🔥Developer Workstations Are Now Part of the Software Supply Chain
Supply chain attackers are not only trying to slip malicious code into trusted software. They are trying to steal the access that makes trusted software possible. Recently, three separate campaigns...
🔥Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code. Topping the...
🖥️La panne de Salt vendredi dernier n’était pas due à un problème technique, mais bien à une cyberattaque
Vendredi vers 19 h, les clients de Salt ont été privés de connexion internet fixe pendant environ quarante minutes. Cette interruption n’était pas …
📰The Canvas breach proved that prevention is no longer enough
Cybercriminals brought down the most widely used learning platform in North America. The Canvas breach is a blueprint for how SaaS attacks now work — and a warning about how unprepared most...
🔥MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems
Chaotic Eclipse, the security researcher behind the recently disclosed Windows flaws, YellowKey and GreenPlasma, has released a proof-of-concept (PoC) for a Windows privilege escalation zero-day flaw
🔥Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware
Cybersecurity researchers have discovered four new npm packages containing information-stealing malware, one of which is a clone of the Shai-Hulud worm open-sourced by TeamPCP. The list of identified
🖥️Une simple clé USB suffit à faire sauter le chiffrement de Windows 11
Une faille béante touchant le logiciel responsable du chiffrement des données sur Windows 11 vient d’être découverte. Si le potentiel d’attaque est …
🖥️21 ans de continuité opérationnelle : Kazuar, l'arme cyber la plus ancienne du FSB, mute encore
Le renseignement russe fait évoluer son malware fétiche depuis 2005. Microsoft vient de documenter sa dernière mue, et elle est redoutable : un …
🖥️OpenAI confirme un vol de données : mettez à jour ChatGPT de toute urgence !
Le géant derrière ChatGPT frappé par des hackers. Après une cyberattaque visant des employés d’OpenAI, certains utilisateurs Mac vont devoir mettre à …
🔥Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations
A new analysis of the Lua-based fast16 malware has confirmed that it was a cyber sabotage tool designed to tamper with nuclear weapons testing simulations. According to Broadcom-owned Symantec and...
🖥️Cyberattaque massive chez Gîtes de France, près de 400.000 clients concernés par le vol de données, troisième acteur du tourisme hacké en 3 jours
Le réseau d'hébergements Gîtes de France a confirmé dimanche 18 mai avoir été victime d'un vol de données qui concernerait près de 400.000 clients. …
📰Former CISA nominee Sean Plankey named US CEO of defense startup
UFORCE, a London-based company founded by Ukrainians, is looking to make drones in America. The post Former CISA nominee Sean Plankey named US CEO of defense startup appeared first on CyberScoop.
📰Colorado governor commutes prison sentence for election denier Tina Peters
Peters was sentenced to nine years for stealing voting data and has been publicly unrepentant. But Colorado Governor Jared Polis has been hinting at the decision for months. The post Colorado...
📰Here’s how the FTC plans to enforce the Take It Down Act
The commission will dole out hefty fines and promises investigations for Take It Down Act violators. Experts say questions remain around the agency’s resources and priorities. The post...
📰Cisco zero-day under ongoing attack by persistent threat group
The threat group behind the attacks is also linked to a series of recently disclosed vulnerabilities in the vendor’s firewalls and SD-WAN systems. The post Cisco zero-day under ongoing attack by...
🔥Developer Workstations Are Now Part of the Software Supply Chain
Supply chain attackers are not only trying to slip malicious code into trusted software. They are trying to steal the access that makes trusted software possible. Recently, three separate campaigns...
🔥Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws
Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code. Topping the...
🖥️La panne de Salt vendredi dernier n’était pas due à un problème technique, mais bien à une cyberattaque
Vendredi vers 19 h, les clients de Salt ont été privés de connexion internet fixe pendant environ quarante minutes. Cette interruption n’était pas …
📰The Canvas breach proved that prevention is no longer enough
Cybercriminals brought down the most widely used learning platform in North America. The Canvas breach is a blueprint for how SaaS attacks now work — and a warning about how unprepared most...
🔥MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems
Chaotic Eclipse, the security researcher behind the recently disclosed Windows flaws, YellowKey and GreenPlasma, has released a proof-of-concept (PoC) for a Windows privilege escalation zero-day flaw
🔥Four Malicious npm Packages Deliver Infostealers and Phantom Bot DDoS Malware
Cybersecurity researchers have discovered four new npm packages containing information-stealing malware, one of which is a clone of the Shai-Hulud worm open-sourced by TeamPCP. The list of identified
🖥️Une simple clé USB suffit à faire sauter le chiffrement de Windows 11
Une faille béante touchant le logiciel responsable du chiffrement des données sur Windows 11 vient d’être découverte. Si le potentiel d’attaque est …
🖥️21 ans de continuité opérationnelle : Kazuar, l'arme cyber la plus ancienne du FSB, mute encore
Le renseignement russe fait évoluer son malware fétiche depuis 2005. Microsoft vient de documenter sa dernière mue, et elle est redoutable : un …
🖥️OpenAI confirme un vol de données : mettez à jour ChatGPT de toute urgence !
Le géant derrière ChatGPT frappé par des hackers. Après une cyberattaque visant des employés d’OpenAI, certains utilisateurs Mac vont devoir mettre à …
🔥Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations
A new analysis of the Lua-based fast16 malware has confirmed that it was a cyber sabotage tool designed to tamper with nuclear weapons testing simulations. According to Broadcom-owned Symantec and...
🖥️Cyberattaque massive chez Gîtes de France, près de 400.000 clients concernés par le vol de données, troisième acteur du tourisme hacké en 3 jours
Le réseau d'hébergements Gîtes de France a confirmé dimanche 18 mai avoir été victime d'un vol de données qui concernerait près de 400.000 clients. …
📰Former CISA nominee Sean Plankey named US CEO of defense startup
UFORCE, a London-based company founded by Ukrainians, is looking to make drones in America. The post Former CISA nominee Sean Plankey named US CEO of defense startup appeared first on CyberScoop.
📰Colorado governor commutes prison sentence for election denier Tina Peters
Peters was sentenced to nine years for stealing voting data and has been publicly unrepentant. But Colorado Governor Jared Polis has been hinting at the decision for months. The post Colorado...
📰Here’s how the FTC plans to enforce the Take It Down Act
The commission will dole out hefty fines and promises investigations for Take It Down Act violators. Experts say questions remain around the agency’s resources and priorities. The post...
📰Cisco zero-day under ongoing attack by persistent threat group
The threat group behind the attacks is also linked to a series of recently disclosed vulnerabilities in the vendor’s firewalls and SD-WAN systems. The post Cisco zero-day under ongoing attack by...