Vue normale

Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.
Aujourd’hui — 17 février 2026Securité

Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens

Cybersecurity researchers disclosed they have detected a case of an information stealer infection successfully exfiltrating a victim's OpenClaw (formerly Clawdbot and Moltbot) configuration environment. "This finding marks a significant milestone in the evolution of infostealer behavior: the transition from stealing browser credentials to harvesting the 'souls' and identities of personal AI [

Study Uncovers 25 Password Recovery Attacks in Major Cloud Password Managers

A new study has found that multiple cloud-based password managers, including Bitwarden, Dashlane, and LastPass, are susceptible to password recovery attacks under certain conditions. "The attacks range in severity from integrity violations to the complete compromise of all vaults in an organization," researchers Matteo Scarlata, Giovanni Torrisi, Matilda Backendal, and Kenneth G. Paterson said.

Protection des mineurs : après le porno, les VPN dans le viseur de la France et du Royaume-Uni

16 février 2026 à 18:14

Le Premier ministre britannique Keir Starmer veut « limiter l’accès » des mineurs aux VPN. De fait, il faudra vérifier l'âge de tout le monde, car il est techniquement impossible de trier à l'avance les utilisateurs sans une preuve. Et la France est sur la même trajectoire.

« C’est vraiment bizarre d’avoir un micro sur un aspirateur », il bidouille son aspirateur robot et découvre une faille géante

16 février 2026 à 17:29

Dans un article publié le 14 février 2026, le média américain The Verge revient sur la découverte involontaire d'une faille de sécurité affectant les appareils de la marque chinoise DJI. En bidouillant son aspirateur connecté pour le piloter avec une manette PlayStation, un utilisateur a pu accéder à des données de milliers d'appareils à travers le monde.

Passwords to passkeys: Staying ISO 27001 compliant in a passwordless era

16 février 2026 à 16:02
Password-based authentication is increasingly risky as organizations adopt passkeys to strengthen security and meet ISO/IEC 27001 requirements. Passwork explains how to align passwordless adoption with Annex A controls, risk assessments, and secure implementation practices. [...]
Hier — 16 février 2026Securité

Weekly Recap: Outlook Add-Ins Hijack, 0-Day Patches, Wormable Botnet & AI Malware

This week’s recap shows how small gaps are turning into big entry points. Not always through new exploits, often through tools, add-ons, cloud setups, or workflows that people already trust and rarely question. Another signal: attackers are mixing old and new methods. Legacy botnet tactics, modern cloud abuse, AI assistance, and supply-chain exposure are being used side by side, whichever path

Safe and Inclusive E‑Society: How Lithuania Is Bracing for AI‑Driven Cyber Fraud

Presentation of the KTU Consortium Mission ‘A Safe and Inclusive Digital Society’ at the Innovation Agency event ‘Innovation Breakfast: How Mission-Oriented Science and Innovation Programmes Will Address Societal Challenges’. Technologies are evolving fast, reshaping economies, governance, and daily life. Yet, as innovation accelerates, so do digital risks. Technological change is no longer

New ZeroDayRAT Mobile Spyware Enables Real-Time Surveillance and Data Theft

Cybersecurity researchers have disclosed details of a new mobile spyware platform dubbed ZeroDayRAT that's being advertised on Telegram as a way to grab sensitive data and facilitate real-time surveillance on Android and iOS devices. "The developer runs dedicated channels for sales, customer support, and regular updates, giving buyers a single point of access to a fully operational spyware

« Réunion urgente » via Zoom, Teams, or Meets : la nouvelle méthode de phishing

Par : UnderNews
16 février 2026 à 10:27

Les chercheurs du Threat Labs de Netskope ont publié une nouvelle analyse sur plusieurs campagnes de phishing qui utilisent de fausses invitations à des réunions pour diverses applications de visioconférence, notamment Zoom, Microsoft Teams et Google Meet. Les pirates incitent les utilisateurs professionnels à exécuter la charge utile en prétendant qu’une mise à jour logicielle […]

The post « Réunion urgente » via Zoom, Teams, or Meets : la nouvelle méthode de phishing first appeared on UnderNews.

New Chrome Zero-Day (CVE-2026-2441) Under Active Attack — Patch Released

Google on Friday released security updates for its Chrome browser to address a security flaw that it said has been exploited in the wild. The high-severity vulnerability, tracked as CVE-2026-2441 (CVSS score: 8.8), has been described as a use-after-free bug in CSS. Security researcher Shaheen Fazim has been credited with discovering and reporting the shortcoming on February 11, 2026. "Use after

Canada Goose investigating as hackers leak 600K customer records

Par : Ax Sharma
16 février 2026 à 05:45
ShinyHunters, a well-known data extortion group, claims to have stolen more than 600,000 Canada Goose customer records containing personal and payment-related data. Canada Goose told BleepingComputer the dataset appears to relate to past customer transactions and that it has not found evidence of a breach of its own systems. [...]
❌
❌