Vue normale

Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.
Aujourd’hui — 25 février 2026Securité

The OpenClaw Hype: Analysis of Chatter from Open-Source Deep and Dark Web

25 février 2026 à 16:01
OpenClaw has sparked heavy Telegram and dark web chatter, but Flare's data shows more research hype than mass exploitation. Flare explains how its telemetry found real supply-chain risk in the skills marketplace, yet limited signs of large-scale criminal operationalization. [...]

Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware

Cybersecurity researchers have discovered four malicious NuGet packages that are designed to target ASP.NET web application developers to steal sensitive data. The campaign, discovered by Socket, exfiltrates ASP.NET Identity data, including user accounts, role assignments, and permission mappings, as well as manipulates authorization rules to create persistent backdoors in victim applications.

L’essor des deepfakes alimente une nouvelle ère de cybercriminalité, selon les experts

Par : UnderNews
25 février 2026 à 12:39

Le contenu généré par l’IA devrait devenir plus convaincant grâce à l’amélioration de ses capacités, à une dépendance accrue des utilisateurs et à l’apprentissage basé sur leurs retours, affirme le dernier rapport sur la sécurité Internet. D’après les experts en cybersécurité, ces avancées seront inévitablement exploitées par les cybercriminels. Tribune Planet VPN – L’enquête menée […]

The post L’essor des deepfakes alimente une nouvelle ère de cybercriminalité, selon les experts first appeared on UnderNews.

Fraude bancaire : 72 % des banques françaises perdent plus de 5 millions de dollars par an face à l’essor des arnaques par ingénierie sociale

Par : UnderNews
25 février 2026 à 12:32

Une nouvelle enquête de BioCatch, spécialiste mondial de la détection et de la prévention de la fraude financière, tire la sonnette d’alarme pour le secteur bancaire français : près des trois quarts des établissements déclarent des pertes annuelles supérieures à 5 millions de dollars liées à la fraude. À l’approche de l’entrée en vigueur de […]

The post Fraude bancaire : 72 % des banques françaises perdent plus de 5 millions de dollars par an face à l’essor des arnaques par ingénierie sociale first appeared on UnderNews.

Le Pentagone donne 72 heures à Anthropic pour lui fournir un accès illimité à son IA

25 février 2026 à 12:34

Pentagone

Le ministère américain de la Défense donne 72 heures à Anthropic pour lui accorder un accès sans restriction à son modèle d’intelligence artificielle Claude. En cas de refus, l’entreprise s’expose à de lourdes sanctions.

Voici Nearby Glasses, l’app qui permet de repérer les lunettes Meta Ray-Ban autour de soi

25 février 2026 à 12:08

Disponible sur le Google Play Store, l'application « Nearby Glasses », développée par un amateur, attire l’attention. Elle permet à ses utilisateurs d’être avertis si des personnes à proximité portent des lunettes « intelligentes », comme les lunettes Ray-Ban de Meta.

Manual Processes Are Putting National Security at Risk

Why automating sensitive data transfers is now a mission-critical priority More than half of national security organizations still rely on manual processes to transfer sensitive data, according to The CYBER360: Defending the Digital Battlespace report. This should alarm every defense and government leader because manual handling of sensitive data is not just inefficient, it is a systemic

Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker

A 39-year-old Australian national who was previously employed at U.S. defense contractor L3Harris has been sentenced to a little over seven years in prison for selling eight zero-day exploits to Russian exploit broker Operation Zero in exchange for millions of dollars. Peter Williams pleaded guilty to two counts of theft of trade secrets in October 2025. In addition to the jail term, Williams

SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution

SolarWinds has released updates to address four critical security flaws in its Serv-U file transfer software that, if successfully exploited, could result in remote code execution. The vulnerabilities, all rated 9.1 on the CVSS scoring system, are listed below - CVE-2025-40538 - A broken access control vulnerability that allows an attacker to create a system admin user and execute arbitrary

CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed vulnerability in FileZen to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026-25108 (CVSS v4 score: 8.7), is a case of operating system (OS) command injection that could allow an authenticated user to execute

RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN

A vulnerability in GitHub Codespaces could have been exploited by bad actors to seize control of repositories by injecting malicious Copilot instructions in a GitHub issue. The artificial intelligence (AI)-driven vulnerability has been codenamed RoguePilot by Orca Security. It has since been patched by Microsoft following responsible disclosure. "Attackers can craft hidden instructions inside a

Hier — 24 février 2026Securité

UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware

A Russia-aligned threat actor has been observed targeting a European financial institution as part of a social engineering attack to likely facilitate intelligence gathering or financial theft, signaling a possible expansion of the threat actor's targeting beyond Ukraine and into entities supporting the war-torn nation. The activity, which targeted an unnamed entity involved in regional

❌
❌