bedtime sunny

Restez informé(e)s

des cybermenaces

avec les dernières informations cyber

Modèle cyber
Xavier Dupont de Ligonnès : quelle est la « preuve de vie récente » obtenue par l’équipe de l’émission « Appel à témoins » sur M6 ?
Xavier Dupont de Ligonnès : quelle est la « preuve de vie récente » obtenue par l’équipe de l’émission « Appel à témoins » sur M6 ?
Un nouveau rebondissement dans l’une des plus mystérieuses affaires criminelles françaises ?
 
Presse-citron 21/05/2026
Telegram, l’identifiant qui inquiète
Telegram, l’identifiant qui inquiète
Telegram : un audit confirme un risque de suivi passif via une clé d'authentification, malgré les démentis de l’entreprise.
 
Zataz.com 21/05/2026
McDonald’s France face au risque fidélité à la suite d’une fuite de données
McDonald’s France face au risque fidélité à la suite d’une fuite de données
McDonald’s France touché par des fraudes McDo+ : les cartes fidélité deviennent une cible cyber rentable à la suite d'une fuite de données.
 
Zataz.com 21/05/2026
First VPN, le bouclier cybercriminel tombe
First VPN, le bouclier cybercriminel tombe
First VPN démantelé : 33 serveurs saisis, plus de 5000 comptes liés à des enquêtes cyber. L'admin gardait les infos des clients !
 
Zataz.com 21/05/2026
Fraudes publicitaires : Meta, TikTok et Google visés
Fraudes publicitaires : Meta, TikTok et Google visés
Fraudes publicitaires : Meta, TikTok et Google visés par Que Choisir, le BEUC et l’Arcom au nom du DSA
 
Zataz.com 21/05/2026
Fraude aux billets BTS : l’alerte cyber monte avant le concert de juillet
Fraude aux billets BTS : l’alerte cyber monte avant le concert de juillet
Faux sites de billets BTS : ZATAZ alerte sur une fraude visant les fans avant les concerts en France des stars de la K-Pop.
 
Zataz.com 18/05/2026
Fragnesia, l’alerte Linux qui devance les alertes !
Fragnesia, l’alerte Linux qui devance les alertes !
Fragnesia révèle l’écart entre bases CVE publiques, veille cyber et alertes Linux avant publication officielle.
 
Zataz.com 18/05/2026
ChimeraZ, le pirate qui cible le tourisme français
ChimeraZ, le pirate qui cible le tourisme français
ChimeraZ revendique des fuites visant le tourisme français et décrit la vente de bases sensibles. Il annonce aussi de nouvelles fuites !
 
Zataz.com 18/05/2026
Chinese hackers target telcos with new Linux, Windows malware
Chinese hackers target telcos with new Linux, Windows malware
A Chinese cyber-espionage campaign has been targeting telecommunications providers with newly discovered Linux and Windows malware dubbed Showboat and JFMBackdoor, respectively. [...]
 
BleepingComputer 21/05/2026
Europol Seizes First VPN Used by Ransomware Gangs, Arrests Administrator
Europol Seizes First VPN Used by Ransomware Gangs, Arrests Administrator
Europol has seized First VPN, a service used by ransomware gangs, arrested its administrator and gained access to data linked to thousands of users.
 
HackRead 21/05/2026
When Identity is the Attack Path
When Identity is the Attack Path
Consider a cached access key on a single Windows machine. It got there the way most cached credentials do - a user logged in, and the key stored itself automatically. Standard AWS behavior. No one misconfigured anything or violated a policy. Yet that single k…
 
Internet 21/05/2026
Microsoft warns of new Defender zero-days exploited in attacks
Microsoft warns of new Defender zero-days exploited in attacks
On Wednesday, Microsoft started rolling out security patches for two Defender vulnerabilities that have been exploited in zero-day attacks. [...]
 
BleepingComputer 21/05/2026
Ubuntu Core 26 offers an immutable Linux you can trust through 2041
Ubuntu Core 26 offers an immutable Linux you can trust through 2041
If your company wants to sell IoT or edge gear in the EU, Canonical's minimal, immutable distro is worth a serious look.
 
ZDNet 20/05/2026
AI-Powered App Attacks Are Faster, More Frequent and Harder to Stop
AI-Powered App Attacks Are Faster, More Frequent and Harder to Stop
Digital.ai’s latest threat report warns that agentic AI has erased the distinction between emerging and primary targets, enabling attackers to strike mobile apps within hours of release across every industry. The post AI-Powered App Attacks Are Faster, More F…
 
Securityweek.com 20/05/2026
Microsoft says cu l8r to text message security
Microsoft says cu l8r to text message security
Old, busted, insecure authentication to be replaced with something shinier and safer
 
Theregister.com 20/05/2026
FBI: Americans lost over $388 million to scams using crypto ATMs in 2025
FBI: Americans lost over $388 million to scams using crypto ATMs in 2025
The FBI says Americans have lost over $388 million last year to scams using cryptocurrency kiosks, also known as crypto ATMs or Bitcoin ATMs. [...]
 
BleepingComputer 19/05/2026
America's top cyber-defense agency left a GitHub repo open with passwords
America's top cyber-defense agency left a GitHub repo open with passwords
America's top cyber-defense agency left a GitHub repo open with passwords - posted in General Chat: The US Cybersecurity and Infrastructure Security Agency (CISA) left open a GitHub repository named “Private-CISA” containing plain-text passwords, private keys…
 
BleepingComputer 19/05/2026
America's top cyber-defense agency left a GitHub repo open with with passwords
America's top cyber-defense agency left a GitHub repo open with with passwords
America's top cyber-defense agency left a GitHub repo open with with passwords - posted in General Chat: The US Cybersecurity and Infrastructure Security Agency (CISA) left open a GitHub repository named “Private-CISA” containing plain-text passwords, private…
 
BleepingComputer 19/05/2026
America's top cyber-defense agency left a GitHub repo open with with passwords, keys, tokens – and incredibly obvious filenames
America's top cyber-defense agency left a GitHub repo open with with passwords, keys, tokens – and incredibly obvious filenames
I wonder what's in 'external-secret-repo-creds.yaml' and 'AWS-Workspace-Firefox-Passwords.csv'?
 
Theregister.com 19/05/2026
America's top cyber-defense agency left a GitHub repo open with passwords, keys, tokens – and incredibly obvious filenames
America's top cyber-defense agency left a GitHub repo open with passwords, keys, tokens – and incredibly obvious filenames
I wonder what's in 'external-secret-repo-creds.yaml' and 'AWS-Workspace-Firefox-Passwords.csv'?
 
Theregister.com 19/05/2026
Pwn2Own Berlin 2026 Closes With $1.3 Million in Zero-Day Payouts
Pwn2Own Berlin 2026 Closes With $1.3 Million in Zero-Day Payouts
Cybersecurity researchers successfully demonstrated 47 unique zero-day exploits at Pwn2Own Berlin 2026, targeting major enterprise software and AI platforms.
 
HackRead 19/05/2026
Critical Microsoft Vulnerabilities Doubled: From Exposure to Escalation
Critical Microsoft Vulnerabilities Doubled: From Exposure to Escalation
Microsoft's total vulnerability count stayed steady in 2025, but critical flaws surged year over year. BeyondTrust breaks down why attackers are increasingly focused on privilege escalation and identity abuse. [...]
 
BleepingComputer 19/05/2026
Two-Thirds of Nonhuman Accounts Are Unseen and Unmanaged, According to Orchid Security’s Identity Gap Report
Two-Thirds of Nonhuman Accounts Are Unseen and Unmanaged, According to Orchid Security’s Identity Gap Report
New York, United States, 19th May 2026, CyberNewswire
 
HackRead 19/05/2026
Poland shifts away from Signal following cyberattacks on officials’ accounts
Poland shifts away from Signal following cyberattacks on officials’ accounts
Poland told officials to stop using the popular instant messaging app Signal after cyberattacks targeted government accounts. Poland has instructed government officials to stop using Signal for sensitive communications and move to a state-developed alternativ…
 
Securityaffairs.com 19/05/2026
Massive MENA cybercrime Operation Ramz disrupts infrastructure and arrests 201 suspects
Massive MENA cybercrime Operation Ramz disrupts infrastructure and arrests 201 suspects
INTERPOL led Operation Ramz in MENA, resulting in 201 arrests and 382 suspects tied to cybercrime networks. INTERPOL coordinated Operation Ramz across the Middle East and North Africa, leading to 201 arrests and identifying 382 additional suspects. ” A first-…
 
Securityaffairs.com 19/05/2026
INTERPOL ‘Operation Ramz’ seizes 53 malware, phishing servers
INTERPOL ‘Operation Ramz’ seizes 53 malware, phishing servers
More than 200 individuals were arrested for cybercrime activities during INTERPOL's Operation Ramz, which focused on the Middle East and North Africa. [...]
 
BleepingComputer 19/05/2026
10 Top OSINT Tools Every Investigator Should Know in 2026
10 Top OSINT Tools Every Investigator Should Know in 2026
Modern OSINT platforms rely more on AI and automation, while older social tracking methods keep losing access due to privacy and API restrictions.
 
HackRead 18/05/2026
5 ways to fortify your network against the new speed of AI attacks
5 ways to fortify your network against the new speed of AI attacks
As attackers get more sophisticated and persistent, IT workers have to step up their game as well. Here's how to do that in 2026.
 
ZDNet 18/05/2026
INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests
INTERPOL Operation Ramz Disrupts MENA Cybercrime Networks with 201 Arrests
INTERPOL has coordinated a first-of-its-kind cybercrime crackdown across the Middle East and North Africa (MENA) that led to 201 arrests and the identification of an additional 382 suspects. The initiative involved the efforts of 13 countries from the region …
 
Internet 18/05/2026
⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More
⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More
Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were poisoned. A fake model page pushed a stealer. Then came the familiar ransom claim: the data was returned and deleted. The p…
 
Internet 18/05/2026
Government Backed Hackers Abuse Cloudflare in Malaysian Espionage Campaign
Government Backed Hackers Abuse Cloudflare in Malaysian Espionage Campaign
Government Backed Hackers abused Cloudflare storage services in a Malaysian espionage campaign involving hidden C2 systems and data exfiltration.
 
HackRead 18/05/2026
Public Amazon bucket leaks sensitive guest data from Japanese hotel platform Tabiq
Public Amazon bucket leaks sensitive guest data from Japanese hotel platform Tabiq
A hotel check-in system exposed over 1 million passports, IDs, and selfies online due to a misconfigured cloud storage bucket. A security lapse in the Reqrea’s Tabiq hotel check-in system exposed over 1 million passports, driver’s licenses, and selfie verific…
 
Securityaffairs.com 18/05/2026
Utah tells porn sites to take the P out of VPNs, and it's their fault that they can't
Utah tells porn sites to take the P out of VPNs, and it's their fault that they can't
Governments can't touch VPNs technically or commercially. The mess they'll make if they try will be off the scale
 
Theregister.com 18/05/2026
Utah tells porn sites to take the P out of VPNs, and it's their fault that they can't
Utah tells porn sites to take the P out of VPNs, and it's their fault that they can't
Governments can't touch VPNs technically or commercially. The mess they'll make if they try will be off the scale
 
Theregister.com 18/05/2026
Exploit available for new DirtyDecrypt Linux root escalation flaw
Exploit available for new DirtyDecrypt Linux root escalation flaw
A recently patched local privilege escalation vulnerability in the Linux kernel's rxgk module now has a proof-of-concept exploit that allows attackers to gain root access on some Linux systems. [...]
 
BleepingComputer 18/05/2026
Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations
Pre-Stuxnet Fast16 Malware Tampered with Nuclear Weapons Simulations
A new analysis of the Lua-based fast16 malware has confirmed that it was a cyber sabotage tool designed to tamper with nuclear weapons testing simulations. According to Broadcom-owned Symantec and Carbon Black teams, the pre-Stuxnet tool was engineered to cor…
 
Internet 18/05/2026
Experts warn of active exploitation of critical NGINX flaw CVE-2026-42945
Experts warn of active exploitation of critical NGINX flaw CVE-2026-42945
A critical NGINX flaw (CVE-2026-42945) is actively exploited, allowing crashes or possible code execution via malicious HTTP requests. A critical vulnerability in NGINX Plus and NGINX Open, tracked as CVE-2026-42945 (CVSS v4 score of 9.2), is already being ac…
 
Securityaffairs.com 18/05/2026
Experts warn of active exploitation of critical NGINX flaw CVE-2026-42945
Experts warn of active exploitation of critical NGINX flaw CVE-2026-42945
A critical NGINX flaw (CVE-2026-42945) is actively exploited, allowing crashes or possible code execution via malicious HTTP requests. A critical vulnerability in NGINX Plus and NGINX Open, tracked as CVE-2026-42945 (CVSS v4 score of 9.2), is already being ac…
 
Securityaffairs.com 18/05/2026
Samsung’s weather app sparks storm of controversy by handing territory to North Korea
Samsung’s weather app sparks storm of controversy by handing territory to North Korea
PLUS: China-linked cyber-attack on central Asian oil sector; Bottom falls out of Indian smartphone sales; And more!
 
Theregister.com 18/05/2026
Surprise AI bills leave AWS and Google Cloud users aghast
Surprise AI bills leave AWS and Google Cloud users aghast
Stuck with an AI bill for tens of thousands of dollars? You're not alone by a long shot
 
Theregister.com 18/05/2026
Pwn2Own Berlin 2026, Day Three: DEVCORE Crowned Master of Pwn, $1.298 Million Total
Pwn2Own Berlin 2026, Day Three: DEVCORE Crowned Master of Pwn, $1.298 Million Total
Pwn2Own Berlin 2026 ended with 47 zero-days and $1.29M in payouts, as DEVCORE dominated the competition across all categories. Pwn2Own Berlin 2026 ended after three intense days, with participants discovering 47 unique zero-days, and earning $1,298,250 in tot…
 
Securityaffairs.com 17/05/2026
Paramètres
from : recherche depuis .. jours (limité à 30)
max : nombre de réponses par requète
query : mot clé à rechercher. AND peut être utilisé
domains : liste des domaines internet à explorer
arrow_upward