Les chercheurs en menaces de Proofpoint viennent de publier une nouvelle étude identifiant une campagne de cyber-espionnage inédite menée par TA415 (APT41), un acteur de la menace aligné sur la Chine. Les cybercriminels ont notamment usurpé l’identité du député américain John Moolenaar. TRIBUNE Proofpoint – Cette campagne exploite l’incertitude croissante dans les relations économiques sino-américaines. […]

The post Une campagne de spearphishing chinoise cible le gouvernement américain first appeared on UnderNews.

L’entreprise de cybersécurité PRODAFT révèle les dessous d’une vaste opération de cyberespionnage visant le secteur des télécommunications et attribuée à des hackers iraniens. Au moins une entreprise française ferait partie des victimes de cette campagne, menée à l’aide de faux profils RH créés sur LinkedIn.

Le 18 septembre 2025, des chercheurs de Splx ont publié une étude démontrant que des agents IA basés sur ChatGPT ont réussi à contourner plusieurs types de CAPTCHA, ces outils conçus pour bloquer les robots. L’exploit ne réside pas tant dans la performance technique que dans la manière dont l’humain parvient à pousser l’IA à accomplir ce qu’elle n’est pas censée faire.

Un rapport publié par la société de cybersécurité sud-coréenne Genians révèle les dessous d'une campagne de cyberespionnage menée par un groupe nord-coréen proche du pouvoir de Pyongyang. Fait notoire dans cette opération, les hackers sont parvenus à tromper ChatGPT en lui faisant générer de faux papiers d'identité militaire.

Microsoft has begun rolling out the beta version of its AI-powered Gaming Copilot to Windows 11 systems for users aged 18 or older, excluding those in mainland China. [...]

The FBI warned today that cybercriminals are impersonating its Internet Crime Complaint Center (IC3) website in what the law enforcement agency described as "possible malicious activity." [...]

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the malware deployed in attacks exploiting vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM). [...]

Fortra has released security updates to patch a maximum severity vulnerability in GoAnywhere MFT's License Servlet that can be exploited in command injection attacks. [...]

Ransomware remains one of the most destructive threats—because defenses keep failing. Picus Blue Report 2025 shows prevention dropped to 62%, while data exfiltration prevention collapsed to just 3%. [...]

An Iran-nexus cyber espionage group known as UNC1549 has been attributed to a new campaign targeting European telecommunications companies, successfully infiltrating 34 devices across 11 organizations as part of a recruitment-themed activity on LinkedIn. Swiss cybersecurity company PRODAFT is tracking the cluster under the name Subtle Snail. It's assessed to be affiliated with Iran's Islamic

A proxy network known as REM Proxy is powered by malware known as SystemBC, offering about 80% of the botnet to its users, according to new findings from the Black Lotus Labs team at Lumen Technologies. "REM Proxy is a sizeable network, which also markets a pool of 20,000 Mikrotik routers and a variety of open proxies it finds freely available online," the company said in a report shared with

Fortra has disclosed details of a critical security flaw in GoAnywhere Managed File Transfer (MFT) software that could result in the execution of arbitrary commands. The vulnerability, tracked as CVE-2025-10035, carries a CVSS score of 10.0, indicating maximum severity. "A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged

Valve has announced that its Steam digital distribution service will drop support for 32-bit versions of Windows starting January 2026. [...]

.OpenAI released $4 GPT Go in August, but it was limited to just India. Now, OpenAI is expanding GPT Go to include new regions. [...]

OpenAI has rolled out a big update to ChatGPT Search, which is an AI-powered search feature, similar to Google AI Mode. [...]

The phishing-as-a-service (PhaaS) offering known as Lighthouse and Lucid has been linked to more than 17,500 phishing domains targeting 316 brands from 74 countries. "Phishing-as-a-Service (PhaaS) deployments have risen significantly recently," Netcraft said in a new report. "The PhaaS operators charge a monthly fee for phishing software with pre-installed templates impersonating, in some cases,

Run by the team at workflow orchestration and AI platform Tines, the Tines library features over 1,000 pre-built workflows shared by security practitioners from across the community - all free to import and deploy through the platform's Community Edition. The workflow we are highlighting streamlines security alert handling by automatically identifying and executing the appropriate Standard

Long known to be a sweet spot for cybercriminals, small businesses are more likely to be victimized by ransomware than large enterprises