Cybersecurity researchers have disclosed details of a new ransomware family called Osiris that targeted a major food service franchisee operator in Southeast Asia in November 2025.
The attack leveraged a malicious driver called POORTRY as part of a known technique referred to as bring your own vulnerable driver (BYOVD) to disarm security software, the Symantec and Carbon Black Threat Hunter
Hackers began exploiting an authentication bypass vulnerability in SmarterTools' SmarterMail email server and collaboration tool that allows resetting admin passwords. [...]
Microsoft will soon add new fraud protection features to Teams calls, warning users about external callers who attempt to impersonate trusted organizations in social engineering attacks. [...]
A critical security flaw has been disclosed in the GNU InetUtils telnet daemon (telnetd) that went unnoticed for nearly 11 years.
The vulnerability, tracked as CVE-2026-24061, is rated 9.8 out of 10.0 on the CVSS scoring system. It affects all versions of GNU InetUtils from version 1.9.3 up to and including version 2.7.
"Telnetd in GNU Inetutils through 2.7 allows remote authentication bypass
Most of this week’s threats didn’t rely on new tricks. They relied on familiar systems behaving exactly as designed, just in the wrong hands. Ordinary files, routine services, and trusted workflows were enough to open doors without forcing them.
What stands out is how little friction attackers now need. Some activity focused on quiet reach and coverage, others on timing and reuse. The emphasis
Hybrid work has driven a surge in Active Directory password resets, turning minor lockouts into major productivity drains. Specops shows why remote access, cached credentials, and security policies are fueling the spike. [...]
Il y a quelques années, on parlait beaucoup de Shadow IT. Des outils installés en douce, des solutions “pratiques”, parfois brillantes, souvent hors radar… et qui finissaient par créer de vrais risques. Aujourd’hui, le sujet revient. Mais avec un cran au-dessus. Parce que l’outil n’est plus seulement un logiciel : c’est un assistant qui écrit, […]
À l’heure où les organisations traitent un volume toujours plus important de données personnelles et sensibles, la protection de la vie privée devient un enjeu permanent. À l’occasion de la Journée européenne de la protection des données, CyberArk, leader mondial de la sécurité des identités, rappelle que cette protection repose avant tout sur la maîtrise […]
Derrière le buzz autour des montures d’Emmanuel Macron se cache un cas d’école de l’effet « Slashdot ». Ce risque cyber, qui menace les sites confrontés à une exposition médiatique fulgurante, a obligé le fabricant à l’origine de la paire portée par le président de la République à réagir dans la précipitation.
Fortinet FortiGate devices are being targeted in automated attacks that create rogue accounts and steal firewall configuration data, according to cybersecurity company Arctic Wolf. [...]
Security teams at agile, fast-growing companies often have the same mandate: secure the business without slowing it down. Most teams inherit a tech stack optimized for breakneck growth, not resilience. In these environments, the security team is the helpdesk, the compliance expert, and the incident response team all rolled into one.
Securing the cloud office in this scenario is all about
A new malicious package discovered in the Python Package Index (PyPI) has been found to impersonate a popular library for symbolic mathematics to deploy malicious payloads, including a cryptocurrency miner, on Linux hosts.
The package, named sympy-dev, mimics SymPy, replicating the latter's project description verbatim in an attempt to deceive unsuspecting users into thinking that they are
A new security flaw in SmarterTools SmarterMail email software has come under active exploitation in the wild, two days after the release of a patch.
The vulnerability, which currently does not have a CVE identifier, is tracked by watchTowr Labs as WT-2026-0001. It was patched by SmarterTools on January 15, 2026, with Build 9511, following responsible disclosure by the exposure management
Dans un papier de recherche publié le 20 janvier 2026, les équipes de Jamf Threat Labs montrent comment des hackers liés à la Corée du Nord ont fait de Visual Studio Code leur nouvelle porte d’entrée privilégiée, pour installer un backdoor sur les machines de développeurs du monde entier.
Cybersecurity company Arctic Wolf has warned of a "new cluster of automated malicious activity" that involves unauthorized firewall configuration changes on Fortinet FortiGate devices.
The activity, it said, commenced on January 15, 2026, adding it shares similarities with a December 2025 campaign in which malicious SSO logins on FortiGate appliances were recorded against the admin account from
Cisco has released fresh patches to address what it described as a "critical" security vulnerability impacting multiple Unified Communications (CM) products and Webex Calling Dedicated Instance that it has been actively exploited as a zero-day in the wild.
The vulnerability, CVE-2026-20045 (CVSS score: 8.2), could permit an unauthenticated remote attacker to execute arbitrary commands on the
Connexion
