Toute l'actualité de la Cybersécurité
Les demandes d'assistance pour cyberharcèlement se multiplient chez les publics professionnels
2026-03-27 18:07:54
Les demandes d'assistance pour cyberharcèlement faites à Cybermalveillance.gouv.fr par des publics professionnels ont triplé en un an.
The post Les demandes d’assistance pour cyberharcèlement...
Google Sets 2029 Deadline as Quantum Computers Threaten Encryption
2026-03-27 18:02:45
Google fast-tracks post-quantum cryptography with a 2029 deadline as researchers warn quantum computers could break current encryption sooner than expected.
Who's Who In Domain Security: 10 Companies To Watch In 2026
2026-03-27 17:32:15
Resource guide for CISOs and MSSPs – Steve Morgan, Editor-in-Chief Sausalito, Calif. – Mar. 27, 2026 Domain security unexpectedly and repeatedly came up in Cybercrime Magazine's discussions with...
Tensions sur les achats de batterie pour datacenter
2026-03-27 17:30:13
Après la mémoire, va-t-on vers une pénurie de batteries pour les datacenters utilisées en cas de panne ou d'incident ? C'est (...)
Apple Sends Lock Screen Alerts to Outdated iPhones Over Active Web-Based Exploits
2026-03-27 17:22:00
Apple is now sending Lock Screen notifications to iPhones and iPads running older versions of iOS and iPadOS to alert users of web-based attacks and urge them to install the update.
The development was...
FBI Chief Kash Patel's Gmail Account was Hacked by Iranian Hackers
2026-03-27 17:21:54
Iran-linked hackers have claimed responsibility for breaching FBI Director Kash Patel’s personal Gmail inbox, leaking photographs, documents, and email correspondence online. The hacker group Handala...
TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files
2026-03-27 16:53:00
TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python package by pushing two malicious versions to steal sensitive data.
The...
Fake VS Code alerts on GitHub spread malware to developers
2026-03-27 16:51:52
A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the Discussions section of various projects, to trick users into downloading malware....
China Upgrades the Backdoor It Uses to Spy on Telcos Globally
2026-03-27 16:48:49
Chinese APT Red Menshen's super-advanced BPFdoor malware defeats traditional cybersecurity protections. All telcos can do, really, is try hunting it down.
BreachForums, chronique d'une succession toxique
2026-03-27 16:10:08
BreachForums se fracture en héritages rivaux, clones et récits concurrents dans une guerre de succession cyber.
What Professional Writers Do That Amateurs Don't
2026-03-27 16:00:39
The difference between a professional writer and an amateur is rarely raw talent.
BianLian Ransomware Spreads via Fake Invoice SVG Images in New Attacks
2026-03-27 15:43:07
Researchers at WatchGuard have identified a new phishing campaign targeting companies in Venezuela. Using malicious SVG image files…
You Can't Growth-Hack Developer Trust
2026-03-27 15:30:39
Startup teams often assume trust is built through better messaging. But with developers, trust is build in the product reality that comes after the message.
New AITM phishing wave hijacks TikTok Business accounts
2026-03-27 15:23:28
A new AITM phishing campaign targets TikTok Business accounts to hijack them for malvertising, continuing tactics seen in earlier Google-themed scams. Push Security researchers uncovered a new wave of...
MIWIC26: Dr Catherine Knibbs, Founder and CEO of Children and Tech
2026-03-27 15:03:52
Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature...
HackerNoon Projects of the Week: Ravasend, polluSensWeb, and Nullmail
2026-03-27 15:00:41
HackerNoon Projects of the Week spotlights projects that have proven their worth and usefulness. This week, we spotlight Ravasend, polluSensWeb, and Nullmail.
CISA and BSI warn orgs of critical PTC Windchill and FlexPLM flaw
2026-03-27 14:58:30
CISA warns of a critical flaw in PTC Windchill and FlexPLM (CVE-2026-4681), with no patch yet and potential for imminent exploitation. CISA issued an advisory about a critical vulnerability, tracked as...
Wartime Usage of Compromised IP Cameras Highlight Their Danger
2026-03-27 14:42:31
The list of countries exploiting internet-connected cameras to give them eye's inside their adversaries' borders continues to expand, with Russia, Iran, Israel, Ukraine, and the United States all using...
Le SDK de voix IA « Telnyx » a été compromis dans le cadre de la campagne TeamPCP
2026-03-27 14:32:03
JFrog Security Research vient de mettre au jour une faille majeure affectant la bibliothèque PyPI de telnyx, un SDK essentiel utilisé par les développeurs pour intégrer des agents vocaux IA et des...
Why CVSS is No Longer Enough for Exposure Management
2026-03-27 14:28:56
For years, cybersecurity professionals have relied on a familiar metric to dictate their day-to-day priorities: the Common Vulnerability Scoring System (CVSS). In today's hyper-connected, sprawling...
Critical Citrix NetScaler Flaw Draws CitrixBleed Comparisons as Exploitation Window Narrows
2026-03-27 14:24:16
A critical vulnerability in Citrix NetScaler ADC and NetScaler Gateway is drawing urgent warnings from the security community, with experts cautioning that exploitation could be imminent and that the...
HP change d'approche sur l'IA locale
2026-03-27 14:12:25
Sous la marque HP IQ, une approche moins liée aux PC Copilot+ se met en place, à l'appui d'un autre modèle que pour l'application AI Companion.
The post HP change d’approche sur l’IA locale...
Novava Launches a Game-Changing Futures-First Crypto Exchange for Serious Traders
2026-03-27 14:11:53
Novava is a new cryptocurrency exchange designed specifically for traders. Novava has a team of over 50 professionals, including hackers, quants, and active traders.
Agentic GRC: Teams Get the Tech. The Mindset Shift Is What's Missing.
2026-03-27 14:02:12
Agentic GRC automates workflows, forcing teams to rethink their role beyond operations. Anecdotes explains why the biggest challenge is shifting from execution to risk leadership. [...]
New Silver Fox Campaign Hits Japanese Businesses With Tax-Themed Phishing Lures
2026-03-27 14:00:32
Japan’s tax season has become a hunting ground for a well-organized threat actor known as Silver Fox. As Japanese companies enter their annual cycle of tax filing, salary reviews, and personnel...
Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks
2026-03-27 13:57:00
Cybersecurity researchers have disclosed details of a now-patched bug impacting Open VSX's pre-publish scanning pipeline to cause the tool to allow a malicious Microsoft Visual Studio Code (VS Code) extension...
Une étude met en lumière les fuites de données qui ont fait le plus de dégâts en 2025
2026-03-27 13:41:29
En 2025, des milliers de fuites et de violations de données ont été recensées, mais quelques incidents très médiatisés ont été à l'origine d'une majorité des préjudices. Le gestionnaire...
Avec Dynamic Workers, Cloudflare facilite l'exécution des agents IA
2026-03-27 13:35:58
Petit à petit Cloudflare étoffe son portefeuille à destination des développeurs autour des applications IA et notamment pour (...)
Criminals are renting virtual phones to bypass bank security
2026-03-27 13:34:44
Not a real phone, but good enough to fool your bank. Researchers warn criminals are using virtual devices to bypass fraud checks.
Infrastructure Attacks With Physical Consequences Down 25%
2026-03-27 13:30:00
Operational technology (OT) at industrial and critical infrastructure sites seem to have been benefitting from a lull in ransomware, and hackers' relative ignorance of OT systems.
SUSE 2026 20828-1 important for kernel RT (Live Patch 3 for SUSE Linux Enterprise 16)
2026-03-27 13:20:46
An update that solves seven vulnerabilities can now be installed.
SUSE 2026 20829-1 important for kernel RT (Live Patch 2 for SUSE Linux Enterprise 16)
2026-03-27 13:20:35
An update that solves eight vulnerabilities can now be installed.
SUSE 2026 20830-1 important for kernel RT (Live Patch 4 for SUSE Linux Enterprise 16)
2026-03-27 13:20:22
An update that solves two vulnerabilities can now be installed.
SUSE 2026 20831-1 important for kernel RT (Live Patch 0 for SUSE Linux Enterprise 16)
2026-03-27 13:20:18
An update that solves nine vulnerabilities can now be installed.
SUSE 2026 20832-1 important for kernel RT (Live Patch 1 for SUSE Linux Enterprise 16)
2026-03-27 13:20:03
An update that solves eight vulnerabilities can now be installed.
SUSE 2026 20833-1 important for nghttp2
2026-03-27 13:19:50
An update that solves one vulnerability can now be installed.
Google Sets 2029 Deadline for Quantum-Safe Cryptography
2026-03-27 13:00:00
The post-quantum future may be coming sooner than you think, as Google plans to have PQC migration in place by 2029.
Google Moves Q-Day Estimate to 2029 – Industry Experts Say the Clock Is Already Ticking
2026-03-27 12:49:59
Google has officially set 2029 as its target date for completing a full migration to post-quantum cryptography (PQC), in what the company describes as a necessary acceleration driven by faster-than-expected...
Hackers Deploy BRUSHWORM and BRUSHLOGGER Against South Asian Financial Firm
2026-03-27 12:34:57
A South Asian financial institution has become the latest target of a focused cyberattack involving two custom-built malware tools — BRUSHWORM, a modular backdoor, and BRUSHLOGGER, a keylogger disguised...
Security As A Service: 7 Ways Coworking Spaces Can Upgrade Digital Trust In 2026
2026-03-27 12:29:51
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Mar. 27, 2026 –Read the full story from CANOPY Cybercrime damage was on pace to hit .5 trillion in 2025,...
How to Train Your Healthcare AI Agent: A Compliance-First Guide to Data Sharing
2026-03-27 12:22:29
This guide breaks down how to build HIPAA-compliant AI agents in healthcare, covering BAAs, PHI handling, Safe Harbor de-identification, and FHIR-based data minimization. It explains why agentic AI expands...
European Commission investigating breach after Amazon cloud account hack
2026-03-27 12:22:19
The European Commission, the European Union's main executive body, is investigating a security breach after a threat actor gained access to the Commission's Amazon cloud environment. [...]
AitM Phishing Targets TikTok Business Accounts Using Cloudflare Turnstile Evasion
2026-03-27 12:03:00
Threat actors are using adversary-in-the-middle (AitM) phishing pages to seize control of TikTok for Business accounts in a new campaign, according to a report from Push Security.
Business accounts associated...
Parker Breaks Under Pressure
2026-03-27 11:30:13
Poirot confronts Parker and exposes his history of blackmail, forcing a partial confession but ultimately believing he is not the murderer. New revelations show Mrs. Ferrars paid huge sums, pointing to...
Les demandes d'aide face aux cybermenaces explosent en France
2026-03-27 11:29:32
Créé il y a près de 10 ans, le groupement d’intérêt public action contre la cybermalveillance (GIP Acyma) apporte (...)
AI Act : un report à 2027 voire 2028 se dessine
2026-03-27 11:07:55
Le Parlement européen propose de décaler à décembre 2027 et août 2028 l'entrée en application du « cœur » de l'AI Act, à savoir les dispositions concernant les systèmes d'IA à haut risque.
The...
Proving Grounds — Practice — Nagoya
2026-03-27 11:03:18
Image from Offsec's practice box NagoyaProving Grounds Practice box Nagoya is rated hard, but the community has rated it as very hard. The rating aside, this box is exceptional practice for Active...
Sumo — Shellshock on a CGI Script and Dirty COW on a 2012 Kernel | OffSec PG
2026-03-27 11:02:54
Sumo is a simple machine that combines two well-known CVEs into one exploit chain. The box is running an ancient Apache 2.2.22 with a CGI script sitting wide open, which makes it vulnerable to Shellshock...
Microsoft Power BI API Credential Exposure: From Public Postman Workspace to Data Exfiltration in…
2026-03-27 11:02:24
Microsoft Power BI API Credential Exposure: From Public Postman Workspace to Data Exfiltration in MinutesYou don't need to hack a government agency when its API credentials are already public.While...
Assessment Methodologies: Vulnerability Assessment CTF-1 — eJPT (INE)
2026-03-27 11:02:13
Assessment Methodologies: Vulnerability Assessment CTF-1 — eJPT (INE)A beginner-friendly eJPT CTF walkthrough focused on vulnerability assessment, web enumeration, and hidden information discoveryHello...
Microsoft Authenticator's Unclaimed Deep Link: A Full Account Takeover Story (CVE-2026–26123)
2026-03-27 11:01:49
When your authentication app becomes the weakest link: How an unclaimed deep link exposed millions of Microsoft accountsThe story of how I got a CVE acknowledgment in Microsoft, the second CVE ever in...
Finding XSS Through HTML Injection — Without Fuzzing Tools
2026-03-27 11:01:10
Note: All sensitive information has been redactedWhen hunting for XSS, most people immediately reach for fuzzing tools. But sometimes, slowing down and simply observing how an application behaves can...
What Is a Checksum? Meaning, Examples & Why You Should Use Them
2026-03-27 11:00:58
A checksum is a calculated value that represents the exact contents of a file or message. If the file changes '' even by a single byte '' the checksum changes as well. That's why it's often described...
The End of “Just Buy an iPhone” as Security Advice
2026-03-27 11:00:22
Photo by Peng Originals on UnsplashCYBERSECURITY · TECHNOLOGY · OPINIONApple built a fortress. Hackers found six doors. A cybersecurity architect breaks down what DarkSword means for the rest of us.We...
We Are At War
2026-03-27 11:00:00
Rising geopolitical tensions are reflected (or in some cases preceded) by cyber operations, while technology itself has become politicized. Let's admit it: we are in the middle of it.
Introduction:...
Hackers Use USB Malware, RATs, and Stealers in Espionage Attacks on Southeast Asian Government
2026-03-27 10:57:03
A highly coordinated cyberespionage campaign has been uncovered targeting a government organization in Southeast Asia, with threat actors deploying a mix of USB-propagated malware, remote access trojans...
How NoSQL Database Developers Prevent Hacking Loopholes
2026-03-27 10:56:22
Database security breaches can have devastating consequences for businesses, exposing sensitive data, damaging reputations, and…
How NoSQL Database Developers Prevent Hacking Loopholes on Latest...
Data Horizon Earns a 34 Proof of Usefulness Score by Building Conversational Analytics for GA4
2026-03-27 10:55:08
Data Horizon is a seed-stage conversational analytics tool designed to simplify Google Analytics 4. By combining AI with Google's APIs, it enables marketers and agencies to access insights through natural...
Bogus Avast website fakes virus scan, installs Venom Stealer instead
2026-03-27 10:49:31
A fake Avast scan tells you your PC is infected, then installs the malware that steals passwords, session data and crypto wallets.
Rivver Accountant Earns a 51 Proof of Usefulness Score by Building an AI-Driven Personal Wealth Management Tool
2026-03-27 10:40:47
Rivver Accountant is an AI-powered personal finance platform designed for the Caribbean, where open banking tools are limited. By aggregating financial data and delivering intelligent insights via Google...
Anti-piracy coalition takes down AnimePlay app with 5 million users
2026-03-27 10:40:17
The Alliance for Creativity and Entertainment (ACE) announced the shutdown of AnimePlay, a major anime streaming platform with over 5 million users. [...]
En assouplissant l'IA Act, le Parlement européen perturbe l'agenda des DSI
2026-03-27 10:34:27
Réunis à Strasbourg, les députés européens ont voté hier le report de plusieurs dispositions de l’IA Act. (...)
Hackers Use Phishing ZIP Files to Deploy PXA Stealer Against Financial Firms
2026-03-27 10:34:18
A new wave of cyberattacks is putting financial institutions on high alert, as threat actors ramp up the use of PXA Stealer — a powerful information-stealing malware — against organizations worldwide....
ACHLS Eternal Earns a 12 Proof of Usefulness Score by Building an Automated Materials Science and Medical Lab Complex
2026-03-27 10:32:20
ACHLS Eternal is an AI-powered automated lab system designed to transform scientific research using grounded data and hallucination-free models. Combining materials science, medical simulations, and a...
PvNP Earns a 21 Proof of Usefulness Score by Building an Interactive TSP Solver and Visualizer
2026-03-27 10:19:12
PvNP is an early-stage educational tool that visualizes the Traveling Salesperson Problem through interactive animations. Designed for students and universities, it makes complex combinatorial optimization...
Telnyx PyPI Package With 742,000 downloads Compromised in TeamPCP Supply Chain Attack
2026-03-27 10:18:14
The official Telnyx Python SDK on PyPI was compromised this morning as part of an escalating, weeks-long supply chain campaign orchestrated by the threat actor group TeamPCP. Malicious versions 4.87.1...
U.S. CISA adds an Aquasecurity Trivy flaw to its Known Exploited Vulnerabilities catalog
2026-03-27 10:14:48
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an Aquasecurity Trivy flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency...
RecallNote Earns a 37 Proof of Usefulness Score by Building AI-Summarized Notes and Spaced Repetition Notifications
2026-03-27 10:05:29
RecallNote is an AI-powered EdTech tool that transforms study notes into personalized summaries and flashcards using Google's LearnLM. Built around spaced repetition, it helps students retain more information...
Bearlyfy Hits Russian Firms with Custom GenieLocker Ransomware
2026-03-27 10:04:00
A pro-Ukrainian group called Bearlyfy has been attributed to more than 70 cyber attacks targeting Russian companies since it first surfaced in the threat landscape in January 2025, with recent attacks...
Shugert Earns a 392 Proof of Usefulness Score by Building Expert E-commerce Solutions
2026-03-27 09:35:34
Shugert is a Shopify Select Partner agency helping 600+ e-commerce brands grow through custom development, SEO, and AI-driven analytics. With 1,200+ completed projects, flexible pricing, and a focus on...
Red Hat Warns of Malware Code Embedded in Popular Linux Tool Allow Unauthorized Access to Systems
2026-03-27 09:30:27
Red Hat has issued a critical security warning regarding malicious code discovered in recent versions of the “xz” compression tools and libraries. Tracked as CVE-2024-3094, this highly sophisticated...
Windows 11 KB5079391 update rolls out Smart App Control improvements
2026-03-27 09:20:59
Microsoft has released the KB5079391 preview cumulative update for Windows 11 24H2 and 25H2, which includes 29 changes, such as Smart App Control and Display improvements. [...]
USN-8098-9: Linux kernel (IBM) vulnerabilities
2026-03-27 08:51:44
Qualys discovered that several vulnerabilities existed in the AppArmor
Linux kernel Security Module (LSM). An unprivileged local attacker could
use these issues to load, replace, and remove arbitrary...
GenAI : les DSI temporisent pour éviter les risques
2026-03-27 08:39:16
« Aujourd'hui, il n'est pas possible d'éviter le sujet de l'IA générative », constate Lionel Chaine, DSI Bpifrance. A (...)
Critical Citrix NetScaler and Gateway Vulnerabilities Let Remote Attackers Leak Sensitive Information
2026-03-27 08:26:09
Cloud Software Group has issued a critical security bulletin detailing two newly discovered vulnerabilities affecting customer-managed NetScaler ADC and NetScaler Gateway appliances. These flaws, tracked...
Dutch Police discloses security breach after phishing attack
2026-03-27 08:20:11
The Dutch National Police (Politie) says a security breach resulting from a successful phishing attack has had a limited impact and hasn't affected citizens' data. [...]
LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks
2026-03-27 08:07:00
Cybersecurity researchers have disclosed three security vulnerabilities impacting LangChain and LangGraph that, if successfully exploited, could expose filesystem data, environment secrets, and conversation...
Fake Cloudflare CAPTCHA Pages Spread Infiniti Stealer Malware on macOS Systems
2026-03-27 07:50:00
A new macOS malware that was undocumented previously, is quietly tricking users through fake Cloudflare human verification pages. Called Infiniti Stealer, this threat uses a well-known social engineering...
New Windows Error Reporting Vulnerability Lets Attackers Escalate to Gain SYSTEM Access
2026-03-27 07:14:48
A newly analyzed local privilege escalation vulnerability in the Windows Error Reporting (WER) service allows attackers to easily gain full SYSTEM access. The flaw, tracked as CVE-2026-20817, was considered...
China-linked Red Menshen APT deploys stealthy BPFDoor implants in telecom networks
2026-03-27 06:16:10
China-linked Red Menshen APT group used stealthy BPFDoor implants in telecom networks to spy on government targets. Rapid7 Labs uncovered a China-linked threat group known as Red Menshen has been running...
DarkSword iOS Exploit Chain
2026-03-27 03:54:34
What is the Attack?
Researchers from Google Threat Intelligence Group identified DarkSword, a sophisticated full-chain iOS exploit framework actively...
BreachForums Version 5 - 339,778 breached accounts
2026-03-27 02:19:23
In March 2026, a breach of one of the many iterations of the BreachForums hacking forum known as "Version 5" was publicly disclosed. The incident exposed 340k unique email addresses along with usernames...
New Ghost Campaign Uses Fake npm Progress Bars to Phish Sudo Passwords
2026-03-27 00:17:46
ReversingLabs researchers identify a new Ghost campaign using fake npm install logs and progress bars to phish for sudo passwords and steal crypto wallets from developers.
Multiples vulnérabilités dans les produits NetApp (27 mars 2026)
27/03/2026
De multiples vulnérabilités ont été découvertes dans les produits NetApp. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité...
Multiples vulnérabilités dans les produits Siemens (27 mars 2026)
27/03/2026
De multiples vulnérabilités ont été découvertes dans les produits Siemens. Elles permettent à un attaquant de provoquer un déni de service à distance.
Multiples vulnérabilités dans Spring AI (27 mars 2026)
27/03/2026
De multiples vulnérabilités ont été découvertes dans Spring AI. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une falsification de...
Multiples vulnérabilités dans Traefik (27 mars 2026)
27/03/2026
De multiples vulnérabilités ont été découvertes dans Traefik. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité.
Multiples vulnérabilités dans Zabbix (27 mars 2026)
27/03/2026
De multiples vulnérabilités ont été découvertes dans Zabbix. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité...
Vulnérabilité dans les produits Microsoft (27 mars 2026)
27/03/2026
Une vulnérabilité a été découverte dans les produits Microsoft. Elle permet à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Multiples vulnérabilités dans le noyau Linux de SUSE (27 mars 2026)
27/03/2026
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une atteinte à la...
Multiples vulnérabilités dans le noyau Linux de Red Hat (27 mars 2026)
27/03/2026
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Red Hat. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation...
Multiples vulnérabilités dans le noyau Linux d'Ubuntu (27 mars 2026)
27/03/2026
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, une élévation de...
Multiples vulnérabilités dans les produits IBM (27 mars 2026)
27/03/2026
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité...