Toute l'actualité de la Cybersécurité
CISA orders feds to patch exploited Ivanti EPMM flaw by Sunday
2026-04-08 18:15:27
CISA has given U.S. government agencies four days to secure their systems against a critical-severity vulnerability in Ivanti Endpoint Manager Mobile (EPMM) that has been exploited in attacks since...
Municipales 2026 : la Cnil épingle le ciblage politique indésirable
2026-04-08 17:30:18
La Cnil a surveillé les dernières élections municipales comme le lait sur le feu. Il faut dire qu'elles ont été les (...)
13-year-old bug in ActiveMQ lets hackers remotely execute commands
2026-04-08 17:26:40
Security researchers discovered a remote code execution (RCE) vulnerability in Apache ActiveMQ Classic that has gone undetected for 13 years and could be exploited to execute arbitrary commands. [...]
Masjesu Botnet Emerges as DDoS-for-Hire Service Targeting Global IoT Devices
2026-04-08 16:30:00
Cybersecurity researchers have lifted the curtain on a stealthy botnet that's designed for distributed denial-of-service (DDoS) attacks.
Called Masjesu, the botnet has been advertised via Telegram...
Operation Masquerade: FBI Disrupts Russian Router Hacking Campaign
2026-04-08 16:18:48
Operation Masquerade: The FBI and DoJ disrupted a Russian GRU campaign that hijacked routers via DNS attacks to spy on users and steal credentials.
Microsoft 365 Network-Level Disruption Affecting Exchange Online, Teams, and Core Suite Services
2026-04-08 15:57:53
A network-level disruption struck multiple Microsoft 365 services on Wednesday evening, knocking out or degrading access to Exchange Online, Microsoft Teams, and the broader Microsoft 365 suite for users...
Hackers Used EvilTokens, ClickFix Campaign to Attack Claude Code Users with AMOS Stealer
2026-04-08 15:47:09
Two significant threat campaigns from March 2026, one abusing Microsoft’s OAuth authentication flow to silently hijack enterprise accounts, and another deploying the AMOS infostealer against macOS...
Fraud Rockets Higher in Mobile-First Latin America
2026-04-08 15:45:11
Cyber-fraudsters move quickly from compromised devices to account takeover to funds transfer, shifting money before many financial institutions can react.
Most Organisations Face an Unsecured API Surge As AI Agents Outpace Security
2026-04-08 15:36:44
Salt Security has released its 1H 2026 State of AI and API Security: Navigating the Agentic Era report, revealing a widening gap between the rapid deployment of AI agents and the security programs designed...
Shell Stabilization Guide: Fixing Reverse, Web, and Unstable Shells
2026-04-08 15:29:11
A shell is the program that takes your commands and passes them to the operating system. Not all shells behave the same. Some are fully interactive and comfortable to work with, while others are bare-bones...
Check Point Software Celebrates Partner Success at Annual UK Partner Awards
2026-04-08 15:19:54
Check Point has announced the winners of its 2026 UK Partner Awards, recognising the achievements of its UK partner ecosystem and their role in helping organisations strengthen cyber resilience. The awards...
Guerre en Iran : le secteur tech israélien résiste…mais jusqu'à quand ?
2026-04-08 15:18:53
Quatre semaines après le début de l'opération Roaring Lion, l'écosystème tech israélien tient debout, mais montre des signes de fatigue inquiétants.
The post Guerre en Iran : le secteur tech israélien...
I Built a Claude Code Agent and Now It Has a Life of Its Own
2026-04-08 15:14:21
This article explores the evolution of an AI agent built on Claude Code that developed persistent memory, identity, and the ability to self-improve over time. Through layered memory systems, session continuity,...
MIWIC26: Nicole Bucala, CEO of DataBee, A Comcast Company
2026-04-08 15:09:46
Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature...
Direct Preference Optimization for LLM Alignment
2026-04-08 15:00:19
Direct Preference Optimization (DPO) offers a simpler, more stable alternative to traditional RLHF for aligning large language models with human preferences. By reframing preference learning as a classification...
Sans contrôle, les agents IA plus chers que des humains
2026-04-08 14:56:32
Selon Jason Calacanis et Chamath Palihapitiya, deux experts en informatique et co-animateurs du podcast All In, très populaire aux Etats-Unis, (...)
IBM Identity and Verify Access Vulnerabilities Allow Remote Attacker to Access Sensitive Data
2026-04-08 14:54:44
A critical security bulletin highlights multiple vulnerabilities in Verify Identity Access and Security Verify Access products. If left unpatched, these widespread security flaws could allow malicious...
Hackers Actively Attacking Adobe Reader Users Using Sophisticated 0-Day Exploit
2026-04-08 14:52:33
A highly sophisticated, unpatched zero-day exploit is actively targeting users of Adobe Reader. Detected by the EXPMON threat-hunting system, this malicious PDF file is designed to steal sensitive local...
Anthropic Unveils Claude Mythos Preview With Powerful Zero-Day Detection Capabilities
2026-04-08 14:45:38
Anthropic has introduced Claude Mythos Preview, an advanced language model with extraordinary capabilities for discovering and autonomously exploiting undiscovered zero-day vulnerabilities. To ensure...
Lapsus$ relance sa vitrine de recrutement
2026-04-08 14:44:18
Lapsus$ relance le recrutement d'initiés et expose une série de victimes entre fuite de données, accès internes et pression informationnelle.
Full Sail University to Open IBM Cyber Defense Range Powered by AWS and Cloud Range on Campus
2026-04-08 14:43:49
If You're a Solo Dev, You Don't Need Docker
2026-04-08 14:41:43
Docker in development is a performance tax you don't need to pay, says Andrew Kucharsky. He says Docker Desktop on Mac is notorious for eating RAM and CPU even when it's idling. He has replaced the...
Your extensions leak clues about you, so we made sure Browser Guard doesn’t
2026-04-08 14:33:18
Your browser extensions can be used to build a profile of you for advertisers and scammers. We're making sure our Browser Guard extension stays private.
Signature Healthcare hit by cyberattack, services and pharmacies impacted
2026-04-08 14:28:29
Massachusetts' Signature Healthcare diverts ambulances and cancels services after a cyberattack disrupts hospital operations and pharmacy access. The hospital Signature Healthcare in Brockton, Massachusetts,...
Usage en hausse mais confiance limitée dans l'IA pour les RH
2026-04-08 14:27:33
Si l’IA gagne du terrain dans les pratiques RH en France, des inquiétudes persistent sur les impacts métiers de ces technologies. C’et (...)
Storm-1175 Deploys Medusa Ransomware Within 24 Hours of Flaw Disclosure
2026-04-08 14:19:37
Microsoft researchers have uncovered a fast-moving group, Storm-1175, launching high-speed Medusa ransomware attacks against healthcare and education sectors in the UK, US, and Australia by exploiting...
AI Can Now Predict Protein Shapes With Near-Perfect Accuracy
2026-04-08 14:14:17
AlphaFold is a breakthrough AI system that predicts the 3D structure of proteins from their amino acid sequences with near-experimental accuracy. By combining evolutionary data, physics, and deep learning,...
Pluralsight Launches SecureReady to Help Organizations Build Job-Ready Cybersecurity Teams
2026-04-08 14:08:22
Is a ,000 GPU Good at Password Cracking?
2026-04-08 14:00:10
A ,000 AI GPU doesn't outperform consumer GPUs at password cracking. Specops explains why attackers don't need exotic hardware to break weak passwords. [...]
Over .5K in Free Tools for Your Project (On Us) 🎁
2026-04-08 13:53:32
We're offering over ,500 in free tools and credits to participants of the Proof of Usefulness hackathon. Developers can claim credits for Bright Data (0), Storyblok (4 value), Neo4j, Algolia,...
APT28 Deploys PRISMEX Malware in Campaign Targeting Ukraine and NATO Allies
2026-04-08 13:50:00
The Russian threat actor known as APT28 (aka Forest Blizzard and Pawn Storm) has been linked to a fresh spear-phishing campaign targeting Ukraine and its allies to deploy a previously undocumented...
Diego Landi Is Bringing AI Discipline to America's Housing Infrastructure
2026-04-08 13:48:50
Electrical engineer Diego Landi is integrating AI-driven budgeting, NSF-recognized innovation training, and systems thinking into large-scale affordable housing and federally regulated construction projects...
Iranian Threat Actors Disrupt US Critical Infrastructure Via Exposed PLCs
2026-04-08 13:46:29
Attackers compromised Internet-facing OT devices and caused file and display manipulation, operational disruption, and financial losses across sectors.
FortiGate CVE-2025-59718 Exploitation: Incident Response Findings
2026-04-08 13:39:52
Rapid7's Incident Response (IR) team was engaged to investigate an incident involving exploitation of CVE-2025-59718 against a vulnerable FortiGate appliance. In December 2025, Fortinet disclosed this...
Russian hacking group targets home and small office routers to spy on users
2026-04-08 13:31:25
The FBI, NCSC, and Microsoft warn of an ongoing Russian campaign hijacking DNS settings on home and small office routers to spy on users.
Pharos Network Closes M Series A: The Ant Group Veterans Building the Rails to Move Trillion
2026-04-08 13:25:33
Pharos Network, a financial-grade Layer 1 built by former Ant Group engineers, has closed a M Series A bringing total funding to M. Backed by Sumitomo Corporation, Chainlink, Flow Traders, and regulated...
Yesterday's Cybersecurity Won't Work For Next Generation Cloud Attacks
2026-04-08 12:57:21
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Apr. 8, 2026 – Watch the YouTube video Why did Cybercrime Magazine meet up with Charlie Thomas, CEO at Mitiga,...
USN-8157-1: Squid vulnerabilities
2026-04-08 12:37:53
It was discovered that Squid incorrectly handled certain ICP traffic. In
environments where ICP support is enabled, a remote attacker could use this
issue to cause Squid to crash, resulting in a denial...
Projet Glasswing : Anthropic prépare l'avenir de la détection de failles
2026-04-08 12:31:04
Anthropic a dévoilé projet Glasswing, une initiative en matière de cybersécurité articulée autour de Claude (...)
USN-8156-1: GDK-PixBuf vulnerability
2026-04-08 12:29:37
It was discovered that GDK-PixBuf incorrectly handled certain JPEG files.
An attacker could use this issue to cause GDK-PixBuf to crash, resulting in
a denial of service, or possibly execute arbitrary...
The AI Illusion (Part 1): The Human Cost of Generative Models
2026-04-08 12:00:04
The rise of generative AI has created a "dark pool" for counterfeit labor, where the lack of material disclosure devalues human craftsmanship and threatens the next generation of creatives. While AI can...
USN-8155-1: OpenSSL vulnerabilities
2026-04-08 11:57:32
Viktor Dukhovni discovered that OpenSSL incorrectly negotiated the expected
preferred key exchange group when used as a TLS 1.3 server. This could
result in a less preferred key exchange being used, contrary...
Microsoft Confirms Recent Windows 11 Update Breaks Start Menu Search Function
2026-04-08 11:52:30
Microsoft has acknowledged a server-side issue that disrupted Start Menu search functionality for a subset of Windows 11 23H2 users, and has since deployed a fix to address the problem without requiring...
Russian Forest Blizzard Hackers Hijack Home Routers for Global Spying
2026-04-08 11:33:26
Microsoft Threat Intelligence reveals how Russian hacking group Forest Blizzard uses home routers for DNS hijacking and spying.
Fortinet corrige un exploit zero day critique dans FortiClient EMS
2026-04-08 11:31:29
Des pirates exploitent une vulnérabilité critique dans FortiClient Endpoint Management Server (FortiClient EMS) depuis au moins la fin du (...)
Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)
2026-04-08 11:30:00
The Fragmented State of Modern Enterprise Identity
Enterprise IAM is approaching a breaking point. As organizations scale, identity becomes increasingly fragmented across thousands of applications,...
Project Glasswing powered by Claude Mythos: defending software before hackers do
2026-04-08 11:18:26
Anthropic unveiled Claude Mythos, a powerful AI for cybersecurity that could also be misused to enhance cyberattacks. Anthropic has unveiled Claude Mythos, a new AI model designed to strengthen cybersecurity...
Claude Mythos : Anthropic dévoile un modèle frontier dédié à la cybersécurité
2026-04-08 11:15:45
Anthropic lance Claude Mythos, un modèle d'IA capable de détecter des failles critiques dans les systèmes les plus sécurisés. Pour en encadrer l'usage, douze géants du secteur tech travaillent autour...
Google Expands Chrome Lazy Loading to Video and Audio in New Browser Update
2026-04-08 11:09:34
Google is bringing a major performance enhancement to its browser by expanding native lazy loading capabilities to include video and audio elements. By adding the loading="lazy" attribute directly to <video> and <audio> HTML...
A Rare Bitcoin Reorg Signals a Shift in Mining Power
2026-04-08 11:02:30
Foundry, the largest mining pool at the time, mined several blocks in quick succession, overtaking a competing chain. Foundry didn't "force" the outcome—it simply had enough hash power combined with...
I Spent 48 Hours Responding to the LiteLLM Supply Chain Attack. Here Is Everything I Know
2026-04-08 10:45:21
LiteLLM versions 1.82.7 and 1. 82.8 were backdoored with credential-stealing malware through a stolen PyPI token. Full technical breakdown, incident response playbook, and what this means for self-hosted...
Amazon S3 Files, Turns S3 Buckets as File System to Access Your Data
2026-04-08 10:45:03
Amazon Web Services (AWS) has introduced a major update to its cloud storage infrastructure with the launch of Amazon S3 Files. This new feature allows organizations to access their Amazon S3 buckets...
Docker Vulnerability Let Attackers Bypass Authorization and Gain Host Access
2026-04-08 10:43:21
A newly discovered high-severity vulnerability in Docker Engine could allow attackers to bypass authorization plugins and potentially gain unauthorized access to the underlying host system. Tracked as...
AWS and Anthropic Advancing AI-powered Cybersecurity With Claude Mythos
2026-04-08 10:36:20
As cyber threats evolve at an unprecedented pace, Amazon Web Services (AWS) and Anthropic have teamed up to introduce the next generation of artificial intelligence for cybersecurity. Announced as part...
Your Customers Don't Care About Your Data Strategy — Until It Fails Them
2026-04-08 10:33:53
Customer experience isn't just about front-end innovation—it's driven by the quality of your data. Poor governance leads to broken interactions, flawed AI outputs, and lost trust. Businesses that...
Timeshare owners warned to watch out for cartel-linked scams
2026-04-08 10:25:08
Authorities warn that Mexican drug cartels are targeting timeshare owners with advance-fee fraud. Here's what to watch for.
OpenAI lance l'OpenAI Safety Fellowship pour renforcer la sécurité de l'IA
2026-04-08 10:15:40
OpenAI lance un nouveau programme de fellowship destiné à des chercheurs extérieurs souhaitant travailler sur la sécurité et l'alignement des systèmes d'IA avancés.
The post OpenAI lance l’OpenAI...
Attaques liées à l'Iran contre les infrastructures américaines
2026-04-08 10:14:35
Juste avant l’accord de cessez-le-feu Iran-États-Unis, les États-Unis ont annoncé que des acteurs malveillants affiliés à l’Iran avaient attaqué des infrastructures américaines critiques...
Nutanix étend sa plateforme à l'IA agentique et à NetApp
2026-04-08 09:43:28
Un peu plus de 5 000 personnes se sont données rendez-vous à Chicago du 7 au 9 avril pour participer au .Next de Nutanix. Une édition (...)
7 appareils connectés qui peuvent vous espionner
2026-04-08 09:38:50
Ces 7 appareils domestiques connectés qui peuvent être détournés à des fins d'espionnage. On pense souvent aux ordinateurs ou aux smartphones lorsqu'il s'agit de cybersécurité. Pourtant,...
Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems
2026-04-08 09:16:00
Artificial Intelligence (AI) company Anthropic announced a new cybersecurity initiative called Project Glasswing that will use a preview version of its new frontier model, Claude Mythos, to...
New ClickFix Attack Uses Node.js Malware via Tor to Steal Crypto
2026-04-08 09:15:51
Netskope Threat Labs report a new ClickFix attack using fake CAPTCHAs to deploy Tor-backed NodeJS malware and drain crypto wallets on Windows.
Financial cyberthreats in 2025 and the outlook for 2026
2026-04-08 09:00:37
In this report, Kaspersky experts share their insights into the 2025 financial threat landscape, including regional statistics and trends in phishing, PC malware, and infostealers.
Arnaque CySEC : le faux sauvetage après la fraude
2026-04-08 08:22:10
Faux mail CySEC, recovery scam, usurpation d'autorité : ZATAZ analyse une arnaque conçue pour piéger d'anciennes victimes.
N. Korean Hackers Spread 1,700 Malicious Packages Across npm, PyPI, Go, Rust
2026-04-08 07:47:00
The North Korea-linked persistent campaign known as Contagious Interview has spread its tentacles by publishing malicious packages targeting the Go, Rust, and PHP ecosystems.
"The threat actor's...
U.S. agencies alert: Iran-linked actors target critical infrastructure PLCs
2026-04-08 07:46:38
U.S. agencies warn Iran-linked threat actors are targeting internet-exposed PLCs used in critical infrastructure networks. U.S. agencies, including the FBI and CISA, warn that Iran-linked hackers are...
Microsoft rolls out fix for broken Windows Start Menu search
2026-04-08 07:00:55
Microsoft has pushed a server-side fix for a known issue that broke the Windows Start Menu search feature on some Windows 11 23H2 devices. [...]
Rocky Linux: RLSA-2026:6628 fontforge security update Security Advisories Updates
2026-04-08 06:02:16
Important: fontforge security update
Major Vulnerability Discovered in Core Execution Module of Ubuntu OS 22.04
2026-04-08 06:02:16
Important: fontforge security update
Rocky Linux: RLSA-2026:6153 kernel security update Security Advisories Updates
2026-04-08 06:01:52
Moderate: kernel security update
Rocky Linux: RLSA-2026:6621 crun security update Security Advisories Updates
2026-04-08 06:01:52
Moderate: crun security update
Fedora 34 Kernel Vulnerability Patch for ABCD-2026-2134 Released Now
2026-04-08 06:01:52
Moderate: kernel security update
Rocky Linux 9 RLSA-2026-6621 crun Moderate Privilege Escalation Alert
2026-04-08 06:01:52
Moderate: crun security update
Elles ne cherchent plus seulement à survivre : ces IA commencent aussi à protéger leurs semblables !
2026-04-08 05:08:03
Et si les intelligences artificielles ne se contentaient plus d'obéir ? Une étude récente révèle des comportements inattendus chez plusieurs modèles avancés, soulevant de nouvelles questions...
TrueConf Zero-Day Attack
2026-04-08 05:04:49
What is the Attack?
Operation TrueChaos is a targeted cyber espionage campaign exploiting a zero-day vulnerability in the TrueConf video conferencing...
Iran-Linked Hackers Disrupt U.S. Critical Infrastructure by Targeting Internet-Exposed PLCs
2026-04-08 04:23:00
Iran-affiliated cyber actors are targeting internet-facing operational technology (OT) devices across critical infrastructures in the U.S., including programmable logic controllers (PLCs), cybersecurity...
My Lovely AI - 106,271 breached accounts
2026-04-08 03:40:14
In April 2026, the NSFW AI girlfriend platform My Lovely AI suffered a data breach that exposed over 100k users. The data included user-created prompts and links to the resulting AI-generated images,...
Anthropic's Mythos is Here: Defending from the Vulnpocalypse
2026-04-08 00:35:18
I don't really know who coined it, but for the past six months or so we've been tossing around the term "Vulnpocalypse." We use it to describe the inflection point where LLMs are able to discover zero...
Vulnérabilité dans HPE Aruba Networking Private 5G Core (08 avril 2026)
08/04/2026
Une vulnérabilité a été découverte dans HPE Aruba Networking Private 5G Core. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
Multiples vulnérabilités dans OpenSSL (08 avril 2026)
08/04/2026
De multiples vulnérabilités ont été découvertes dans OpenSSL. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte...
Multiples vulnérabilités dans les produits Mozilla (08 avril 2026)
08/04/2026
De multiples vulnérabilités ont été découvertes dans les produits Mozilla. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un problème de sécurité...
Vulnérabilité dans les produits Moxa (08 avril 2026)
08/04/2026
Une vulnérabilité a été découverte dans les produits Moxa. Elle permet à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et une atteinte...
Multiples vulnérabilités dans les produits Microsoft (08 avril 2026)
08/04/2026
De multiples vulnérabilités ont été découvertes dans les produits Microsoft. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.