Toute l'actualité de la Cybersécurité
Russia-Linked SpyPress Malware Exploits Webmails to Spy on Ukraine
2025-05-18 17:34:47
ESET reports on RoundPress, a cyber espionage campaign by Russia’s Fancy Bear (Sednit) targeting Ukraine-related organizations via webmail…
FBI Warns of AI Voice Scams Impersonating US Govt Officials
2025-05-18 16:43:37
FBI has warned about a sophisticated vishing and smishing campaign using AI-generated voice memos to impersonate senior US…
Bypassing Login via NoSQL Operator Injection: A MongoDB Authentication Hack
2025-05-18 16:01:36
Bypass login authentication using MongoDB NoSQL injection via logical and regex-based operator abuse to impersonate the admin user FOR EDUCATIONAL PURPOSES ONLY.Author: Aditya BhattWrite-Up Type: Bug...
Lab: Exploiting a mass assignment vulnerability
2025-05-18 16:01:07
Portswigger Lab API moduleContinue reading on InfoSec Write-ups »
Build Your Own AI SOC — Part 6 Daily AI-Powered Threat Briefings With n8n + GPT
2025-05-18 16:00:58
Introduction: Information Without OverloadContinue reading on InfoSec Write-ups »
Redirect Roulette: How Poor OAuth Redirect Handling Gave Me Account Takeover
2025-05-18 16:00:49
Hey there!😁Continue reading on InfoSec Write-ups »
5 Linux Commands You've Probably Never Heard Of
2025-05-18 16:00:24
In this article, I will show you five Linux commands you’ve probably never heard of. They’re simple, practical, and designed to make your…Continue reading on InfoSec Write-ups »
Here's everything you need to know about ARP Poisoning.
2025-05-18 15:59:58
ARP Poisoning also named as ARP sniffing/spoofing is a Man-In-The-Middle attack.Well Well Well. I am back with another one. In my last article, I raised a question and then left it unanswered. If you...
0 Bounty: for HTTP Request Smuggling on Data.gov
2025-05-18 15:59:51
How a cleverly crafted desync attack revealed a hidden path to client-side compromise, JS injection and potential cookie theftContinue reading on InfoSec Write-ups »
The Most Dangerous Bug I've Ever Found (And No One Was Looking)
2025-05-18 15:59:28
👉Free Article LinkContinue reading on InfoSec Write-ups »
Sharpening Command Injections to get Full RCE
2025-05-18 15:56:07
Uncommon Bash tricks to Bypass WAF and achieve Remote Code Execution (RCE)Continue reading on InfoSec Write-ups »
Token of Misfortune: How a Refresh Token Leak Let Me Regenerate Unlimited Sessions
2025-05-18 15:55:46
Free Link 🎈Continue reading on InfoSec Write-ups »
“Hi Dear” Needs to Die: A Rant for Every Inbox That's Had Enough
2025-05-18 12:45:04
The dreaded **“Hi Dear” is the email equivalent of nails on a chalkboard. In Western culture, this isn't charming. It's not professional. It's not even polite. It reeks of spam, screams of inauthenticity....
Debian: DSA-5923-1 critical: net-tools buffer overflow causing DoS
2025-05-18 11:55:30
Mohamed Maatallah discovered a stack-based buffer overflow in the get_name() function in net-tools, a collection of programs for controlling the network subsystem of the Linux kernel, which may result...
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 45
2025-05-18 11:54:10
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape PupkinStealer : A .NET-Based Info-Stealer Interlock ransomware...
Security Affairs newsletter Round 524 by Pierluigi Paganini – INTERNATIONAL EDITION
2025-05-18 11:36:45
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter,...
Debian Bookworm: DSA-5922-1 critical: firefox-esr code execution
2025-05-18 10:25:08
Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code.
Experts found rogue devices, including hidden cellular radios, in Chinese-made power inverters used worldwide
2025-05-18 08:52:26
Chinese “kill switches” found in Chinese-made power inverters in US solar farm equipment that could let Beijing remotely disable power grids in a conflict. Investigators found “kill...
The TechBeat: This 150-Line Go Script Is Actually a Full-On Load Balancer (5/18/2025)
2025-05-18 06:10:57
How are you, hacker?
🪐Want to know what's trending right now?:
The Techbeat by HackerNoon has got you covered with fresh content from our trending stories of the day! Set email preference here.
...
PupkinStealer Attacks Windows System to Steal Login Credentials & Desktop Files
2025-05-18 04:51:01
A new information-stealing malware dubbed “PupkinStealer” has been identified by cybersecurity researchers, targeting sensitive user data through a straightforward yet effective approach....
Fedora 41 Update: chromium 136.0.7103.113 critical policy fix
2025-05-18 01:37:00
Update to 136.0.7103.113 CVE-2025-4664: Insufficient policy enforcement in Loader CVE-2025-4609: Incorrect handle provided in unspecified circumstances in Mojo
Fedora 41: 2025-36c626e871 critical: mbedtls denial of service
2025-05-18 01:36:58
Update to 1.25.0
Fedora 42 Update: chromium 136.0.7103.113 Critical Issues Resolved
2025-05-18 01:10:40
Update to 136.0.7103.113 CVE-2025-4664: Insufficient policy enforcement in Loader CVE-2025-4609: Incorrect handle provided in unspecified circumstances in Mojo
Fedora 42: 2025-90c7a763fe critical: MicroPython mbedtls issues
2025-05-18 01:10:32
Update to 1.25.0
List of 13 new domains
2025-05-18 00:00:00
.fr air-up-france[.fr] (registrar: Hosting Concepts B.V. d/b/a Openprovider)
bfi2-france[.fr] (registrar: Hostinger operations UAB)
bricotdepot[.fr] (registrar: Hosting Concepts B.V. d/b/a Openprovider)
caisse-epargne-auvergne-limousin[.fr]...