iCloud Calendar invites are being abused to send callback phishing emails disguised as purchase notifications directly from Apple's email servers, making them more likely to bypass spam filters to land in targets' inboxes. [...]
The Czech Republic's National Cyber and Information Security Agency (NUKIB) is instructing critical infrastructure organizations in the country to avoid using Chinese technology or transferring user data to servers located in China. [...]
Scovery, plateforme de cyber-rating de nouvelle génération, annonce le lancement officiel du World Cyber Ranking, un outil interactif en ligne et librement accessible permettant à chacun d’explorer la posture cybersécurité de millions d’entreprises dans le monde. Communiqué – Grâce à une technologie unique combinant analyse de graphes et intelligence artificielle, Scovery évalue la surface d’attaque […]
A threat actor possibly of Russian origin has been attributed to a new set of attacks targeting the energy sector in Kazakhstan.
The activity, codenamed Operation BarrelFire, is tied to a new threat group tracked by Seqrite Labs as Noisy Bear. The threat actor has been active since at least April 2025.
"The campaign is targeted towards employees of KazMunaiGas or KMG where the threat entity
A new set of four malicious packages have been discovered in the npm package registry with capabilities to steal cryptocurrency wallet credentials from Ethereum developers.
"The packages masquerade as legitimate cryptographic utilities and Flashbots MEV infrastructure while secretly exfiltrating private keys and mnemonic seeds to a Telegram bot controlled by the threat actor," Socket researcher
Federal Civilian Executive Branch (FCEB) agencies are being advised to update their Sitecore instances by September 25, 2025, following the discovery of a security flaw that has come under active exploitation in the wild.
The vulnerability, tracked as CVE-2025-53690, carries a CVSS score of 9.0 out of a maximum of 10.0, indicating critical severity.
"Sitecore Experience Manager (XM), Experience
The threat actor behind the malware-as-a-service (MaaS) framework and loader called CastleLoader has also developed a remote access trojan known as CastleRAT.
"Available in both Python and C variants, CastleRAT's core functionality consists of collecting system information, downloading and executing additional payloads, and executing commands via CMD and PowerShell," Recorded Future Insikt Group
[Deal du jour] NordPass est un gestionnaire de mots de passe efficace, fourni par NordVPN. L'abonnement au service profite actuellement d'une promotion exclusive à Numerama.
Sanctionné par la Commission Nationale de l'Informatique et des Libertés (CNIL) le 3 septembre 2025 d'une amende de 150 millions d'euros, le géant de l'ultra-fast fashion Shein juge cette décision disproportionnée. Dans une déclaration transmise à Numerama le 5 septembre, son porte-parole affirme que « la sévérité de la sanction semble motivée par des considérations politiques ».
As the attack surface expands and the threat landscape grows more complex, it’s time to consider whether your data protection strategy is fit for purpose
L’équipe de recherche sur les menaces, Check Point Software External Risk Management Team, a réalisé une analyse détaillée d’un tout nouveau framework de cybersécurité appelé Hexstrike-AI, initialement destiné aux chercheurs et hackers éthiques mais que les cybercriminels tentent déjà d’exploiter. Tribune Check Point – Le framework a été conçu comme un outil orienté défenseurs : […]
VirusTotal has discovered a phishing campaign hidden in SVG files that create convincing portals impersonating Colombia's judicial system that deliver malware. [...]
Investigations into the Nx "s1ngularity" NPM supply chain attack have unveiled a massive fallout, with thousands of account tokens and repository secrets leaked. [...]
The European Commission has fined Google €2.95 billion ($3.5 billion) for abusing its dominance in the digital advertising technology market and favoring its adtech services over those of its competitors. [...]
Wealthsimple, a leading Canadian online investment management service, has disclosed a data breach after attackers stole the personal data of an undisclosed number of customers in a recent incident. [...]
An Argo CD vulnerability allows API tokens with even low project-level get permissions to access API endpoints and retrieve all repository credentials associated with the project. [...]
ConnexionUnderNews
The Hacker News
