OptinMonster, TrustPulse et PushEngage ont été visés par une attaque supply chain exposant plus de 1,2 million de sites WordPress. Voici comment réagir.

Le post WordPress : 1,2 million de sites exposés après le piratage d’OptinMonster a été publié sur IT-Connect.

ESET a découvert des variantes Windows du malware SprySOCKS, liées au groupe chinois Earth Lusca, utilisées pour espionner des gouvernements dans quatre pays.

Le post Des versions Windows du malware SprySOCKS visent des gouvernements a été publié sur IT-Connect.

Anthropic is facing a proposed class action lawsuit in California alleging that it misleads customers regarding usage limits on its premium Claude subscription tiers. The legal challenge focuses on the Claude Max 5x and Max 20x plans, which are priced at $100 and $200 per month respectively. Plaintiffs argue that the actual token allowances provided to these high-paying users are significantly lower than the five-fold and twenty-fold increases advertised by the company.

Source

GitHub is transitioning the Copilot extension for JetBrains IDEs to use the Copilot CLI as the default agent harness. This architectural shift replaces the previous local harness to ensure consistency across all GitHub Copilot platforms. The update allows the IDE to start and monitor independent background sessions while leveraging a unified agentic coding framework.

Source

Approximately 200 Stanford University graduates staged a walkout during a commencement address delivered by Google CEO Sundar Pichai. The protest targeted Google's involvement in Project Nimbus, a $1.2 billion cloud computing and AI contract with the Israeli government. Demonstrators also highlighted the company's work with U.S. Immigration and Customs Enforcement and recent Pentagon AI initiatives.

Source

Corporate leaders are reversing their aggressive push for artificial intelligence as the costs of maintaining these tools become unsustainable. Many organizations previously encouraged employees to maximize their use of AI coding agents, sometimes even linking usage to performance reviews. However, the resulting financial burden has proven far higher than anticipated, with some firms spending millions of dollars on monthly usage fees.

Source

Ce 12 juin 2026, Microsoft a déployé une version préliminaire de la mise à jour de juillet 2026 de Windows 11 sur le canal Release Preview du programme Windows Insider. Cette future mise à jour – à destination de Windows 11 version 25H2 et Windows 11 version 24H2 – va être déployée auprès du grand public dans … Lire la suite

Source

Microsoft has released a comprehensive analysis of email security performance based on a full year of real-world telemetry data. The report compares Microsoft Defender against traditional secure email gateways and integrated cloud email security solutions. Findings indicate that Defender consistently missed fewer high-severity threats than every other gateway vendor evaluated during the study period.

Source

Microsoft has failed to renew the SSL/TLS certificate for connectivity.office.com, a domain used by IT professionals to verify network access to cloud services. Visitors to the site are currently encountering untrusted connection warnings in their web browsers because the previous certificate expired on June 14. This specific tool is essential for testing firewall configurations and ensuring that organizational traffic can reach Microsoft 365 servers without interference.

Source

Cisco has released urgent security updates for Catalyst SD-WAN Manager to address a zero-day vulnerability tracked as CVE-2026-20262. This network management software, formerly known as vManage, allows for the centralized control of thousands of software-defined networking devices. The flaw impacts all deployment types, including on-premises installations and various cloud-managed versions such as those used by government entities.

Source

The cybercrime group ShinyHunters has reportedly exploited a zero-day vulnerability in Oracle PeopleSoft to breach over 100 organizations globally. This enterprise software is widely used for managing human resources, payroll, and business operations across various sectors. The vulnerability, tracked as CVE-2026-35273, has allowed the group to compromise approximately 300 vulnerable instances to exfiltrate sensitive data.

Source

HPE is launching a migration assistance program to help organizations transition away from expensive virtualization platforms. The initiative provides one year of free licenses for HPE Morpheus VM Essentials to mitigate the financial burden of running two environments simultaneously. Additionally, the company is offering Zerto data protection licenses for just one dollar to facilitate the secure movement of virtual workloads.

Source

North Korean threat actors are targeting developers with phishing campaigns that exploit integrated development environments (IDEs) to execute malicious code. The attackers distribute links to GitHub repositories that use the "runOn: folderOpen" feature in Visual Studio Code to trigger malware automatically when a project is opened. These campaigns primarily target organizations in the finance, cryptocurrency, and technology sectors across the United States and Europe.

Source

Microsoft's June 2026 update for Windows 11 introduces a Low Latency Profile designed to improve system responsiveness during interactive tasks. This feature temporarily increases CPU frequency for up to three seconds to accelerate application launches and system menu interactions by significant margins. While the performance gains are automated and hardware-dependent, older or lower-end systems are expected to see the most noticeable improvements.

Source

The United States government recently issued an export control directive to suspend access to Anthropic’s Fable 5 and Mythos 5 models due to national security concerns. This decision followed reports of a prompt-based jailbreak that allegedly bypassed the advanced AI model's safety guardrails shortly after its launch. In response to the federal mandate, Anthropic disabled the affected models for all customers to ensure full regulatory compliance.

Source

The LF AI & Data Foundation has introduced DocLang, a new open-source document format designed specifically for consumption by artificial intelligence systems. Industry leaders including IBM, NVIDIA, and Red Hat are backing the initiative to replace traditional formats like PDF and HTML in AI workflows. These organizations argue that existing formats are optimized for human rendering rather than machine understanding, which often leads to data loss during tokenization.

Source

Microsoft is rolling out a new Efficiency mode for Teams to address long-standing performance issues on hardware-constrained devices. This feature is designed to automatically reduce resource consumption when the application detects low system memory or limited CPU power. The update comes as rising memory prices have led to a resurgence of PCs shipping with only 8GB of RAM.

Source

A critical privilege escalation vulnerability in the LiteSpeed cPanel plugin is now being exploited in the wild, prompting a warning from CISA. The flaw, tracked as CVE-2026-54420, allows attackers with basic FTP or web shell access to gain full root privileges on shared hosting environments. This security hole specifically affects servers running CloudLinux or CageFS due to the improper handling of user-provided symlinks.

Source

Microsoft is implementing license price increases in July 2026 that affect various services beyond standard Microsoft 365 bundles. Notable adjustments include a 13% rise for Enterprise Mobility and Security E3 and up to 16% for Entra P1 licenses. Administrators can use PowerShell to proactively identify these costs and remove inactive licenses to mitigate the financial impact.

Source