Toute l'actualité de la Cybersécurité
Could your choice of metrics be harming your SOC?
2026-04-27 12:00:00
Poor metrics can render a well-intentioned security operation centre entirely ineffective.
ClickFix Attack Replaces PowerShell With Cmdkey and Remote Regsvr32 Payload Delivery
2026-04-27 11:18:44
A new and more capable version of the ClickFix attack has been spotted in the wild, and it works a little differently from what security teams have seen before. Instead of relying on PowerShell, attackers...
Entre Amazon et Google, Anthropic ménage la chèvre et le chou
2026-04-27 11:10:05
Amazon et Google montent d'un cran dans leur engagement à financer Anthropic, qui crée une forme d'équilibre dans ses accords avec eux.
The post Entre Amazon et Google, Anthropic ménage la chèvre...
Firefox bug CVE-2026-6770 enabled cross-site tracking and Tor fingerprinting
2026-04-27 10:49:04
CVE-2026-6770 let attackers fingerprint Firefox and Tor users, even in Private mode. Firefox 150 and Tor Browser 15.0.10 fixed it. A vulnerability, tracked as CVE-2026-6770, allowed attackers to fingerprint...
Cloud de confiance : SAP embarque sur S3NS
2026-04-27 10:41:13
L'éditeur allemand va déployer SAP RISE Private Cloud Edition sur la plateforme PREMI3NS de S3NS, avec Thales comme premier client stratégique.
The post Cloud de confiance : SAP embarque sur S3NS appeared...
Microsoft Outlook.com Issue Blocks Users From Accessing Emails
2026-04-27 10:33:56
Microsoft has acknowledged a service degradation affecting Outlook.com, with users reporting difficulties accessing the platform as of Monday, April 27, 2026. The company’s official Microsoft 365...
Vidar Infostealer Spreads via Fake CAPTCHAs, Hides in JPEG and TXT Files
2026-04-27 10:13:22
New version of Vidar infostealer spreads via fake CAPTCHAs, hides in JPEG and TXT files, uses fileless attacks and steals browser, crypto wallet data.
Microsoft Officially Shares Group Policy to Remove Windows 11 Copilot from Enterprise Devices
2026-04-27 10:09:05
Microsoft has officially released a new Group Policy setting that allows IT administrators to silently uninstall the Microsoft Copilot app from managed Windows 11 devices, a move that signals a broader...
The Hidden Costs of AI Agents: Why Local vs Cloud Decisions Matter More Than Models
2026-04-27 09:57:22
AI agents look simple but are not. A single request often triggers multiple hidden steps like planning, retries, and validation, which increases cost and latency. Most failures are not due to weak models,...
Why AI Agents Need Self-Updating Data Infrastructure to Stay Intelligent
2026-04-27 09:19:52
AI agents need continuously regenerating data pipelines to stay accurate and responsive. Real-time data, automation, and scalable infrastructure ensure AI systems can adapt, learn, and make better decisions...
Why Is LinkedIn Scanning My Browser?
2026-04-27 09:07:09
LinkedIn confirmed it scans your browser for 6,236 extensions on every page load. The security explanation is coherent. The composition of the list isn't.
Microsoft Store App Vibing.exe Allegedly Harvested Screens, Audio, and Clipboard Content
2026-04-27 09:02:46
A suspicious executable named Vibing.exe on the Microsoft Store has sparked major privacy and security alarms among cybersecurity researchers. Marketed as an interface to the “AI-native world”...
How to Improve Code Quality: 5 Proven AI Tools for Enterprises
2026-04-27 09:00:45
AI accelerates code generation, but production reliability depends on context. Predictive software quality platforms unify coding, testing, PR review, and debugging into continuous feedback loops. Enterprises...
Meet the Writer: Hacker Noon's Contributor Yogurt Chiang, Imaging Systems Engineer
2026-04-27 08:51:39
From IR camera design to stock futures to a 340km Mazu pilgrimage — inside the mind of an imaging engineer who sees every system as worth understanding.
Fast16: Pre-Stuxnet malware that targeted precision engineering software
2026-04-27 08:48:44
Fast16 is a pre-Stuxnet malware that tampered with precision software and spread itself. Evidence suggests links to U.S. operations during early cyber tensions. SentinelOne uncovered Fast16, a sabotage...
Vidar Malware Hides Second-Stage Payloads in JPEG and TXT Files to Evade Detection
2026-04-27 08:42:21
Vidar, one of the most active information-stealing malware families, has taken on a new shape in 2026. Researchers have found that its latest version now conceals second-stage payloads inside JPEG image...
Attackers Can Backdoor CODESYS Applications by Chaining Vulnerabilities
2026-04-27 08:40:08
Multiple vulnerabilities in the CODESYS Control runtime, one of the world’s most widely adopted software-based programmable logic controller (Soft PLC) platforms. According to Nozomi Networks Labs...
Top 10 Best NDR (Network Detection and Response) Solutions in 2026
2026-04-27 08:28:15
In the modern enterprise, the network is the ultimate source of ground truth. As organizations accelerate their digital transformation and adopt complex, cloud-native security architectures, the traditional...
‘fast16' Malware with Sabotage Capabilities Attacking Ultra Expensive Targets
2026-04-27 08:04:25
The fast16 malware is a recently exposed sabotage‑capable threat designed to target extremely high‑value environments and ultra‑expensive systems with precision. It does not behave like common commodity...
Italy moves to extradite Chinese national to the U.S. over hacking charges
2026-04-27 08:00:06
Italy plans to extradite Xu Zewei to the U.S. over alleged hacks on COVID-19 research tied to state-backed operations. Italy is moving to extradite Xu Zewei, the Chinese national arrested in 2025 at the...
ADT - 5,488,888 breached accounts
2026-04-27 07:36:42
In April 2026, home security firm ADT confirmed a data breach by ShinyHunters, which listed the company on its website as part of a "pay or leak" extortion attempt. The breach impacted 5.5M unique email...
A week in security (April 20 – April 26)
2026-04-27 07:02:00
A list of topics we covered in the week of April 20 to April 26 of 2026
U.S. utility giant Itron discloses a security breach
2026-04-27 06:54:09
Itron detected unauthorized access to part of its IT environment on April 13, 2026, and launched incident response and notified authorities. Itron disclosed a cyber incident involving unauthorized access...
Fake CAPTCHA IRSF Scam and 120 Keitaro Campaigns Drive Global SMS, Crypto Fraud
2026-04-27 06:33:00
Cybersecurity researchers have disclosed details of a telecommunications fraud campaign that uses fake CAPTCHA verification tricks to dupe unsuspecting users into sending international text messages that...
Kling Video v3 Turns Static Images Into Native 4K Video
2026-04-27 05:36:20
Kling Video v3 turns static images into native 4K videos, helping creators produce cinematic motion without post-production upscaling.
Qwen3.6 35B Gets Claude Opus Reasoning Distillation
2026-04-27 05:33:41
Explore a Qwen3.6-35B-A3B GGUF model distilled from Claude Opus reasoning data for local structured problem-solving.
How to Build Passwordless Sign-In in Flutter With Firebase — Part 1
2026-04-27 05:04:30
Learn how to build passwordless email link sign-in in Flutter using Firebase, BLoC, GoRouter, secure storage, and magic links.
The Quiet Signal — Hunt Forward Lab #001: C2 Beaconing Detection
2026-04-27 05:02:23
🔬 Lab Difficulty: Beginner — Estimated Time: 60–90 minutes🗂️ MITRE ATT&CK: T1071.001 — Application Layer Protocol: Web ProtocolsWhat is Hunt Forward ?Elastic SIEM Access request — https://hunt-forward.comImage...
From LinkedIn to Root Access: How a Phone Number, an Old Password Dump, and a Cache Poisoning Bug…
2026-04-27 05:02:06
Free Link 🎈Continue reading on InfoSec Write-ups »
Anthropic's Claude Code Problem Shows How Fragile AI Moats Really Are
2026-04-27 05:00:43
It's been a rough few months for Anthropic....
Build a Financial AI Copilot That Tests Stock Theses
2026-04-27 04:58:21
Learn how to build a financial AI copilot that tests stock theses using EODHD's MCP server, price data, fundamentals, and structured evidence.
Can GitHub Activity Predict the Next Startup Fundraise?
2026-04-27 04:55:17
Six months of GitHub data across 4,200 startup orgs. Engineering acceleration predicts Series A rounds 70% of the time, 3-6 weeks ahead of public sources.
Building a Budget Robot Arm With Semi-SCARA Kinematics
2026-04-27 04:52:58
This robotics build shows how smart mechanical design helped cut a 6DOF manipulator's cost without relying on expensive actuators.
“Bug Bounty Bootcamp #36: SSRF Hands-On — Confirming the Server Makes the Request and Reading Local…
2026-04-27 04:37:52
You think you found an SSRF. But how do you prove the request came from the server and not your browser? And once confirmed, how do you…Continue reading on InfoSec Write-ups »
When Email Speaks to Machines
2026-04-27 04:37:45
Prompt injection is becoming the new phishing — and the target is no longer you. It is the AI that reads your inbox on your behalf.Anything your agent reads, anyone can write to.More and more...
pentest-ai-agents – 28 Claude Code Subagents for Penetration Testing
2026-04-27 04:35:47
A new open-source toolkit called pentest-ai-agents is redefining how security professionals leverage AI in penetration testing workflows, transforming Anthropic’s Claude Code into a fully specialized...
Nessus Agent Vulnerability on Windows Enables Arbitrary Code Execution with SYSTEM Privileges
2026-04-27 03:37:07
A newly disclosed security vulnerability in Tenable’s Nessus Agent for Windows could allow attackers to execute malicious code with the highest level of system privileges, raising serious concerns...