Toute l'actualité de la Cybersécurité

SprySOCKS Windows Variant Abuses Kernel Drivers to Evade Detection

2026-06-16 20:11:48
FishMonger, a China-nexus threat group, has deployed an undocumented version of the Linux backdoor against government targets in Honduras, Taiwan, Thailand, and Pakistan.

New Rokarolla Android malware targets 217 banking, crypto apps

2026-06-16 20:04:11
A new Android banking trojan named Rokarolla is targeting 217 banking and cryptocurrency applications using an extensive set of 137 commands. [...]

iRhythm Hit by Cyberattack, Patient Data Stolen and Ransom Demanded

2026-06-16 19:19:54
iRhythm disclosed a cyberattack via third-party apps where patient and proprietary data was stolen, followed by a ransom demand. iRhythm Technologies is a U.S.-based digital healthcare company specializing...

Google Vertex AI SDK Flaw Let Attackers Hijack Model Uploads via Bucket Squatting

2026-06-16 19:05:41
A flaw in the Google Cloud Vertex AI SDK for Python let an attacker with no access to a victim's project hijack the victim's machine learning model upload and run code inside Google's serving infrastructure. Palo...

Steam Workshop abused to spread malware via Wallpaper Engine app

2026-06-16 18:27:55
Threat actors are abusing Steam Workshop, Valve's community hub for downloading game-related content, to push various malware hidden in wallpaper packages. [...]

ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures

2026-06-16 17:41:28
Cybersecurity researchers have flagged multiple ClickFix campaigns that deliver three malware loaders called BabaDeda Loader, Lorem Ipsum Loader, and Potemkin, per independent reports from Morphisec,...

Rokarolla Android Trojan Levels Up to Full Device Control, Persistence

2026-06-16 17:32:32
The emerging malware, spread via fake TikTok and Chrome downloads, demonstrates an evolution by combining banking fraud with extensive device surveillance and remote control.

Debian Asterisk Important Buffer Overflows and Fixes DLA-4631-1

2026-06-16 17:09:09
Several issues have been found in asterisk, an Open Source Private Branch Exchange (PBX). They are related to buffer under- or overflows, either on heap or on stack. Some are related to use-after-free...

La DGSI retient Chapsvision pour succéder à Palantir

2026-06-16 16:55:12
Entreprises et organisations publiques sont à la manoeuvre pour reprendre en main leur indépendance numérique. Dernier exemple (...)

The Half-Life of Threat Intelligence: When Does an IOC Stop Being Useful?

2026-06-16 16:42:31
The concept of the IOC — the Indicator of Compromise — sits at the operational heart of modern threat detection. Block the IP. Flag the domain. Quarantine the hash. The logic is clean and satisfying....

Critical Fortinet FortiSandbox Vulnerabilities Actively Exploited in Attacks

2026-06-16 16:40:16
Threat actors are actively exploiting multiple critical vulnerabilities in Fortinet’s FortiSandbox platform, with live attack telemetry confirming exploitation attempts over the past 24 hours. Defused...

SUSE OpenSSL-1_1 Important Buffer Overflow DoS Vuln 2026-2403-1

2026-06-16 16:31:22
An update that solves five vulnerabilities can now be installed.

openSUSE Important openssl-1_1 Security Update Advisory 2026-2404-1

2026-06-16 16:31:11
An update that solves five vulnerabilities can now be installed.

openSUSE 15.5 OpenSSL Important Security Update 2026-2405-1

2026-06-16 16:31:01
An update that solves five vulnerabilities can now be installed.

SUSE qemu Important Heap Overflow Denial of Service Vuln 2026-2406-1

2026-06-16 16:30:50
An update that solves three vulnerabilities can now be installed.

Amos Stealer Targets macOS Keychain Files and Browser Passwords

2026-06-16 16:27:00
Amos Stealer targets macOS users through fake downloads, stealing Keychain files, browser passwords, cookies, and developer configs for data theft.

Ubuntu 26.04 rabbitmq-c Critical Buffer Overflow and DoS Issues 8437-1

2026-06-16 16:18:04
Several security issues were fixed in rabbitmq-c.

Ubuntu Squid Important DoS Buffer Overflow Vulnerabilities USN-8435-1

2026-06-16 16:16:46
Several security issues were fixed in Squid.

Ubuntu CA Certificates Important Update Advisory USN-8436-1

2026-06-16 16:16:44
The CA certificates in the ca-certificates package were updated.

Aembit Extends IAM for Agentic AI to Microsoft Copilot Studio

2026-06-16 15:00:15
Las Vegas, USA / Nevada, 16th June 2026, CyberNewswire

Zero Trust Doesn't Fully Solve the Agentic AI Problem

2026-06-16 15:56:06
Zero Trust security was designed around identities accessing resources. Agentic AI introduces a different challenge: autonomous systems that reason, plan, and execute actions with real-world consequences....

Why the Next Programming Paradigm Has to Be Visual

2026-06-16 15:49:38
- AI not only revolutionized software development – it brought significant new problems with it. - A flood of unreviewed PRs and AI breaking down on complex requirements are among the most pressing. -...

China National AI Grid Targets 80% Domestic Tech Amid Compute Chokepoints

2026-06-16 15:44:06
From China's 2T yuan data-center grid to Nvidia's export-control workaround: who controls AI's industrialization layer is now the defining geopolitical contest.

Let AI Models Fight Over Your Architecture

2026-06-16 15:40:35
Asking a single AI to design your system is a mistake. Single prompts yield generic, happy-path answers. Instead, developers should build multi-agent workflows where specialized AIs—like an Architect,...

openSUSE Tumbleweed python311-zeroconf Moderate Threat Fix 2026-11036-1

2026-06-16 15:36:09
An update that solves one vulnerability can now be installed.

openSUSE Tumbleweed perl-Crypt-PBKDF2 Moderate Security Update 2026-11034-1

2026-06-16 15:36:09
An update that solves 3 vulnerabilities can now be installed.

openSUSE Tumbleweed python311-aiosmtplib Moderate CVE-2026-53533 Update

2026-06-16 15:36:09
An update that solves one vulnerability can now be installed.

openSUSE Tumbleweed google-osconfig-agent Moderate DoS Issue 2026-11032-1

2026-06-16 15:36:09
An update that solves one vulnerability can now be installed.

Suffering From Marketing Paralysis? Everyone Is Right Now, Here's The Way Out

2026-06-16 15:35:34
Open-ended AI development cycles open competitive space as marketers contend with the lack of traditional SaaS launch sequences and evolving go to market strategy. A cohort-based process aligns with AI...

Building a Read-Only AI Agent for Storage Incident Response

2026-06-16 15:35:15
Agentic AI can be useful in cloud storage operations, but its first production role should be read-only investigation rather than auto-remediation. This article argues for giving AI agents access to metrics,...

Meet the Writer: Hacker Noon's Contributor Rumiza Shakeel Shaikh, AI Product Manager

2026-06-16 15:30:22
From building deterministic multi-agent factories to analyzing why the lines between founders and PMs are disappearing, AI Product Manager, Rumiza Shakeel Shaikh steps away from the terminal to talk building,...

Claude Fable et Mythos désactivées : pourquoi Washington vient de relancer la guerre mondiale de l'IA

2026-06-16 15:27:09
Après avoir présenté son nouveau modèle comme une version sécurisée d'une IA jugée trop sensible pour être ouverte au public, Anthropic se retrouve confrontée à une décision radicale. Une...

7 Ways Real-Time Resource Management is Helping Construction Firms to Fight Back Project Overruns

2026-06-16 15:25:21
In today's market, it is very common for construction projects to exceed their original budget and timescale.

Why Every SaaS Company Will Need an AI Memory Layer Within the Next Five Years

2026-06-16 15:24:37
The next generation of SaaS products will feel less like tools and more like institutional collaborators. They will remember past decisions, understand team dynamics, and adapt to evolving business contexts....

'Lorem Ipsum' Malware Pivots to ClickFix Delivery

2026-06-16 15:10:48
New analysis shows the campaign, which uses compromised WordPress sites, may be linked to the ransomware and data extortion group Vice Society.

Hands-Off Coding on GCP: Building Autonomous Agents with Guardrails

2026-06-16 15:09:59
This article outlines an architecture for autonomous background coding agents built on Google Cloud Platform. Rather than focusing on prompting alone, it frames AI coding as an orchestration and infrastructure...

How I Built a Pipeline to Restore Old B&W Photos to 4K Color Using Open-Source AI

2026-06-16 14:59:59
I tested 8 different open-source AI upscalers and restoration tools to find the best pipeline for converting old black-and-white film footage into 4K colorized images for a YouTube history channel. After...

India Temporarily Bans Telegram Messenger Over Medical Exam Fraud

2026-06-16 14:49:36
India’s Ministry of Electronics and Information Technology (MeitY) has imposed a temporary ban on the Telegram messaging platform, restricting access nationwide until June 22, 2026. This decision...

USN-8437-1: rabbitmq-c vulnerabilities

2026-06-16 14:48:17
It was discovered that rabbitmq-c exposed credentials in command-line arguments under certain circumstances. A local attacker could possibly use this issue to obtain sensitive information. This issue...

UK to require ID or face scan before you can make social media accounts

2026-06-16 14:38:49
Opening a new social media account in the UK will soon mean proving you're over 16 with an ID upload or a facial age scan, under a government ban on under-16s taking effect in spring 2027. Security experts...

Managing Multiple Social Media Accounts is a Mess. Here is What Fixes it

2026-06-16 14:37:09
Managing multiple social media accounts is complicated — verifications, location mismatches, wrong-country research. The workarounds never really help. Multilogin makes it simple. Everything in one...

Fortinet Warned as Three Critical FortiSandbox Bugs Come Under Attack

2026-06-16 14:21:11
Three FortiSandbox flaws, including one patched last week, are being actively exploited, highlighting the shrinking window for defenders. Cybersecurity firm Defused Cyber confirmed it’s seen active...

Microsoft 365 Device Code Phishing Campaign Bypasses Password Theft With Legitimate Login Flow

2026-06-16 14:19:18
A new phishing campaign targeting Microsoft 365 users has been uncovered, and it takes a different approach than most attacks seen in the wild. Instead of trying to steal a victim’s password directly,...

GhostTree Attack Abused Recursive Windows Junctions to Hide Malware

2026-06-16 14:17:27
GhostTree uses recursive NTFS junctions to generate vast numbers of valid Windows file paths. Varonis explains how the technique could cause Microsoft Defender folder scans to never complete, leaving...

AppViewX Launches Agent Identity Security to Govern Agents for the AI and Quantum Era

2026-06-16 13:00:15
New York, United States of America, 16th June 2026, CyberNewswire

L'open source n'est plus « gratuit par défaut » : il devient un choix stratégique et responsable

2026-06-16 14:02:45
{ Tribune Expert } - Utiliser un modèle open source implique désormais de comprendre son entraînement, de documenter précisément son usage, de garantir sa conformité avec les exigences réglementaires...

Hackers Weaponize Microsoft Teams Relay to Hide Ransomware Traffic

2026-06-16 13:59:55
Hackers are increasingly abusing trusted cloud services to evade detection, and a newly uncovered campaign demonstrates how Microsoft Teams infrastructure can be weaponized to hide malicious traffic....

Developer laptops are the credential store attackers are picking through in 2026, GitGuardian announces Endpoint Protection

2026-06-16 12:00:30
New York, New York, 16th June 2026, CyberNewswire

USN-8433-1: OpenStack Keystone vulnerabilities

2026-06-16 13:45:21
It was discovered that OpenStack Keystone allowed restricted application credentials to create EC2 credentials. An authenticated attacker with only a reader role could possibly use this issue to bypass...

FTC warns of record .5 billion losses to imposter scams in 2025

2026-06-16 13:42:19
The U.S. Federal Trade Commission (FTC) warned that Americans lost .5 billion to imposter scams in 2025, with reported losses nearly tripling since 2020. [...]

New Rokarolla Android Malware Steals PINs, SMS Codes, and Crypto Wallet Funds

2026-06-16 13:10:17
Security researchers at Zimperium's zLabs have documented a new Android banking trojan, Rokarolla, that targets 217 banking and cryptocurrency apps and packs 137 remote commands. Together,...

Agentic AppSec: closing the remediation gap and automating application security

2026-06-16 13:00:05
Application security has spent a decade getting brilliant at half of its job. This is about automating the other half – starting with the fix, and not stopping there.

“Free World Cup stream” sites are serving scams, not football

2026-06-16 13:00:00
We found dozens of fake World Cup streaming sites using football as bait to funnel visitors through a malicious advertising network.

New Rokarolla Android Trojan Found Targeting 217 Crypto and Banking Apps

2026-06-16 13:00:00
Zimperium researchers discover a new mobile Trojan that hijacks clipboards, blocks bank calls, and takes complete control of Android devices.

Cardiac patients’ medical data stolen and held to ransom

2026-06-16 12:49:01
Cardiac monitoring provider iRhythm has been hit by a data theft followed by an extortion attempt.

SpaceX avale Cursor pour 60 milliards $

2026-06-16 12:30:39
SpaceX rachète Cursor pour 60 milliards $, quelques jours après son entrée en Bourse record à plus de 2 000 milliards $. The post SpaceX avale Cursor pour 60 milliards $ appeared first on Silicon.fr....

Les données de 550 000 Français ont été volées sur un site du gouvernement

2026-06-16 12:30:00
La plateforme JeVeuxAider.gouv.fr, qui met en relation bénévoles et associations, a été victime d'une cyberattaque. Le gouvernement a suspendu le service, mais le mal était fait : des données...

VMware, un vrai sujet de dépendance dans la sphère publique

2026-06-16 12:20:17
Les auditions de la commission d'enquête parlementaire sur les dépendances numériques ont mis en lumière l'empreinte de VMware dans la sphère publique... et les stratégies de sortie engagées par...

Virtual Or Full-Time CISO: ROI Calculator On Security Leadership

2026-06-16 12:19:33
This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Jun. 16, 2026 – Read the full story from LinkedIn The 2026 CISO Report by Cybersecurity Ventures, published...

Interlock and Rhysida Ransomware Operations Share Supper Backdoor and Malware Codebase

2026-06-16 12:19:29
Two of the more active ransomware groups operating today, Interlock and Rhysida, have more in common than previously thought. New research shows both groups share a backdoor called Supper, and that several...

100 experts en cybersécurité protestent contre la suspension de Claude Fable 5 et Mythos 5

2026-06-16 12:14:22
Une centaine d'experts en cybersécurité protestent contre l'interdiction des deux derniers Claude déployés par Anthropic. Dans une lettre ouverte, ils estiment que les États-Unis se tirent une balle...

Novo Nordisk Confirms Cyber Attack — Hackers Accessed Patient Medical Data and Internal AI Assets

2026-06-16 11:54:25
Danish pharmaceutical giant Novo Nordisk has confirmed a cyberattack in which threat actors gained unauthorized access to internal IT systems, exfiltrating pseudonymized patient data from clinical trials...

La DGSI choisit le français ChapsVision et tourne le dos à Palantir

2026-06-16 11:43:26
La solution de Chapvision va remplacer Palantir au sein des services de renseignement de la sécurité intérieure (DGSI). The post La DGSI choisit le français ChapsVision et tourne le dos à Palantir...

Survey: 94% of Incidents Involve Anonymized Infrastructure. Teams Are Still Reactive

2026-06-16 11:30:00
Security teams have never had more IP data at their disposal. Every day, analysts ingest enrichment feeds, geolocation data, reputation scores, telemetry, and threat intelligence from a growing ecosystem...

Une faille corrigée dans Langflow reste toujours exploitée

2026-06-16 11:17:28
Les entreprises utilisant la plateforme open source de développement IA Langflow sont invitées à corriger sans délai (...)

CVE-2026-20262: CISCO Catalyst SD-WAN Flaw Under Active Targeted Exploitation

2026-06-16 10:53:08
Cisco warned that CVE-2026-20262, a Catalyst SD-WAN Manager vulnerability allowing arbitrary file writes, is being actively exploited. Cisco confirmed active exploitation of CVE-2026-20262, an arbitrary...

Best of Android Fax Apps: Top 5 Secure Picks for 2026

2026-06-16 10:49:59
Discover the best of Android fax apps to send and receive secure documents on the go. Compare Municorn Fax App, Fax.Plus, and other top Android tools.

CISA warns of another cPanel plugin flaw exploited in attacks

2026-06-16 10:47:59
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. government agencies three days to secure their servers against an actively exploited vulnerability (CVE-2026-54420) in the...

Deepfake posting sites depicting famous women taken down by feds

2026-06-16 10:31:16
Thanks to Uncle Sam, anyone trying to find nonconsensual intimate deepfakes on CFake.com and SOCFake.com will be disappointed.

Attackers Exploit Three Fortinet FortiSandbox Flaws, One Patched Last Week

2026-06-16 10:30:41
Bad actors are exploiting multiple security vulnerabilities in Fortinet FortiSandbox, according to threat intelligence firm Defused Cyber. In a post shared on X, the company said it has observed exploitation...

Ransomware gang abuses Microsoft Teams relays to hide malicious traffic

2026-06-16 10:18:48
DragonForce ransomware used a custom malware named 'Backdoor.Turn' to hide command-and-control traffic inside Microsoft Teams relay infrastructure. [...]

Pickle in the Middle – Hijacking Vertex AI Model Uploads for Cross-Tenant RCE

2026-06-16 10:00:29
Unit 42 discovered a Vertex AI Python SDK vulnerability that allows remote code execution via bucket squatting. Read the article for more. The post Pickle in the Middle – Hijacking Vertex AI Model...

Open Publishing, Commercial Scale

2026-06-16 10:00:03
This is not just a Maven Central story.

L'exploit GreatXML contournant BitLocker contesté

2026-06-16 09:55:29
La semaine dernière, un chercheur qui publie depuis plusieurs mois des failles critiques dans Windows, a dévoilé un exploit censé (...)

China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth

2026-06-16 09:44:34
Cybersecurity researchers have flagged two previously undocumented Windows variants of what was believed to be a Linux-only backdoor called SprySOCKS. "The Windows variants discovered are internally...

Nouvelle faille de Microsoft 365 Copilot : comment des pirates peuvent piller vos données en un « seul clic »

2026-06-16 09:44:00
Une faille critique a été débusquée dans le fonctionnement de Microsoft 365 Copilot Enterprise. En bernant l'assistant IA, un attaquant peut voler emails, codes d'authentification et fichiers confidentiels...

Critical Fortinet FortiSandbox flaws now exploited in attacks

2026-06-16 09:19:51
Attackers are now exploiting several critical vulnerabilities in Fortinet's FortiSandbox cyber threat detection platform, according to threat intelligence company Defused. [...]

Dozens of malicious wallpapers found on Steam Workshop: gamers' accounts at risk

2026-06-16 09:00:11
Since late 2025, malware has been spreading rapidly through the Steam Workshop, the gaming platform's built-in service for players to create and share custom content. The attackers are primarily targeting...

Windows version of SprySOCKS Linux malware used to attack govt orgs

2026-06-16 09:00:00
Windows variants for the SprySOCKS Linux malware have been used in attacks targeting government organizations in at least four countries. [...]

Reverse Shell Explained: Setup, Attack Chain, and Detection

2026-06-16 08:54:29
A reverse shell makes the target machine initiate the connection back to the attacker, bypassing firewalls that only filter inbound traffic. This guide walks through how attackers set one up, what they...

U.S. CISA adds Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities catalog

2026-06-16 08:53:24
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure...

L'Arcep expose ses « chiffres de terrain » sur l'empreinte énergétique des LLM

2026-06-16 08:47:22
Un test sur le supercalculateur Jean Zay chiffre l'impact des différentes caractéristiques des LLM (taille, architecture, compression...) sur leur consommation électrique à l'inférence. The post...

USN-8432-1: FreeRDP vulnerabilities

2026-06-16 08:41:44
It was discovered that FreeRDP incorrectly handled memory under certain circumstances, which could lead to an out-of-bounds heap write. An attacker could possibly use this issue to cause a denial of service...

Fake Microsoft Alerts Used to Deploy North Korean NarwhalRAT Malware

2026-06-16 08:14:55
The North Korean state-sponsored hacking group known as ScarCruft (aka APT37) has been observed using spear-phishing messages impersonating Microsoft Account security notifications to deliver malware...

Coupe du monde 2026 : Zimperium alerte sur trois campagnes de phishing mobile exploitant la ferveur des supporters

2026-06-16 07:37:54
Alors que la Coupe du monde de la FIFA 2026 vient de démarrer, zLabs, l'équipe de recherche de Zimperium, met en lumière la recrudescence des campagnes de phishing mobile exploitant l'engouement...

China-linked actor spent two years inside medical research networks

2026-06-16 07:32:17
China’s UNC6508 hid in North American medical research networks for 2 years, stealing credentials and forwarding emails to Gmail Google’s Threat Intelligence Group published a report this...

USN-8349-3: rsync regression

2026-06-16 07:31:50
USN-8349-1 fixed vulnerabilities in rsync. Unfortunately that update introduced multiple regressions in rsync functionality. This update fixes the problem. We apologize for the inconvenience. Original...

Host & Network Penetration Testing: Network-Based Attacks CTF 1 — eJPT (INE)

2026-06-16 06:53:44
A beginner-friendly Wireshark PCAP analysis walkthrough — identifying a malware infection through network traffic.Hello everyone! 👋In this blog, I'll walk through the Network-Based Attacks...

The Intelligent Shield. OpenCTI

2026-06-16 06:53:22
Beyond Ingestion Subtitle: Deploying AI-Driven Enrichment in OpenCTITransforming Threat Data into High-Confidence IntelligenceIn an era of relentless and complex cyber attacks, traditional, manual threat...

The Art of Taking Notes

2026-06-16 06:53:03
How To Effectively Take Notes That Not Only Boost Your Memory But Also Make Others Worth ReadingWhether you are in any technical, non-technical, financial, or medical field, you must have taken notes,...

Mastery Hunt: Hidden API Endpoints — A Deep Dive into API Bug Bounty Recon & Exploitation

2026-06-16 06:52:31
API security testing is the crown jewel of modern bug bounty hunting. While front-end vulnerabilities still exist, APIs are where the real treasure lies — sensitive data, privileged operations,...

CAT Reloaded CTF — CATF 2025 — DFIR Challenges

2026-06-16 06:52:23
CAT Reloaded CTF — CATF 2025–DFIR ChallengesHappy to share with you my writeup for solving 4 DFIR challenges out of 5 (last chall has 0 solves💀) in CAT Reloaded CTF — CATF 2025.You can...

IEEE Victoris 4.0 — CTF 2025 — Finals DFIR Challenges

2026-06-16 06:52:10
IEEE Victoris 4.0 — CTF 2025 — Finals DFIR ChallengesHi, I'm glad to share with you my writeup for solving 3/4 DFIR challenges in IEEE (Mansoura Student Branch) VICTORIS 4.0, Authored by EGCERTYou...

The Crime Blue Team Lab (CyberDefenders)

2026-06-16 06:52:03
The Crime | Blue team challenge.You can read this writeup on my GitBook account LinkScenarioWe're currently in the midst of a murder investigation, and we've obtained the victim's phone as a key...

Bug Bounty Bootcamp #45: Token?

2026-06-16 06:50:03
You found a password reset that leaks the magic token in the API response. Or worse — the devs left an endpoint that just gives you…Continue reading on InfoSec Write-ups »

TryHackMe — Checkmate | Full Walkthrough

2026-06-16 06:49:16
Platform: TryHackMe Room: Checkmate Difficulty: Easy Category: Password Attacks / OSINT / Privilege Escalation Author: Shikhali Jamalzade GitHub: github.com/alisalive LinkedIn: linkedin.com/in/camalzadsOverviewCheckmate...

TryHackMe — Break Out The Cage | Full Write-Up

2026-06-16 06:49:10
Platform: TryHackMeRoom: Break Out The Cage Difficulty: Easy Author: Shikhali JamalzadeGitHub: github.com/alisalive LinkedIn: linkedin.com/in/camalzads“Put… the bunny… back… in the box.” — Con AirOverviewBreak...

LiteLLM Vulnerability Chain: What Security Teams Running AI Gateways Need to Do Now

2026-06-16 06:45:21
A three-CVE chain lets any default LiteLLM user escalate to admin and get a shell on the gateway server. A separate RCE is already in CISA's KEV. Here's what to check and how to patch. LiteLLM Vulnerability...

iRhythm discloses data breach, says hackers stole patient info

2026-06-16 06:31:59
Digital healthcare company iRhythm Holdings has disclosed a data breach after hackers stole patients' personal and health information stored on third-party-hosted business applications. [...]

Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw

2026-06-16 06:05:58
Cisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-20262, carries...

CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation

2026-06-16 05:41:52
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting LiteSpeed cPanel Plugin to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian...

List of 48 new domains

2026-06-16 00:00:00
.fr 1winenligne[.fr] (registrar: TLD Registrar Solutions Ltd) acbordeaux[.fr] (registrar: Hosting Concepts B.V. d/b/a Openprovider) accountservicescenter[.fr] (registrar: GANDI) accountverify[.fr] (registrar:...

Multiples vulnérabilités dans Redmine (16 juin 2026)

16/06/2026
De multiples vulnérabilités ont été découvertes dans Redmine. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité...

Vulnérabilité dans LibreNMS (16 juin 2026)

16/06/2026
Une vulnérabilité a été découverte dans LibreNMS. Elle permet à un attaquant de provoquer une injection de code indirecte à distance (XSS).

Vulnérabilité dans Cisco Catalyst (16 juin 2026)

16/06/2026
Une vulnérabilité a été découverte dans Cisco Catalyst. Elle permet à un attaquant de provoquer une atteinte à l'intégrité des données. Cisco indique que la vulnérabilité CVE-2026-20262 est...

Multiples vulnérabilités dans Microsoft Edge (16 juin 2026)

16/06/2026
De multiples vulnérabilités ont été découvertes dans Microsoft Edge. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Vulnérabilité dans Microsoft Azure (16 juin 2026)

16/06/2026
Une vulnérabilité a été découverte dans Microsoft Azure. Elle permet à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Multiples vulnérabilités dans les produits Spring (16 juin 2026)

16/06/2026
De multiples vulnérabilités ont été découvertes dans les produits Spring. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un problème de sécurité...

Multiples vulnérabilités dans les produits Moxa (16 juin 2026)

16/06/2026
De multiples vulnérabilités ont été découvertes dans les produits Moxa. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte...