runtime risk reduction. The post Microsoft named a leader in the Frost Radar for cloud and application...

Lire la suite »

Critical Cursor IDE RCE Vulnerabilities Enable Prompt Injection in Zero-Click

2026-07-01 15:59:45
Two critical remote code execution (RCE) vulnerabilities in Cursor IDE, the AI-powered development environment used by more than half of Fortune 500 companies. Cato AI Labs has disclosed two flaws, dubbed...

Lire la suite »

6 security settings every GitHub maintainer should enable this week

2026-07-01 15:59:29
These six free settings will not make your project unhackable. Nothing will. What they will do is close the easy doors. Turn these on, and your project will be meaningfully harder to attack than it was...

Lire la suite »

Turning Indicators into Intelligence in OpenCTI with Criminal IP

2026-07-01 14:00:18
Torrance, California, USA, 1st July 2026, CyberNewswire

Lire la suite »

USN-8491-1: Linux kernel (OEM) vulnerabilities

2026-07-01 15:28:09
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; ...

Lire la suite »

Ousaban Banking Trojan Targets Iberian Bank Users with Fake PDF Lures

2026-07-01 15:26:55
A Brazilian banking trojan called Ousaban is going after Windows users who bank in Spain and Portugal. Fortinet's FortiGuard Labs identified the campaign in May 2026. It opens with a phishing...

Lire la suite »

5 Myths About AI in the SOC Security Teams Need to Rethink

2026-07-01 15:26:27
AI is now part of almost every conversation in security operations. Most teams are already investing in it, experimenting with it, or trying to understand where it fits. The challenge is not whether to...

Lire la suite »

Adobe Patches 7 CVSS 10.0 Flaws in ColdFusion and Campaign Classic

2026-07-01 15:25:46
Adobe has released patches for multiple maximum-severity security flaws impacting Adobe ColdFusion and Adobe Campaign Classic. The ColdFusion updates "resolves critical and important vulnerabilities that...

Lire la suite »

Avec Claude Sonnet 5, Anthropic muscle son modèle médian pour le code et la sécurité

2026-07-01 15:22:32
Anthropic continue d’exécuter sa stratégie de gamme avec le lancement de Claude Sonnet 5, dans la famille modèle (...)

Lire la suite »

USN-8490-1: Linux kernel vulnerabilities

2026-07-01 15:19:04
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; ...

Lire la suite »

'Phantom Squatting': An Emerging AI-Driven Supply Chain Threat

2026-07-01 15:17:14
LLMs consistently hallucinate Web domains for legitimate brands that attackers can register for malicious activity in a difficult-to-detect attack vector.

Lire la suite »

Massive Password Stealing Attack Targeting Microsoft 365 Users With 81 Million Login Attempts

2026-07-01 15:11:40
A large-scale automated password spray campaign is actively abusing Microsoft's Azure Command-Line Interface (CLI) and legacy OAuth flows to compromise Entra ID accounts, despite organizations having...

Lire la suite »

« Ghost Sender » dans Exchange Online : 5 conseils pour les administrateurs IT

2026-07-01 15:06:45
Le phénomène « Ghost Sender » met actuellement en lumière certaines failles de sécurité liées à Exchange Online et Microsoft 365. Tribune par Sören Schulte, expert en sécurité des e-mails chez Retarus....

Lire la suite »

Yes, Websites Can Detect Your VPN. Here's How

2026-07-01 14:57:37
VPNs hide your IP address and encrypt your traffic, but they don't make you invisible. This guide explains how websites detect VPN users through IP reputation databases, browser fingerprints, DNS, IPv6,...

Lire la suite »

The Business Cost of Alert Fatigue: How to Reduce Delays, Escalations for Your SOC as 70% Alerts are Uninvestigated

2026-07-01 14:54:48
Alert fatigue is no longer just an analyst problem. It has become a business problem.  Every unnecessary investigation, delayed escalation, or manual validation consumes valuable SOC resources and...

Lire la suite »

USN-8489-1: Linux kernel (OEM) vulnerabilities

2026-07-01 14:46:32
It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem...

Lire la suite »

How to Connect AI Agents to Live Web Data With Bright Data's MCP Server

2026-07-01 14:44:09
Your AI agent doesn't have a reasoning problem: it has a vision problem. Without access to live web data, even the smartest model is a well-dressed historian. But the fix isn't a better model: it's a...

Lire la suite »

Critical Cursor Flaws Could Let Prompt Injection Escape Sandbox and Run Commands

2026-07-01 14:42:54
Two flaws in Cursor, an AI code editor, could let a single, ordinary-looking prompt break out of the editor's safety sandbox and run any command on a developer's computer. There is no click to fall for...

Lire la suite »

Gestion du SaaS : l'Europe est devenue un point focal

2026-07-01 14:39:05
Les réglementations et la géopolitique aidant, les fournisseurs de solutions autonomes de gestion du SaaS adaptent leur GTM à l'Europe. The post Gestion du SaaS : l’Europe est devenue un point...

Lire la suite »

Fake Interpol Investigation Emails Push Ransomware at Small Businesses Globally

2026-07-01 14:21:58
Fake Interpol investigation emails are targeting small businesses with Proton Drive links that deliver ransomware, encrypt files, and route victims to Tox chat.

Lire la suite »

openSUSE: 2026:21179-1 : lrzip

2026-07-01 14:08:55
An update that solves 3 vulnerabilities and has 3 bug fixes can now be installed.

Lire la suite »

openSUSE: 2026:21176-1 : python-pytest-html

2026-07-01 14:08:54
An update that solves 2 vulnerabilities and has 2 bug fixes can now be installed.

Lire la suite »

openSUSE: 2026:21175-1 : python-zeroconf

2026-07-01 14:08:54
An update that solves 5 vulnerabilities and has 5 bug fixes can now be installed.

Lire la suite »

Apple ‘Hide My Email' Vulnerability Exposes Users' Real Email Addresses

2026-07-01 14:08:39
Apple's “Hide My Email” feature is currently affected by an unpatched vulnerability that allows attackers to discover the real email address behind an anonymized alias, according to researcher Tyler...

Lire la suite »

How to Play KPR's New Eden Dreams

2026-07-01 14:08:18
This beginner's guide explains every major system in New Eden Dreams, including parts collection, crafting, drone orders, XP progression, Pamp's Portal, leaderboards, Keycards, multipliers, and team play....

Lire la suite »

The TechBeat: Why Data Sovereignty is the Key to Personalized Medicine (7/1/2026)

2026-07-01 14:01:15
How are you, hacker? 🪐Want to know what's trending right now?: The Techbeat by HackerNoon has got you covered with fresh content from our trending stories of the day! Set email preference here. ...

Lire la suite »

75 Blog Posts To Learn About Penetration Testing

2026-07-01 14:01:06
Let's learn about Penetration Testing via these 75 free blog posts. They are ordered by HackerNoon reader engagement data. Visit the Learn Repo or LearnRepo.com to find the most read blog posts about...

Lire la suite »

Vulnerability Prioritization Is Missing the AI-Era Point

2026-07-01 14:00:03
Modern software development relies heavily on third-party open source components, which are now being utilized at a staggering scale. This scale has led to real innovation around the world as...

Lire la suite »

Progress Kemp LoadMaster Pre-Auth RCE Flaw Faces Active Exploitation Attempts

2026-07-01 13:56:18
A recently disclosed critical security flaw impacting Progress Kemp LoadMaster is seeing active exploitation attempts, according to an advisory from eSentire's Threat Response Unit (TRU). The Canadian...

Lire la suite »

Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs

2026-07-01 13:55:54
81 Million Login Attempts, 78 Compromised Accounts: The LSHIY Password Spray Hitting Azure CLI Huntress researchers have been tracking a massive automated password spray campaign against Microsoft Azure...

Lire la suite »

Azure CLI Password Spraying: Why Cloud Identity Is Now Linux Security

2026-07-01 13:54:20
Over the span of just 14 days, threat actors unleashed more than 81 million login attempts against Microsoft's Azure command-line interface (CLI). The campaign, which security researchers at Huntress...

Lire la suite »

Mitigating Attacks Before They Impact Infrastructure: Link11 provides next generation network DDoS protection

2026-07-01 12:00:07
Frankfurt am Main, Deutschland, 1st July 2026, CyberNewswire

Lire la suite »

Black Hat USA 2026 For CISOs And Security Leaders

2026-07-01 13:15:57
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Jul. 1, 2026 – Watch the YouTube video “Black Hat USA 2026 is where CISOs come to gain the intelligence...

Lire la suite »

Multiple Fluentd Vulnerabilities Let Attackers Execution Arbitrary Code Remotely

2026-07-01 13:07:26
Several high-severity flaws in the widely used Fluentd log collector could lead to remote code execution (RCE), data leaks, and denial-of-service attacks across multiple components. The most critical...

Lire la suite »

Safe Events Start With Threat Intel and Digital Security

2026-07-01 13:00:00
Planning ahead to defend against cyber threats is the work that keeps events uneventful.

Lire la suite »

AI-Generated Browser Ransomware Abuses Chromium API on Windows and Android

2026-07-01 12:59:19
Cybersecurity researchers have flagged a new malware artifact generated using DeepSeek that constructed a novel attack path combining "unrealistic browser-malware concepts with a real browser capability"...

Lire la suite »

A Weaponized Google Ad Install Malicious Claude Code to Hijack Entire macOS

2026-07-01 12:55:08
A sponsored Google ad impersonating Anthropic's Claude Code CLI has been caught delivering “MacSync Stealer,” a macOS credential harvester that also silently trojans Ledger Live and Ledger Wallet...

Lire la suite »

Apple's AI Push Isn't the Only Thing Getting Users Excited About iOS 27

2026-07-01 12:53:12
This week's 3 Tech Polls newsletter examines HackerNoon readers' favorite iOS 27 features alongside prediction market sentiment on Apple's foldable iPhone plans and future hardware releases. Together,...

Lire la suite »

BioShocking: when “gaming” AI agents is no longer a game

2026-07-01 12:50:59
Researchers warned AI vendors about a proof-of-concept called BioShiocking that tricks agents by gamifying the outcome.

Lire la suite »

Over 900 Oracle E-Business instances exposed to ongoing attacks

2026-07-01 12:30:01
Over 900 Oracle E-Business Suite (EBS) instances have been found exposed online amid ongoing attacks exploiting a critical security flaw. [...]

Lire la suite »

Critical Multiple Adobe ColdFusion Vulnerabilities Enables Arbitrary Code Execution Attacks

2026-07-01 12:22:18
Adobe has released an urgent security update for ColdFusion 2025 and 2023 to fix multiple critical vulnerabilities that could allow arbitrary code execution, privilege escalation, arbitrary file read,...

Lire la suite »

Building more resilient CNI: what industry pen testers told us

2026-07-01 12:00:00
Pen testers suggest what organisations can do to make their job more difficult.

Lire la suite »

Chrome needs another whopper update to fix 382 security bugs

2026-07-01 11:40:49
Google's released a huge update of 382 security fixes, 15 of which were rated as critical. So, it's time to update again!

Lire la suite »

2026 Cybersecurity Assessment: The Gap Between Awareness and Resilience

2026-07-01 11:30:00
Organizations have never had greater awareness of cyber risk. Yet turning that awareness into operational resilience has never been more challenging. The 2026 Bitdefender Cybersecurity Assessment confirms...

Lire la suite »

CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks

2026-07-01 11:26:02
CISA confirms BlueHammer (CVE-2026-33825) is now used in ransomware attacks to gain SYSTEM privileges through Microsoft Defender. BlueHammer, tracked as CVE-2026-33825, has moved from proof-of-concept...

Lire la suite »

Microsoft fixes GIF functionality in the Windows Emoji Panel

2026-07-01 10:52:26
Microsoft has fixed the GIF functionality in the Emoji Panel for Windows 11 users after the provider shut down its service. [...]

Lire la suite »

Microsoft Accelerates Post-Quantum Cryptography Shift to 2029

2026-07-01 10:41:36
Microsoft on Tuesday said it's accelerating its quantum safe security roadmap, stating technology advances in quantum computing are making it essential to replace existing encryption standards sooner...

Lire la suite »

Microsoft empêche les bots indésirables d'accéder aux réunions Teams

2026-07-01 10:41:35
La firme de Redmond a décidé de passer à l’offensive face aux intrusions de bots dans des réunions Teams. Une présence (...)

Lire la suite »

RustDuck: The Botnet That's Still Small but Engineering Like It Plans to Grow

2026-07-01 10:25:04
RustDuck is a small, evolving DDoS botnet migrating to Rust. It uses advanced encryption, anti-analysis evasion, and exploits known IoT flaws. Since February 2026, researchers at QiAnXin’s XLab...

Lire la suite »

Le nouveau modèle de gouvernance de MySQL fait des sceptiques

2026-07-01 10:21:07
Engagé dans une démarche d'ouverture de MySQL, Oracle a structuré un modèle de gouvernance... qui fait la part belle à Google et AWS. The post Le nouveau modèle de gouvernance de MySQL fait des...

Lire la suite »

How I Found an Email Verification Bypass on an AI Freelance Platform

2026-07-01 10:20:40
A simple implementation flaw allowed email verification to be completed without ever opening the verification email.A few weeks ago, I was browsing LinkedIn looking for freelance opportunities when I...

Lire la suite »

Hack Smarter — City Council (Active Directory)

2026-07-01 10:19:48
Hack Smarter - City Council (Active Directory)Can an application for public service requests lead to full domain compromise? You would probably say no. But you're wrong. And I am going to show you why.●...

Lire la suite »

La CNIL cadre l'usage des données de localisation des véhicules connectés

2026-07-01 10:19:14
Que vous soyez en voiture, en scooter ou à vélo connecté, vos données de géolocalisation, captées par les GPS (...)

Lire la suite »

Why Being in the Docker Group Is a Backdoor to Your Whole System

2026-07-01 10:17:11
If you’ve worked with Docker on Linux, you’ve probably encountered this command at least once:Continue reading on InfoSec Write-ups »

Lire la suite »

Is the Android Lock Screen an Illusion? A Critical Logical Bypass Discovered in the Gemini App

2026-07-01 10:17:04
Image generated by Google GeminiNOTE: As of the publication of this article, the vulnerability has been fully patched, and all coordination regarding disclosure was managed directly with the Google VRP team.Introduction:...

Lire la suite »

ChatGPT: Guardrail Bypass to LFI Vulnerability POC

2026-07-01 10:16:35
EXPLOITATION STEPS:Upload a file to the system for review.Request a download link this step requires guardrail bypass to trick the LLM into granting access.Intercept the generated download link to analyze...

Lire la suite »

Auth Bypass is it?

2026-07-01 10:16:29
Target, domains, API keys, bearer tokens, SSO IDs, and organisation names are redacted. This writeup is for educational purposes and…Continue reading on InfoSec Write-ups »

Lire la suite »

LLMborghini: TryHackMe AI Security Challenge

2026-07-01 10:16:11
Exploring Prompt Injection and Jailbreaking Through a Practical AI Security ChallengeContinue reading on InfoSec Write-ups »

Lire la suite »

Asymmetric Signing, Machine Fingerprinting, and Offline Grace Periods: Building a License System…

2026-07-01 10:14:43
Asymmetric Signing, Machine Fingerprinting, and Offline Grace Periods: Building a License System That Actually WorksHow DotScramble protects its Pro tier using Ed25519 cryptography — without phoning...

Lire la suite »

Beyond Canarytokens: Building a DIY Document Tripwire with Passive OS Fingerprinting

2026-07-01 10:14:34
Canarytokens are useful, but rebuilding the primitive by hand shows what the callback really means — and how passive OS fingerprinting can enrich CTI, pentest, and red team analysis.At first, I...

Lire la suite »

Cryptanalysis: Recovering an Affine Encryption Scheme Using GF(2) Linear Algebra

2026-07-01 10:14:27
Welcome to a cryptanalysis challenge. In this challenge, we will learn how a block cipher built entirely from linear components can be broken, and why secure block ciphers require nonlinear components.This...

Lire la suite »

Données non structurées : la faille silencieuse de la cybersécurité

2026-07-01 10:09:52
Alors que les directions des systèmes d’information (DSI) ont massivement investi ces dernières années dans la sécurisation des réseaux, des terminaux et des applications critiques, un angle...

Lire la suite »

The SOC Files: ScreenConnect masked as freeware. An inside look at a large-scale campaign

2026-07-01 10:00:51
Kaspersky experts have uncovered a malicious network infrastructure for delivering AsyncRAT. The Trojan is dropped via compromised ScreenConnect software. In this post, we break down the infection chain...

Lire la suite »

Oracle Linux Important Kernel Patch ELSA-2026-50351 CVE-2026-52943

2026-07-01 09:46:08
The following updated rpms for have been uploaded to the Unbreakable Linux Network:

Lire la suite »

Oracle Linux 9 perl-Archive-Tar Important Security Fix CVE-2026-42496

2026-07-01 09:45:48
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Lire la suite »

Oracle Linux 9 nginx Important Denial of Service Issues ELSA-2026-28212

2026-07-01 09:45:44
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Lire la suite »

Oracle Linux 9 Kernel Important Update Advisory ELSA-2026-25217

2026-07-01 09:45:42
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Lire la suite »

Oracle Linux 9 Kernel Important Security Advisory ELSA-2026-24381

2026-07-01 09:45:41
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Lire la suite »

Oracle Linux 9 OpenSSL Moderate Security Advisory ELSA-2026-22312

2026-07-01 09:45:39
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

Lire la suite »

Oracle Linux 7 Kernel Significant Security Patch ELSA-2026-50353

2026-07-01 09:45:14
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

Lire la suite »

Oracle Firefox Important Security Update ELSA-2026-26551

2026-07-01 09:45:09
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

Lire la suite »

Amazon fined .25M for withholding evidence from fraud victims

2026-07-01 09:43:27
The U.S. Federal Trade Commission (FTC) says Amazon will pay a .25 million civil penalty to settle charges that it blocked identity theft victims' access to transaction records. [...]

Lire la suite »

ChatGPT produced graphic violent images that shocked researchers

2026-07-01 09:10:01
AI assistants like ChatGPT are supposed to have appropriate guardrails to stop people creating harmful content. However, they don't always work.

Lire la suite »

Visual Studio Code restreint l'exécution du code non fiable

2026-07-01 09:06:14
VS Code 1.26 se distingue par l’ajout d’un mode de sécurité pour le code non fiable. L’éditeur affiche désormais (...)

Lire la suite »

Entretien Dion Harris, directeur HPC et IA pour l'industrie chez Nvidia : « Déployer l'informatique confidentielle sans impact sur les performances »

2026-07-01 09:04:30
L’intelligence artificielle soulève diverses préoccupations en matière de sécurité, notamment en ce qui concerne (...)

Lire la suite »

Nobody Reviewed the Model. They Just Reviewed the Code Around It

2026-07-01 09:00:53
A vendor audit found unpinned models running unreviewed remote code via trust_remote_code=True, exposing the AI era's overlooked container supply chain risk.

Lire la suite »

How Small Postgres Metadata Tables Quietly Throttle Your Largest Queries

2026-07-01 08:30:52
Most engineers blame slow time-series queries on massive fact tables, but a small metadata table with stale Postgres statistics can silently become the real bottleneck. This guide shows how outdated ANALYZE...

Lire la suite »

GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents

2026-07-01 08:28:33
Researchers found a shell injection flaw in 10 of 11 popular open-source AI agents, allowing attackers to bypass command filters. Adversa AI just published a survey, titled “GuardFall: a universal...

Lire la suite »

Une faille de sécurité menace 5 milliards de smartphones Apple et Android : voici comment vous en protéger

2026-07-01 08:19:10
Plus de cinq milliards d'appareils Apple et Android se retrouvent exposés à des failles de sécurité majeures touchant AirDrop et Quick Share. Des chercheurs ont découvert qu'un attaquant situé à...

Lire la suite »

No AI Agent Without Identity (Part 5): Auditability and the Minimum Bar for Governed Autonomy

2026-07-01 08:15:29
Part 5 of a 5-part series on agentic AI governance. This article defines the minimum bar for governed AI autonomy: stable agent identity, ownership, runtime lineage, policy decisions, supervision mode,...

Lire la suite »

Alerte Chrome : Google déploie une mise à jour de sécurité massive, 382 failles corrigées d'un coup !

2026-07-01 08:01:37
Google a déniché 382 vulnérabilités dans le code de Chrome, dont quinze failles de sécurité considérées comme critiques. Elles pourraient permettre à un pirate de prendre le contrôle total de...

Lire la suite »

The Compounding Latency Crisis of Multi-Step AI Workflows

2026-07-01 07:53:11
Chaining multiple LLM calls, vector database lookups, and API tools creates a severe performance bottleneck, dragging response times from seconds to minutes. Every sequential step introduces extra network...

Lire la suite »

What 500 People Taught Me About AI That Nobody Else is Talking About

2026-07-01 07:43:07
500 people. 20 hours. 3 lessons about AI that nobody talks about — and why the barrier was never the technology.

Lire la suite »

Adobe patches seven max severity ColdFusion, Campaign flaws

2026-07-01 07:34:52
Adobe has released security patches for seven maximum-severity vulnerabilities in the ColdFusion web app development platform and the Campaign Classic marketing automation platform. [...]

Lire la suite »

Phantom Squatting Uses AI-Hallucinated Domains for Phishing and Malware

2026-07-01 07:20:51
Large language models keep inventing web addresses that do not exist. Attackers have started buying those made-up domains before anyone else can, then hosting phishing pages on them to catch traffic that...

Lire la suite »

LTX-2.3-3DREAL-LoRA Turns 3D Renders Into Photoreal Video

2026-07-01 07:09:45
LTX-2.3-3DREAL-LoRA converts 3D renders, Blender blockouts and game engine footage into photorealistic videos.

Lire la suite »

Anthropic Restores Claude Fable 5 After U.S. Lifts Jailbreak-Linked Export Controls

2026-07-01 06:46:17
Anthropic is putting Claude Fable 5 back online worldwide. On June 30, the U.S. Commerce Department lifted the export controls it had imposed on Fable and its more tightly controlled sibling Mythos...

Lire la suite »

OpenClaw: risks for the users and how to mitigate them

2026-07-01 06:42:48
Researching OpenClaw vulnerabilities, malicious skills, and other security issues with the popular agent, and providing tips on how to mitigate them.

Lire la suite »

Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts

2026-07-01 05:46:03
Cybersecurity researchers have warned of a "massive, ongoing, automated password spray attack" aimed at Microsoft's Azure command-line interface (CLI), compromising dozens of accounts in the process. The...

Lire la suite »

Researcher Analyzes 3,000 Live ClickFix Payloads, Exposing API-Driven Malware Delivery

2026-07-01 05:32:12
ClickFix, the trick that fools people into running malware by hand, has quietly grown a back office. New research shows the malicious commands behind its fake "prove you're human" pages are now handed...

Lire la suite »

Citrix Patches Six NetScaler Flaws Allowing File Read and Denial-of-Service

2026-07-01 03:54:22
Citrix on Tuesday released security updates to address multiple flaws in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that could be exploited by an attacker to facilitate...

Lire la suite »

Phantom Squatting: AI-Hallucinated Domains as a Software Supply Chain Vector

2026-07-01 01:00:11
Attackers can exploit LLM domain hallucinations through phantom squatting to target supply chains. Read the analysis to learn more. The post Phantom Squatting: AI-Hallucinated Domains as a Software Supply...

Lire la suite »

China-Linked Group Targets Southeast Asia Critical Systems

2026-07-01 01:00:01
The group compromised at least 10 regional organizations, including two state-owned entities, and deployed a new backdoor.

Lire la suite »

Anthropic to restore Claude Fable access on Wednesday

2026-07-01 00:35:14
Anthropic has confirmed that the Department of Commerce has lifted export controls on Claude's two most powerful models, Fable 5 and Mythos 5. [...]

Lire la suite »

Vulnérabilité dans Mozilla Firefox (01 juillet 2026)

01/07/2026
Une vulnérabilité a été découverte dans Mozilla Firefox. Elle permet à un attaquant de provoquer une exécution de code arbitraire.

Lire la suite »

Multiples vulnérabilités dans Adobe ColdFusion (01 juillet 2026)

01/07/2026
De multiples vulnérabilités ont été découvertes dans Adobe ColdFusion. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation...

Lire la suite »

Multiples vulnérabilités dans les produits Citrix (01 juillet 2026)

01/07/2026
De multiples vulnérabilités ont été découvertes dans les produits Citrix. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité...

Lire la suite »