Start using a new app and you’ll often be asked to grant it permissions. But blindly accepting them could expose you to serious privacy and security risks.

New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused to authenticate to sensitive Gemini endpoints and access private data. The findings come from Truffle Security, which discovered nearly 3,000 Google API keys (identified by the prefix "AIza") embedded in client-side code to provide Google-related services like

Anthropic on Friday hit back after U.S. Secretary of Defense Pete Hegseth directed the Pentagon to designate the artificial intelligence (AI) upstart as a "supply chain risk." "This action follows months of negotiations that reached an impasse over two exceptions we requested to the lawful use of our AI model, Claude: the mass domestic surveillance of Americans and fully autonomous weapons," the

The U.S. Department of Justice (DoJ) this week announced the seizure of $61 million worth of Tether that were allegedly associated with bogus cryptocurrency schemes known as pig butchering. The confiscated funds were traced to cryptocurrency addresses used for the laundering of criminally derived proceeds stolen from victims of cryptocurrency investment scams, the department added. "Criminal

Microsoft is rolling out new Windows 11 Insider Preview builds that improve security and performance during batch file or CMD script execution. [...]

Ce samedi 28 février 2026, alors que des explosions retentissaient à Téhéran, Ispahan et dans plusieurs autres villes iraniennes, l'accès à internet s'est effondré dans tout le pays. Un signal devenu habituel en temps de crise dans le pays.

North Korean hackers are deploying newly uncovered tools to move data between internet-connected and air-gapped systems, spread via removable drives, and conduct covert surveillance. [...]

A yearlong Europol-coordinated operation dubbed "Project Compass" has led to 30 arrests and 179 suspects being tied to "The Com," an online cybercrime collective that targets children and teenagers. [...]

La nuit du 27 au 28 février 2026 aura été agitée de l'autre côté de l'Atlantique. Donald Trump a ordonné l'exclusion immédiate d'Anthropic de toutes les agences fédérales américaines, après le refus de l'entreprise de lever ses restrictions éthiques sur l'usage militaire de son IA. Un contrat aussitôt récupéré par OpenAI, qui affirme pourtant avoir obtenu du Pentagone les mêmes garanties qu'Anthropic réclamait.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released new details about RESURGE, a malicious implant used in zero-day attacks exploiting CVE-2025-0282 to breach Ivanti Connect Secure devices. [...]

Everyday tools like PDF readers, email clients, and archive utilities quietly define the real attack surface. Action1 explains how third-party software drift increases exploit risk and why consistent patching reduces exposure across endpoints. [...]

The Shadowserver Foundation has revealed that over 900 Sangoma FreePBX instances still remain infected with web shells as part of attacks that exploited a command injection vulnerability starting in December 2025. Of these, 401 instances are located in the U.S., followed by 51 in Brazil, 43 in Canada, 40 in Germany, and 36 in France. The non-profit entity said the compromises are likely

Cybersecurity researchers have disclosed details of a malicious Go module that's designed to harvest passwords, create persistent access via SSH, and deliver a Linux backdoor named Rekoobe. The Go module, github[.]com/xinfeisoft/crypto, impersonates the legitimate "golang.org/x/crypto" codebase, but injects malicious code that's responsible for exfiltrating secrets entered via terminal password

The North Korean threat actor known as ScarCruft has been attributed to a fresh set of tools, including a backdoor that uses Zoho WorkDrive for command-and-control (C2) communications to fetch more payloads and an implant that uses removable media to relay commands and breach air-gapped networks. The campaign, codenamed Ruby Jumper by Zscaler ThreatLabz, involves the deployment of malware

Le bras de fer entre Anthropic et le Pentagone se durcit après la publication d’un billet de blog refusant de lever certaines restrictions d’usage de Claude. Le Department of War exige une autorisation d’emploi sans limites d'ici le 27 février à 17h01, sous peine de lourdes sanctions.

A Ukrainian man has pleaded guilty to operating OnlyFake, an AI-powered website that generated and sold more than 10,000 photos of fake identification documents to customers worldwide. [...]

Le gouvernement français a publié un rapport intitulé « Mobile Phones Threat Landscape Since 2015 » (Les menaces pesant sur les téléphones mobiles depuis 2015), qui souligne l’urgence de renforcer la sécurité des appareils mobiles. Publiée fin novembre, ce rapport révèle que les smartphones et tablettes constituent une cible prioritaire pour les cybercriminels et formule des recommandations […]

The post Menaces mobiles : les recommandations du gouvernement français confirment l’importance d’une défense mobile active first appeared on UnderNews.

Le gestionnaire de mots de passe Keeper déploie un nouveau standard de chiffrement résistant aux futurs ordinateurs quantiques. Le but : contrer les hackers qui volent des données chiffrées aujourd'hui pour les casser demain.

Threat actors are luring unsuspecting users into running trojanized gaming utilities that are distributed via browsers and chat platforms to distribute a remote access trojan (RAT). "A malicious downloader staged a portable Java runtime and executed a malicious Java archive (JAR) file named jd-gui.jar," the Microsoft Threat Intelligence team said in a post on X. "This downloader used PowerShell