Des chercheurs en cybersécurité ont révélé une vulnérabilité majeure dans l’IA Microsoft 365 Copilot, permettant à des pirates de voler des données sensibles d'entreprises, sans le moindre clic d'utilisateur. Baptisée EchoLeak, cette faille exploitait l’IA générative intégrée aux outils Microsoft pour exfiltrer des informations via un simple e-mail, même non ouvert.

C'était l'opération dans l'opération. En marge de la campagne Rising Lion lancée par Israël contre l'Iran dans la nuit du 12 au 13 juin 2025, pour attaquer son programme de nucléaire militaire, une action spéciale a aussi eu lieu proche de Téhéran. Elle impliquait une base clandestine et des drones explosifs. Un coup qui rappelle celui de l'Ukraine en Russie.

Cybersecurity researchers are calling attention to a "large-scale campaign" that has been observed compromising legitimate websites with malicious JavaScript injections. According to Palo Alto Networks Unit 42, these malicious injects are obfuscated using JSFuck, which refers to an "esoteric and educational programming style" that uses only a limited set of characters to write and execute code.

Microsoft is investigating a known issue that triggers Secure Boot errors and prevents Surface Hub v1 devices from starting up. [...]

Microsoft is investigating an ongoing incident that is causing users to experience errors with some Microsoft 365 authentication features. [...]

Pendant près de trois ans, des chercheurs ont pu collecter des milliers de données confidentielles sur Danabot, un des réseaux cybercriminels les plus recherchés au monde. La faute à une faille dans leur infrastructure, baptisée DanaBleed.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday disclosed that ransomware actors are targeting unpatched SimpleHelp Remote Monitoring and Management (RMM) instances to compromise customers of an unnamed utility billing software provider. "This incident reflects a broader pattern of ransomware actors targeting organizations through unpatched versions of SimpleHelp

Introduction: Security at a Tipping Point Security Operations Centers (SOCs) were built for a different era, one defined by perimeter-based thinking, known threats, and manageable alert volumes. But today’s threat landscape doesn’t play by those rules. The sheer volume of telemetry, overlapping tools, and automated alerts has pushed traditional SOCs to the edge. Security teams are overwhelmed,

Victoria's Secret has restored all critical systems impacted by a May 24 security incident that forced it to shut down corporate systems and the e-commerce website. [...]

Cloudflare has confirmed that the massive service outage yesterday was not caused by a security incident and no data has been lost. [...]

A l’occasion de l’évènement annuel, Predictive Cyber Day, le 12 juin à la Sorbonne, Thierry Happe (fondateur et ex-président de l’Observatoire Netexplo) annonce le lancement du Predictive Cyberlab, un laboratoire dédié à la lutte contre les cybermenaces reposant sur l’ingénierie sociale et au développement de la cyber maturité des collaborateurs des entreprises. Communiqué – La […]

The post Lancement du Predictive Cyberlab – projet de formation innovant visant à développer la cyber maturité des organisations first appeared on UnderNews.

Dans une étude, Check Point Research (CPR) a découvert une faille dans le système d’invitation de Discord permettant à des attaquants de détourner des liens d’invitation expirés ou supprimés et de rediriger subrepticement des utilisateurs vers des serveurs malveillants. Des liens d’invitation partagés des mois auparavant par des communautés de confiance sur des forums, réseaux […]

The post Des acteurs malveillants ont exploité le système d’invitation de Discord pour lancer des attaques globales en plusieurs étapes first appeared on UnderNews.

Apple has disclosed that a now-patched security flaw present in its Messages app was actively exploited in the wild to target civil society members in sophisticated cyber attacks. The vulnerability, tracked as CVE-2025-43200, was addressed on February 10, 2025, as part of iOS 18.3.1, iPadOS 18.3.1, iPadOS 17.7.5, macOS Sequoia 15.3.1, macOS Sonoma 14.7.4, macOS Ventura 13.7.4, watchOS 11.3.1,

Trend Micro has released security updates to address multiple critical-severity remote code execution and authentication bypass vulnerabilities that impact its Apex Central and Endpoint Encryption (TMEE) PolicyServer products. [...]

Google Cloud and Cloudflare are investigating ongoing outages impacting access to sites and various services across multiple regions. [...]

Forensic investigation has confirmed the use of Paragon's Graphite spyware platform in zero-click attacks that targeted Apple iOS devices of at least two journalists in Europe. [...]

Hackers have been using the TeamFiltration pentesting framework to target more than 80,000 Microsoft Entra ID accounts at hundreds of organizations worldwide. [...]

The threat actors behind the VexTrio Viper Traffic Distribution Service (TDS) have been linked to other TDS services like Help TDS and Disposable TDS, indicating that the sophisticated cybercriminal operation is a sprawling enterprise of its own that's designed to distribute malicious content. "VexTrio is a group of malicious adtech companies that distribute scams and harmful software via

Cybersecurity researchers have discovered a novel attack technique called TokenBreak that can be used to bypass a large language model's (LLM) safety and content moderation guardrails with just a single character change. "The TokenBreak attack targets a text classification model's tokenization strategy to induce false negatives, leaving end targets vulnerable to attacks that the implemented