Toute l'actualité de la Cybersécurité
IT Security Guru picks for Infosecurity Europe 2026
2026-06-01 15:16:57
With Infosecurity Europe kicking off tomorrow, many of us will be fine tuning our schedules and prepping for the festivities to kick off. The Gurus have been busy collecting a selection of unmissable...
La sécurité de l'IA devient un enjeu systémique
2026-06-01 14:53:43
Les entreprises ne peuvent pas sécuriser les agents IA en renforçant la robustesse des modèles sous-jacents. Elles doivent plutôt (...)
USN-8055-2: Evolution Data Server vulnerability
2026-06-01 14:51:47
USN-8055-1 fixed a vulnerability in Evolution Data Server. This update
provides the corresponding update for Ubuntu 18.04 LTS and Ubuntu
20.04 LTS.
Original advisory details:
It was discovered that...
RaccoonLine Publishes 2026 dVPN Buyer's Guide for Privacy-Focused Users
2026-06-01 14:50:01
Roma, Італія, 1st June 2026, CyberNewswire
USN-8357-1: Qt Declarative vulnerability
2026-06-01 14:46:41
It was discovered that Qt Declarative did not properly validate the
width and height attributes of image tags in the Text component of Qt
Quick. An attacker could possibly use this issue to cause Qt Declarative
to...
SmartApeSG Campaign Uses ClickFix Scripts to Infect Windows Hosts With RAT Malware
2026-06-01 14:42:22
A well-known social engineering campaign called SmartApeSG is back in the spotlight, this time using ClickFix scripts to quietly plant remote access malware on Windows computers. The campaign lures victims...
Microsoft investigates Office Apps, Teams file access issues
2026-06-01 14:36:46
Microsoft says an ongoing incident is preventing users of its Teams collaboration platform and Office for the web cloud-based productivity suite from opening files. [...]
Patch Now: Another Palo Alto Auth Bypass Bug Under Active Exploit
2026-06-01 14:35:51
Exploiting the PAN-OS GlobalProtect VPN vulnerability requires certain conditions, but adversaries have done so in two attack waves that started in mid-May.
Multiple Red Hat Cloud Services npm Packages Compromised to Deploy Credential-Stealing Malware
2026-06-01 14:34:58
A significant supply chain attack on June 1, 2026, targeting over 30 official packages under the @redhat-cloud-services npm scope. The campaign, dubbed “Miasma: The Spreading Blight,” is a...
Protection des terminaux : des écarts se créent sur le cœur des offres
2026-06-01 14:32:51
À mesure que s'étend le périmètre d'action des solutions de protection des terminaux, la R&D tend à se détourner du cœur fonctionnel.
The post Protection des terminaux : des écarts se créent...
IA : Ardian et Verne misent 5 milliards € sur une giga infra
2026-06-01 14:07:21
Le fonds Ardian et sa filiale Verne vont investir 5 milliards € dans une giga infrastructure IA de 500 MW en Île-de-France.
The post IA : Ardian et Verne misent 5 milliards € sur une giga infra appeared...
Race Against Time: Why Faster Vulnerability Alerts Matter
2026-06-01 14:00:10
Attackers are exploiting vulnerabilities faster than many organizations can identify and patch them. SecAlerts explains why faster vulnerability alerts can help reduce exposure and improve response times....
⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Attacks, OAuth Phishing and More
2026-06-01 13:59:54
Monday hit like a cron job with anger issues.
A busted auth path here, a repo-side faceplant there, some "patched-ish" thing already getting chewed on in the wild, and then the usual bonus round: poisoned...
Ransomware Operators Keep Business Hours. The Data Proves It
2026-06-01 13:55:20
16,699 ransomware leak posts over 2 years show 84% drop Monday–Friday, peak at European afternoon hours. October spikes yearly. Someone analyzed 16,699 ransomware leak-site posts across 200 groups over...
How to Get a Reddit API Key in 2026: Step-by-Step Guide
2026-06-01 13:31:56
Getting a Reddit API key starts with creating an application through Reddit's developer portal and understanding how its…
85 % des cyberattaques utilisent le protocole RDP pour infiltrer les réseaux en toute discrétion
2026-06-01 13:04:07
{Tribune Expert } - Parce qu'il est profondément intégré aux usages quotidiens des entreprises, le RDP est devenu un vecteur d'attaque privilégié permettant aux attaquants de se fondre dans le...
Nine in Ten Security Leaders Concerned About AI-Generated Code Risks as Salt Security Launches New Governance Tool
2026-06-01 13:01:16
The rapid adoption of AI coding assistants is creating a new governance challenge for enterprise security teams, according to research released by Salt Security, which found that nine in ten security...
CVE-2026-0826: How an Old Bug Can Feed AI-Powered Impersonation
2026-06-01 13:00:00
One of the more persistent myths in security is that old bug classes become old problems. They don't. They just show up in different places, under different conditions, and usually at the exact moment...
CVE-2026-0826: Critical unauthenticated stack buffer overflow in HP Poly VVX and Trio VoIP Phones (FIXED)
2026-06-01 13:00:00
OverviewRapid7 Labs conducted a zero-day research project against an HP Poly VVX 450 Voice over Internet Protocol (VoIP) phone. This research resulted in the discovery of a critical unauthenticated stack-based...
Zero-Click pretalx XSS Flaw Lets Hackers Hijack Conference Organizer Accounts
2026-06-01 12:54:19
pretalx XSS flaw lets attackers hijack conference organizer accounts, steal sessions, auto-accept talks, and demote admins. Patched in v2026.1.0.
USN-8351-1: Linux kernel (Low Latency) vulnerabilities
2026-06-01 12:45:59
It was discovered that the Linux kernel algif_aead module did not properly
handle in-place cryptographic operations. This flaw is known as Copy Fail.
A local attacker could use this to escalate privileges,...
Iranian Hackers Abuse AppDomainManager Hijacking to Evade EDR Detection
2026-06-01 12:40:00
Iranian hackers have taken their cyberespionage playbook to a new level, deploying a sophisticated .NET hijacking technique to slip past endpoint defenses and target organizations across the United States,...
USN-8350-1: Linux kernel (NVIDIA Tegra) vulnerabilities
2026-06-01 12:31:45
It was discovered that the Linux kernel algif_aead module did not properly
handle in-place cryptographic operations. This flaw is known as Copy Fail.
A local attacker could use this to escalate privileges,...
Critical Windows Netlogon RCE flaw now exploited in attacks
2026-06-01 12:30:27
The Centre for Cybersecurity Belgium (CCB), the country's national authority for cybersecurity, warned on Friday that threat actors are now exploiting a recently patched critical Windows Netlogon vulnerability...
SideCopy Hackers Deploy Persistent XenoRAT Malware to Target Afghanistan Finance Ministry
2026-06-01 12:27:32
A Pakistan-linked threat group known as SideCopy has launched a focused cyberattack against Afghanistan’s Ministry of Finance, deploying a persistent remote access tool called XenoRAT. The campaign,...
How to Get the Most From Your Explainer Video Production Services
2026-06-01 12:06:37
Video can simplify a hard offer, shorten sales conversations, and improve recall. Those gains depend on disciplined planning…
La France en tête de l'indépendance technologique européenne
2026-06-01 12:05:15
La France apparaît désormais comme le pays le plus avancé dans la construction d'alternatives numériques souveraines, selon (...)
Une majorité de RSSI toujours prêts à payer les rançons
2026-06-01 12:03:07
Selon une récente enquête d’Absolute Security, plus d’un RSSI sur deux se dit prêt à payer une rançon (...)
Webinar tomorrow: From alert to resolution in network incident response
2026-06-01 12:01:09
Network incidents are often detected quickly, but investigations and coordination can delay resolution. Join our webinar tomorrow to learn how automation and AI-assisted workflows can help IT teams accelerate...
China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan
2026-06-01 11:54:24
A new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent.
According to Seqrite...
Microsoft fixes outage affecting MFA setup, MySignIn service
2026-06-01 11:40:16
Microsoft is working to address an ongoing incident preventing customers from setting up multi-factor authentication (MFA) or accessing the My Sign-Ins platform. [...]
Critical Plesk Vulnerability Let Users Execute Arbitrary Commands on the Server
2026-06-01 11:39:32
A newly disclosed critical vulnerability in Plesk, tracked as CVE-2026-44962, is raising serious security concerns after researchers confirmed it can allow authenticated users to execute arbitrary operating...
CVE-2026-8732: The WP Maps Pro Flaw That Lets Anyone Create a WordPress Admin Without a Password
2026-06-01 11:36:20
CVE-2026-8732 in WP Maps Pro lets unauthenticated attackers create WordPress admin accounts. 2,858 attacks blocked in 24 hours. WP Maps Pro plugin allows WordPress site owners to embed Google Maps and...
The Security Growth Platform: Why MSPs Are Moving Beyond vCISO Tools
2026-06-01 11:30:00
Three years ago, the practical question for an MSP building a cybersecurity practice was which "vCISO platform" to buy. The term was good shorthand for the work at the time: assessments, advisory, reporting,...
Microsoft fixes KB5089549 Windows security update install issues
2026-06-01 10:59:43
Microsoft has resolved a known issue causing installation failures and 0x800f0922 errors when deploying the May 2026 Windows 11 security update (KB5089549). [...]
Iran-Linked Hackers Destroy IT, Backups, and Recovery Systems in Cyberattack targeting Middle East
2026-06-01 10:49:34
Iran-linked hackers have launched a sweeping campaign of digital destruction across the United States and the Middle East, wiping IT systems, erasing backups, and dismantling recovery infrastructure at...
Windows sur Arm : NVIDIA entre officiellement dans la danse
2026-06-01 10:24:20
NVIDIA décline l'architecture DGX Spark en une famille de puces pour les PC Windows, tout en portant l'OS sur DGX Station.
The post Windows sur Arm : NVIDIA entre officiellement dans la danse appeared...
New DriveSurge Threat Actor Uses ClickFix and Fake Updates to Infect Website Visitors
2026-06-01 10:14:29
A newly identified threat actor named DriveSurge has been quietly compromising thousands of legitimate websites to push malware onto unsuspecting visitors. Using a combination of fake browser update pages...
Containers on fire: from container escapes to supply chain attacks
2026-06-01 10:00:06
We break down the primary attack vectors in containerized environments: exposed secrets, privilege misconfigurations, API compromise, and supply chain attacks.
Autonomous Agentic Systems: A Practical Guide to "Always-On" Agents
2026-06-01 09:59:18
A practical guide to designing, operating and scaling “always-on” agents: from basic Agentic Loops to Scalable Autonomous Agentic Systems.
CIFSwitch, a Linux Root Bug Hidden in Plain Sight for 19 Years
2026-06-01 09:55:15
CIFSwitch is a 19-year-old Linux logic bug turning forged CIFS auth keys into root. Affects Mint, CentOS, Rocky, Kali, SLES. CIFSwitch stands apart from typical privilege escalation vulnerabilities because...
How I built local-first memory for Claude Code, Cursor, and Codex - 94.5% LoCoMo recall@10, 70ms p50
2026-06-01 09:48:20
PMB is an open-source MCP memory server for Claude Code, Cursor, and Codex. It runs 100% locally (SQLite + LanceDB), needs zero API keys, and hits 94.5% LoCoMo recall@10 at 70ms p50 - matching or beating...
Microsoft Investigates MFA Setup Failure and MySigns-In Portal Outage
2026-06-01 09:48:05
Microsoft is currently investigating a service disruption affecting users attempting to set up multi-factor authentication (MFA) or access the self-service sign-in portal at mysignins.microsoft.com. The...
AI Is Not a Football Team: Why I'm Still Trying to Figure This Out
2026-06-01 09:40:51
Tired of the AI shouting match? Good. The useful question isn't which team you're on, it's what you're choosing every time you use, fear, or build with it.
Why Institutional Credit Is Moving to Trade Finance Rails
2026-06-01 09:35:55
RWA tokenization reached B in early 2025, dominated by names like BlackRock and JP Morgan on Ethereum and Solana. But trade finance — which handles 80% of global trade and still runs on paper-based...
OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack
2026-06-01 09:31:15
Cybersecurity researchers have disclosed details of a new malicious supply chain campaign that's targeting developers using OpenAI Codex through a legitimate-looking remote web UI.
The tool, named codexui-android,...
Four Reasons Why Strategic QA Is a Fintech Superpower
2026-06-01 09:20:22
With shift-left practices, AI-assisted testing, and standardised governance, a modern QA strategy lets fintech teams ship faster with fewer surprises.
USN-8349-1: rsync vulnerabilities
2026-06-01 09:20:17
Calum Hutton discovered that rsync contained a heap-based out-of-bounds
read when handling file transfers. A remote attacker with read access
to an rsync server could possibly use this issue to cause...
Programmable payment Recovery in Failing Networks
2026-06-01 09:16:27
Every payment system has a gap between sending an instruction and receiving confirmation. In Lagos or Nairobi, that gap is not an edge case. x402-recovery models it as an explicit state machine, so your...
The Great American Grid - Rebooted
2026-06-01 09:08:17
Inside the American power grid — buckling under AI, on fire in the West, and finally being rewired by the people who broke it.
LSN-120-1: Kernel Live Patch Security Notice
2026-06-01 09:05:55
In the Linux kernel, the following vulnerability has been
resolved: KVM: arm64: Tear down vGIC on failed vCPU creation If
kvm_arch_vcpu_create() fails to share the vCPU page with the hypervisor, we
propagate...
Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts
2026-06-01 08:45:29
Threat actors are attempting to actively exploit a critical security flaw impacting WP Maps Pro, a WordPress plugin that has had over 15,000 sales on the Envato Market, to create malicious administrator...
U.S. CISA adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog
2026-06-01 08:36:29
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Networks PAN-OS flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency...
How Binance Is Closing the B Infrastructure Gap Between TradFi and Crypto: Institutional Reporting
2026-06-01 08:35:25
Binance has launched OMS Toolkit, a bundled institutional exchange solution that gives order management system providers and other trading technology platforms native visibility into how their clients...
Konica Minolta renforce la sécurité sur ses derniers multifonctions bizhub
2026-06-01 08:35:00
Konica Minolta ajoute à son portfolio les imprimantes multifonctions bizhub i-Series C268i, 328i et 258i, destinées aux PME et aux grands (...)
Antoine Hennuy nommé RSSI du CHU de Brest
2026-06-01 08:34:14
Depuis avril 2026, Antoine Hennuy remplace Jean-Sylvain Chavanne au poste de RSSI du CHU de Brest et du Groupement Hospitalier de Territoire (...)
Microsoft Tightens Entra ID Password Resets With New Authentication Change
2026-06-01 08:32:54
Microsoft has announced a significant security update to its Entra ID Self-Service Password Reset (SSPR) feature, introducing stricter authentication requirements designed to reduce identity-based attacks....
Your phone called. It needs a cleanup.
2026-06-01 08:31:44
Introducing Android Junk Cleaner. It scans your phone for leftover files, temporary data, and outdated caches that build up and slow down your device.
The Engineering Leader's Guide to AI Tools for Software Development
2026-06-01 08:30:27
Engineering teams now rely on dozens of disconnected AI tools across planning, coding, testing, debugging, and SRE. This fragmentation creates costly context gaps and slower incident resolution. This...
The Greece Directive
2026-06-01 08:30:25
After Lucy breaks off her engagement to Cecil, Windy Corner becomes tense and emotionally fractured. Mr. Beebe learns the news and supports Lucy's sudden desire to escape to Greece with the Miss Alans....
The Hidden Insanity of DynamoDB Pricing
2026-06-01 08:15:04
DynamoDB's pricing model contains several costly quirks that become brutal at scale. From punitive item-size billing and expensive on-demand pricing to hidden Global Tables transfer fees and risky reserved...
17 millions de PC, tablettes et smartphones piratés : un monstrueux botnet a été démantelé aux Pays-Bas
2026-06-01 08:15:00
Les Pays-Bas viennent de démanteler l'un des plus grands botnets jamais enregistrés. Le réseau de 17 millions d'appareils infectés, piloté depuis plus de 200 serveurs hébergés aux Pays-Bas, a été...
Why We Built LiveView: Moving FastNetMon from the Terminal to the Operational Surface
2026-06-01 08:00:04
This article argues that modern DDoS mitigation is largely an automation problem that has already been solved, but observability remains a challenge. It introduces FastNetMon LiveView as a browser-based...
Rapid7 and Exclusive Networks Expand Partnership Across the Nordics
2026-06-01 08:00:00
Building stronger cybersecurity outcomes togetherThe cybersecurity landscape across the Nordics is evolving rapidly. Organizations are facing increasing pressure to modernize security operations, reduce...
Famous Chollima Hackers Target PHP Developers Using Compromised Packagist Package
2026-06-01 07:45:09
A well-known North Korean threat actor has been caught hiding malware inside a legitimate PHP package available through Packagist, the main package repository for PHP projects. The attack takes direct...
Edmunds - 177,860 breached accounts
2026-06-01 07:39:02
In January 2026, the automotive research and car-shopping platform Edmunds was listed by the ShinyHunters hacking group as having been breached. Data purportedly obtained in the incident was later published...
The Pentagon Finally Admits That Location Data Is a Battlefield Problem
2026-06-01 07:18:51
The Pentagon confirmed adversaries are using commercial location data to track U.S. troops, exposing risks tied to smartphones and ad-tech networks. For years, security researchers, privacy advocates,...
A week in security (May 25 – May 31)
2026-06-01 07:01:00
A list of topics we covered in the week of May 25 to May 31 of 2026
How Bug Bounty Hunters Are Using Claude Code.
2026-06-01 06:27:42
The community has been quietly building something powerful. I went and found it.Continue reading on InfoSec Write-ups »
Common Mistakes Made by Cybersecurity Beginners
2026-06-01 06:27:21
Every 8 out of 10 beginners make these common mistakes during the beginning stage of cybersecurityCybersecurity is a vast field. It encompasses many domains, such as Incident Response, SOC, Blue Team,...
Google Dorks Google Ko Bana Do Apna Hacking Tool: Free Mein Bugs Dhundho! (Hinglish Mein)
2026-06-01 06:25:45
Series: Bug Bounty Zero se Hero 🦸 | Article #11By HackerMD | 17 min readAaj Kya Seekhenge?Google Dorks kya hai bilkul basics seKaise kaam karta hai Google index ki powerSabhi operators ek ek deeplyBug...
Interpreter HTB — HackTheBox Walkthrough | By Alham Rizvi
2026-06-01 06:21:48
EnumerationWe begin by mapping the target domain locally so the application resolves correctly.echo "ip interpreter.htb" >> /etc/hostsThis command adds an entry in /etc/hosts, allowing...
« Le meilleur antivirus de 2026 » : l'énorme bourde de Microsoft
2026-06-01 05:52:55
Microsoft a affirmé dans un article de blog que sa protection intégrée était le meilleur antivirus de 2026, avant de supprimer discrètement l'article quelques semaines plus tard. Plusieurs raisons...
Payment apps are watching what you say (Lock and Code S07E11)
2026-06-01 01:52:57
This week on the Lock and Code podcast, we speak with Rainey Reitman about financial censorship that boots customers off major payment apps.
Vulnérabilité dans Kaspersky Anti Targeted Attack Platform (01 juin 2026)
01/06/2026
Une vulnérabilité a été découverte dans Kaspersky Anti Targeted Attack Platform. Elle permet à un attaquant de provoquer un déni de service à distance.
Vulnérabilité dans Keycloak (01 juin 2026)
01/06/2026
Une vulnérabilité a été découverte dans Keycloak. Elle permet à un attaquant de provoquer une atteinte à la confidentialité des données et un contournement de la politique de sécurité.
Vulnérabilité dans Laravel (01 juin 2026)
01/06/2026
Une vulnérabilité a été découverte dans Laravel. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
Multiples vulnérabilités dans les produits NetApp (01 juin 2026)
01/06/2026
De multiples vulnérabilités ont été découvertes dans les produits NetApp. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité...
Multiples vulnérabilités dans les produits Mitel (01 juin 2026)
01/06/2026
De multiples vulnérabilités ont été découvertes dans les produits Mitel. Elles permettent à un attaquant de provoquer une élévation de privilèges.
Vulnérabilité dans Microsoft Azure (01 juin 2026)
01/06/2026
Une vulnérabilité a été découverte dans Microsoft Azure. Elle permet à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Multiples vulnérabilités dans les produits Microsoft (01 juin 2026)
01/06/2026
De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.