AI Drives Doubling of Phishing Attacks in a Year
Threat IntelligenceInfosecurity Magazineil y a 55 jours
Cofense claims AI is making phishing emails more personalized and sophisticated
Flux RSS
— Sources secondaires309articles RSS
ReinitialiserTwo Critical Flaws in n8n AI Workflow Automation Platform Allow Complete Takeover
Gouvernance & RégulationInfosecurity Magazineil y a 55 jours
Pillar Security discovered two new critical vulnerabilities in n8n that could lead to supply chain compromise, credential harvesting and complete takeover attacks
SolarWinds Web Help Desk Vulnerability Actively Exploited
Gouvernance & RégulationInfosecurity Magazineil y a 55 jours
CISA has added a critical CVE in SolarWinds Web Help Desk to its KEV Catalog
Hundreds of Malicious Crypto Trading Add-Ons Found in Moltbot/OpenClaw
Gouvernance & RégulationInfosecurity Magazineil y a 56 jours
A security researcher found 386 malicious ‘skills’ published on ClawHub, a skill repository for the popular OpenClaw AI assistant project
SQL Injection Flaw Affects 40,000 WordPress Sites
Gouvernance & RégulationInfosecurity Magazineil y a 56 jours
40,000 WordPress sites are vulnerable to SQL injection in Quiz and Survey Master plugin
DockerDash Exposes AI Supply Chain Weakness In Docker's Ask Gordon
Vulnérabilités & PatchesInfosecurity Magazineil y a 56 jours
DockerDash vulnerability allows RCE and data exfiltration via unverified metadata in Ask Gordon
UK ICO Launches Investigation into X Over AI Generated Non-Consensual Sexual Imagery
GénéralInfosecurity Magazineil y a 56 jours
UK Data Protection Watchdog has “serious concerns” over data privacy on Elon Musk’s social platform
Researchers Warn of New “Vect” RaaS Variant
Malware & RansomwareInfosecurity Magazineil y a 56 jours
A new ransomware-as-a-service operation dubbed “Vect” features custom malware
Cybercrime Unit of Paris Prosecutors Raid Elon Musk’s X Offices in France
GénéralInfosecurity Magazineil y a 56 jours
Elon Musk and X’s former CEO were summoned for voluntary interviews in Paris on April 20, 2026
New Password-Stealing Phishing Campaign Targets Corporate Dropbox Credentials
Threat IntelligenceInfosecurity Magazineil y a 56 jours
Multi-stage attack begins with fake message relating to business requests and evades detection with link hidden in a PDF
Vibe-Coded Moltbook Exposes User Data, API Keys and More
GénéralInfosecurity Magazineil y a 56 jours
Wiz Security claims Moltbook misconfiguration allowed full read and write access
Please Don’t Feed the Scattered Lapsus ShinyHunters
Gouvernance & RégulationKrebs on Securityil y a 57 jours
A prolific data ransom gang that calls itself Scattered Lapsus ShinyHunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening and even swatting executives and their families, all while notifying journalists and regulators… Read More »
NSA Publishes New Zero Trust Implementation Guidelines
GénéralInfosecurity Magazineil y a 57 jours
NSA released new guidelines to help organizations achieve target-level Zero Trust maturity
Notepad++ Update Hijacking Linked to Hosting Provider Compromise
Fuites de donnéesInfosecurity Magazineil y a 57 jours
A supply chain attack on Notepad++ update process was linked to compromised hosting infrastructure
Fancy Bear Exploits Microsoft Office Flaw in Ukraine, EU Cyber-Attacks
Gouvernance & RégulationInfosecurity Magazineil y a 57 jours
Russia-linked hacking group Fancy Bear is exploiting a brand-new vulnerability in Microsoft Office, CERT-UA says
Android RAT Uses Hugging Face to Host Malware
Malware & RansomwareInfosecurity Magazineil y a 57 jours
Bitdefender has discovered a new Android malware campaign that uses Hugging Face
Former Google Engineer Found Guilty of Stealing AI Secrets
GénéralInfosecurity Magazineil y a 57 jours
Linwei Ding, a former Google engineer, has been found guilty of stealing trade secrets for China
Labyrinth Chollima Evolves into Three North Korean Hacking Groups
Threat IntelligenceInfosecurity Magazineil y a 60 jours
CrowdStrike assessed that two new threat actor groups have spun off from North Korean Labyrinth Chollima hackers
New AI-Developed Malware Campaign Targets Iranian Protests
Malware & RansomwareInfosecurity Magazineil y a 60 jours
The RedKitten campaign distributes lures designed to target people seeking information about missing persons or political dissidents in Iran
National Crime Agency and NatWest Issue Joint Warning Over Invoice Fraud Threat
GénéralInfosecurity Magazineil y a 60 jours
Cyber fraudsters targeting corporate finance departments costs businesses millions a year