🔥Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
A security researcher found a flaw in Anthropic's Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it, with nothing more than a single opened GitHub...
🖥️Une vague de cyberattaques déferle sur les réservoirs de carburant
Plusieurs agences fédérales américaines, dont le FBI et la NSA, alertent sur une multiplication des cyberattaques ciblant les systèmes de jaugeage …
📰Inside the race to adapt to an AI-powered security world
AI is breaking things faster than anyone can fix them. Security leaders across the industry are racing to figure out what comes next. The post Inside the race to adapt to an AI-powered security world
🔥ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories
It got stupid again. The internet still feels held together with tape. Bad plugins, old bugs, fake tools, trusted apps doing shady things. Same mess, new wrapper. And now the weird stuff is normal....
🖥️Des sites Web peuvent tomber en 10 secondes : la nouvelle technique qui contourne les défenses et affole les experts
Au lieu d’une armée massive de botnets, un seul ordinateur peut faire planter un site web ou un service, en menant à lui seul un nouveau type …
🔥China-Linked TA4922 Expands Phishing Attacks to UK, Germany, Italy, and South Africa
A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U.K., Germany, Italy, and South Africa. These efforts have been...
🔥FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new backdoor called FlutterShell. According to Palo Alto Networks Unit 42,...
🔥Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS
Cybersecurity researchers have flagged a large-scale operation that impersonates open-source and freeware projects to funnel unsuspecting users through a Traffic Distribution System (TDS) and deliver
🖥️"C'est un bouleversement radical" : qu'est-ce que le "Q-Day", ce jour que redoutent les experts en cybersécurité ?
Le "Q-Day", le jour où les ordinateurs quantiques rendront obsolètes les systèmes de chiffrement actuels, pourrait survenir entre 2030 et 2050, selon …
📰European authorities crack down on illegal streaming networks
Officials said they dismantled nine organized crime groups and removed more than 27,000 URLs hosting live sports and other copyrighted media during a seven-month operation. The post European...
🖥️Cyberattaque : connaissez-vous «Kali365», ce nouvel outil de piratage qui menace vos comptes Microsoft 365 ?
Une nouvelle cyberattaque cible les utilisateurs de Microsoft 365. Celle-ci fonctionne grâce à un service d’abonnement criminel, «Kali365», qui …
📰DHS Secretary Markwayne Mullin pinpoints optimal CISA staffing levels
He told lawmakers that he wants approximately 600 more people than it has now, which would still be well below personnel numbers prior to Trump’s second term. The post DHS Secretary Markwayne...
🖥️"Aucun système n'est à l'abri de cette menace": des chercheurs ont créé un logiciel malveillant, animé par l'IA, qui s’adapte en temps réel et utilise la puissance de calcul de ses victimes pour préparer sa prochaine attaque
Des chercheurs de l'université de Toronto ont développé un prototype de ver informatique alimenté par un petit modèle d'IA. Capable de s'adapter en …
📰DOD wants to integrate cyber in all operations, and integrate security into AI
Top Pentagon cyber policy official Katherine Sutton said recent conflicts have emphasized the importance of cyber, and that the department can’t make old mistakes with AI security. The post DOD...
📰Trump administration releases scaled-back AI executive order
The order — which Trump previously refrained from signing at the last minute — appears to make significant concessions to industry compared to earlier drafts. The post Trump administration...
🔥Claude Code GitHub Action Flaw Let One Malicious Issue Hijack Repositories
A security researcher found a flaw in Anthropic's Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it, with nothing more than a single opened GitHub...
🖥️Une vague de cyberattaques déferle sur les réservoirs de carburant
Plusieurs agences fédérales américaines, dont le FBI et la NSA, alertent sur une multiplication des cyberattaques ciblant les systèmes de jaugeage …
📰Inside the race to adapt to an AI-powered security world
AI is breaking things faster than anyone can fix them. Security leaders across the industry are racing to figure out what comes next. The post Inside the race to adapt to an AI-powered security world
🔥ThreatsDay Bulletin: AI Agents Gone Wrong, Sketchy C2 Tools, ClickFix Tricks, JS Backdoors & 20+ New Stories
It got stupid again. The internet still feels held together with tape. Bad plugins, old bugs, fake tools, trusted apps doing shady things. Same mess, new wrapper. And now the weird stuff is normal....
🖥️Des sites Web peuvent tomber en 10 secondes : la nouvelle technique qui contourne les défenses et affole les experts
Au lieu d’une armée massive de botnets, un seul ordinateur peut faire planter un site web ou un service, en menant à lui seul un nouveau type …
🔥China-Linked TA4922 Expands Phishing Attacks to UK, Germany, Italy, and South Africa
A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U.K., Germany, Italy, and South Africa. These efforts have been...
🔥FlutterShell Backdoor Spreads to macOS via Malicious Google and YouTube Ads
Cybersecurity researchers have shed light on a macOS malvertising campaign codenamed Operation FlutterBridge that spreads a new backdoor called FlutterShell. According to Palo Alto Networks Unit 42,...
🔥Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS
Cybersecurity researchers have flagged a large-scale operation that impersonates open-source and freeware projects to funnel unsuspecting users through a Traffic Distribution System (TDS) and deliver
🖥️"C'est un bouleversement radical" : qu'est-ce que le "Q-Day", ce jour que redoutent les experts en cybersécurité ?
Le "Q-Day", le jour où les ordinateurs quantiques rendront obsolètes les systèmes de chiffrement actuels, pourrait survenir entre 2030 et 2050, selon …
📰European authorities crack down on illegal streaming networks
Officials said they dismantled nine organized crime groups and removed more than 27,000 URLs hosting live sports and other copyrighted media during a seven-month operation. The post European...
🖥️Cyberattaque : connaissez-vous «Kali365», ce nouvel outil de piratage qui menace vos comptes Microsoft 365 ?
Une nouvelle cyberattaque cible les utilisateurs de Microsoft 365. Celle-ci fonctionne grâce à un service d’abonnement criminel, «Kali365», qui …
📰DHS Secretary Markwayne Mullin pinpoints optimal CISA staffing levels
He told lawmakers that he wants approximately 600 more people than it has now, which would still be well below personnel numbers prior to Trump’s second term. The post DHS Secretary Markwayne...
🖥️"Aucun système n'est à l'abri de cette menace": des chercheurs ont créé un logiciel malveillant, animé par l'IA, qui s’adapte en temps réel et utilise la puissance de calcul de ses victimes pour préparer sa prochaine attaque
Des chercheurs de l'université de Toronto ont développé un prototype de ver informatique alimenté par un petit modèle d'IA. Capable de s'adapter en …
📰DOD wants to integrate cyber in all operations, and integrate security into AI
Top Pentagon cyber policy official Katherine Sutton said recent conflicts have emphasized the importance of cyber, and that the department can’t make old mistakes with AI security. The post DOD...
📰Trump administration releases scaled-back AI executive order
The order — which Trump previously refrained from signing at the last minute — appears to make significant concessions to industry compared to earlier drafts. The post Trump administration...