Toute l'actualité de la Cybersécurité
Moins de qubits pour casser le chiffrement RSA
2025-06-02 09:44:00
« Depuis des décennies, les communautés quantiques et de la sécurité savent aussi que les ordinateurs quantiques (...)
Critical Roundcube Vulnerability Let Attackers Execute Remote Code
2025-06-02 09:07:06
A critical vulnerability in the widely used Roundcube Webmail software allows authenticated attackers to execute arbitrary code remotely. The vulnerability, discovered through PHP object deserialization...
AI-Driven Threat Intelligence Staying Ahead of Attackers
2025-06-02 09:00:00
As cyber threats evolve at an unprecedented pace in 2025, organizations worldwide are turning to artificial intelligence to stay one step ahead of increasingly sophisticated attackers. The global threat...
Active Exploits Detected Targeting Critical vBulletin Vulnerability
2025-06-02 08:49:56
Two critical vulnerabilities—CVE-2025-48827 and CVE-2025-48828—have been assigned to vBulletin, the widely used PHP/MySQL forum software, following public disclosure and observed exploitation in the...
Critical Roundcube Flaw Allows Remote Code Execution by Attackers
2025-06-02 08:26:27
Roundcube Webmail, one of the most widely used browser-based IMAP clients, has released urgent security updates for its 1.6 and 1.5 LTS versions. The newly published versions, 1.6.11 and 1.5.10, address...
New Study Reveals Vulnerable Code Pattern Putting GitHub Projects at Risk of Path Traversal Attacks
2025-06-02 08:21:40
A comprehensive research study has identified a widespread path traversal vulnerability (CWE-22) affecting 1,756 open-source GitHub projects, some of which are highly influential in the software ecosystem....
CISOs Guide to Regulatory Compliance in Global Landscapes
2025-06-02 08:00:00
Chief Information Security Officers worldwide are grappling with an unprecedented surge in regulatory requirements as governments expand cybersecurity mandates across critical sectors, transforming the...
CISA Warns of Consilium Fire Panel Vulnerabilities Allowing Remote Takeover
2025-06-02 07:44:56
CISA has issued a critical advisory warning of two severe security vulnerabilities affecting all versions of the Consilium Safety CS5000 Fire Panel, a widely deployed industrial control system used in...
Severe Vulnerabilities in Consilium CS5000 Fire Panels Allow Remote System Takeover
2025-06-02 07:42:49
Two severe cybersecurity vulnerabilities have been disclosed in the Consilium Safety CS5000 Fire Panel, a widely deployed industrial control system integral to fire safety across sectors like commercial...
MITRE Releases Roadmap for Transition to Post-Quantum Cryptography
2025-06-02 07:19:45
The nonprofit research organization MITRE has unveiled a comprehensive roadmap designed to guide organizations through the critical transition from current cryptographic standards to quantum-resistant...
A cyberattack hit hospitals operated by Covenant Health
2025-06-02 07:15:29
A cyberattack hit three hospitals operated by Covenant Health, forcing them to shut down all systems to contain the incident. Three hospitals run by Covenant Health were hit by a cyberattack, prompting...
A week in security (May 26 – June 1)
2025-06-02 07:04:53
A list of topics we covered in the week of May 26 to June 1 of 2025
Securing Remote Work Zero Trust for Distributed Workforces
2025-06-02 07:00:00
As remote work becomes permanently embedded in corporate culture, organizations abandon traditional perimeter-based security models in favor of Zero Trust architectures to protect their distributed workforces...
Experts published a detailed analysis of Cisco IOS XE WLC flaw CVE-2025-20188
2025-06-02 06:58:14
Technical details about a critical Cisco IOS XE WLC flaw (CVE-2025-20188) are now public, raising the risk of a working exploit emerging soon. Details of a critical vulnerability, tracked as CVE-2025-20188,...
New Linux Security Bugs Could Expose Password Hashes Across Millions of Devices
2025-06-02 06:51:46
The Qualys Threat Research Unit (TRU) has disclosed two significant local information disclosure vulnerabilities—CVE-2025-5054 and CVE-2025-4598—impacting the core-dump handlers Apport and systemd-coredump...
How to Start Bug Bounty with Zero Knowledge
2025-06-02 06:39:09
📌Free Article LinkContinue reading on InfoSec Write-ups »
OSWE Web Hacking Tips (IPPSEC): My Study Journey #1
2025-06-02 06:38:01
Ace your OSWE exam by mastering key web exploitation techniques. Our weekly series breaks down proven methods directly from IPPSEC's invaluable YouTube classics. Expect deep dives into SQL Injection,...
Learning YARA: A Beginner SOC Analyst's Notes
2025-06-02 06:36:44
Learn how to build a YARA-powered malware detection and automation system using n8n, GPT, and hybrid analysis tools. This hands-on guide…Continue reading on InfoSec Write-ups »
Tilde Games: Exploiting 8.3 Shortnames on IIS Servers
2025-06-02 06:36:35
IIS Tilde Enumeration? Sounds cool but what is that…Before diving into the vulnerability, it's important to understand 8.3 filenames (also known as short names or SFNs). In the MS-DOS era, filenames...
0 Bounty: How a Misconfigured Warning Endpoint in Apache Airflow Exposed DAG Secrets
2025-06-02 06:36:23
CVE-2023–42780: An Improper Access Control Bug That Let Low-Privileged Users View DAG Import Errors and Stack TracesContinue reading on InfoSec Write-ups »
From Forgot Password to Forgot Validation: A Broken Flow That Let Me Take Over Accounts
2025-06-02 06:36:13
Hey there!😁Continue reading on InfoSec Write-ups »
From alert(1) to Real-world Impact: Hunting XSS Where Others Don't Look
2025-06-02 06:35:56
I was testing a web application late one night when I triggered a humble alert(1) box. It blinked on my screen, almost mockingly — something every hacker sees countless times. But this wasn't...
Bug Bounty from Scratch | Everything You Need to Know About Bug Bounty
2025-06-02 06:35:22
📌Free Article LinkContinue reading on InfoSec Write-ups »
My First P1
2025-06-02 06:33:48
In the Name of Allah, the Most Beneficent, the Most Merciful.All the praises and thanks be to Allah, the Lord of the ‘Alamin (mankind, jinns and all that exists).Last week, I decided to get iScan.today...
Wazuh: The Free and Open Source SIEM/XDR Platform
2025-06-02 06:31:22
IntroductionWazuh is a free and open-source security platform that provides unified XDR and SIEM protection for endpoints and cloud workloads.The Wazuh comprises of mainly 4 components:Wazuh Indexer:...
Conducting Risk Assessments That Drive Business Value
2025-06-02 06:00:00
Companies across industries are discovering that well-executed risk assessments do far more than check regulatory boxes—they’re becoming powerful engines for business growth and competitive advantage....
Blockchain for Cybersecurity Real-World Applications and Limits
2025-06-02 05:00:00
As cybercrime costs the global economy an estimated 5 billion annually, blockchain technology is emerging as a powerful cybersecurity weapon and a new battleground for digital threats. With illicit...
Exclusive! Entire Conti Ransomware Gang Including Key Leaders With Photo & Infrastructure Exposed
2025-06-02 04:55:56
In a landmark investigation, the anonymous cybercrime investigator GangExposed has struck a devastating blow against the notorious Conti ransomware group, exposing the real identities, operational strategies,...
Evolution of DDoS Attacks Mitigation Strategies for 2025
2025-06-02 04:00:00
The cybersecurity landscape witnessed an unprecedented escalation in distributed denial of service (DDoS) attacks during the first quarter of 2025. Organizations faced increasingly sophisticated threats...
Breaking Down Silos Aligning IT and Security Teams
2025-06-02 03:00:00
A growing crisis is emerging in corporate cybersecurity operations, where organizational silos between IT and security teams are creating dangerous blind spots and slowing critical threat response times....
Fedora 41 Update: chromium 137.0.7151.55 critical issues fixed
2025-06-02 01:27:05
Update to 137.0.7151.55 CVE-2025-5063: Use after free in Compositing CVE-2025-5280: Out of bounds write in V8 CVE-2025-5064: Inappropriate implementation in Background Fetch API CVE-2025-5065: Inappropriate...
Fedora 42: chromium 2025-7f3fdc548a critical: implementation issues
2025-06-02 01:17:27
Update to 137.0.7151.55 CVE-2025-5063: Use after free in Compositing CVE-2025-5280: Out of bounds write in V8 CVE-2025-5064: Inappropriate implementation in Background Fetch API CVE-2025-5065: Inappropriate...