CISA Orders US Government to Patch Maximum Severity Cisco Flaw
Gouvernance & RégulationInfosecurity Magazineil y a 5 jours
CISA added CVE-2026-20131 to its KEV catalog as it is being used in ransomware campaigns
Flux RSS
— Sources secondaires309articles RSS
ReinitialiserOperation Alice Takes Down 370,000+ Dark Web Sites
GénéralInfosecurity Magazineil y a 5 jours
German-led policing effort against fraud operation disrupts countless CSAM and cybercrime sites
Patch Now: Oracle's Fusion Middleware Has Critical RCE Flaw
Gouvernance & RégulationDark Readingil y a 8 jours
Attackers can execute arbitrary code without authentication if Oracle's Identity or Web Services Managers are exposed to the Web.
Cyber OpSec Fail: Beast Gang Exposes Ransomware Server
Malware & RansomwareDark Readingil y a 8 jours
Files on a central cloud server used by the ransomware group highlight a systematic, aggressive attack on network backups as a key TTP.
Interlock Ransomware Targets Cisco Enterprise Firewalls
Vulnérabilités & PatchesDark Readingil y a 8 jours
The ransomware gang, known for double-extortion attacks, had access to a critical Cisco firewall vulnerability weeks before it was publicly disclosed.
Hackers Exploit Critical Langflow Bug in Just 20 Hours
Gouvernance & RégulationInfosecurity Magazineil y a 8 jours
Sysdig details how threat actors exploited a critical CVE in Langflow in less than a day
NCA Boss Warns That Teens Are Being “Radicalized” Into Cybercrime Online
GénéralInfosecurity Magazineil y a 8 jours
The National Crime Agency’s director general warns that technology is rapidly reshaping crime
AI Conundrum: Why MCP Security Can't Be Patched Away
Vulnérabilités & PatchesDark Readingil y a 9 jours
RSAC Conference Preview: MCP introduces security risks into LLM environments that are architectural and not easily fixable, researcher says.
With Government's Role Uncertain, Businesses Unite to Combat Fraud
GénéralDark Readingil y a 9 jours
Major industry leaders agree to share information and collaborate to boost defenses in the wake of distressing online scams.
Native Launches With Security Control Plane for Multicloud
Vulnérabilités & PatchesDark Readingil y a 9 jours
The cloud security startup's platform translates and enforces security policies across AWS, Azure, Google Cloud, and Oracle using provider-native controls.
Post-Quantum Web Could be Safer, Faster
Threat IntelligenceDark Readingil y a 9 jours
Major providers are testing a quantum-safe version of HTTPS that shrinks certificates to one-tenth their previous size, decreasing latency and adding transparency.
Ransomware Affiliate Exposes Details of 'The Gentlemen' Operation
Gouvernance & RégulationInfosecurity Magazineil y a 9 jours
Hastalamuerte leaks The Gentlemen RaaS ops: FortiGate exploits, BYOVD evasion, Qilin split tactics
Financial Brands Targeted in Global Mobile Banking Malware Surge
Malware & RansomwareInfosecurity Magazineil y a 9 jours
Mobile banking malware targets over 1200 financial apps globally, shifting fraud to user devices
FCA Updates Cyber Incident and Third-Party Reporting Rules
Outils & RechercheInfosecurity Magazineil y a 9 jours
The UK’s financial regulator has issued new rules to make incident and third-party reporting clearer
AWS Warns Hackers Have Abused Cisco Firewall Zero-Day Since January
Gouvernance & RégulationInfosecurity Magazineil y a 9 jours
Notorious ransomware group Interlock has been exploiting a Cisco zero-day bug since January, AWS says
UK: Regulation Drives Cyber Spending for Critical Infrastructure Orgs
Gouvernance & RégulationInfosecurity Magazineil y a 9 jours
35% of security leaders working in the UK’s critical infrastructure said regulatory requirements are the primary influence on their security programs
EU Sanctions Companies in China, Iran for Cyberattacks
GénéralDark Readingil y a 9 jours
These rulings prohibit the entities from entering or doing business in the European Union.
C2 Implant 'SnappyClient' Targets Crypto Wallets
Gouvernance & RégulationDark Readingil y a 10 jours
In addition to enabling remote access, the malware supports a wide range of capabilities, including data theft and spying.
DarkSword: iPhone Exploit Kit Serves Spies & Thieves Alike
Gouvernance & RégulationDark Readingil y a 10 jours
A sophisticated iOS exploit chain leverages multiple zero-day vulnerabilities and is targeting users in Saudi Arabia, Turkey, Malaysia, and Ukraine.
New Ubuntu Flaw Enables Local Attackers to Gain Root Access
Gouvernance & RégulationInfosecurity Magazineil y a 10 jours
CVE-2026-3888 Ubuntu snap flaw lets local users escalate to root via timing-based exploit