A new tool called 'Defendnot' can disable Microsoft Defender on Windows devices by registering a fake antivirus product, even when no real AV is installed. [...]

Des chercheurs d’ESET ont identifié une opération d’espionnage baptisée RoundPress, vraisemblablement menée par le groupe Sednit (aussi connu sous les noms Fancy Bear ou APT28), aligné sur les intérêts de la Russie. Cette campagne exploite des failles XSS sur des serveurs de messagerie web pour dérober des données sensibles. Les cibles principales sont liées au […]

The post ESET identifie une campagne d’espionnage du groupe Sednit (APT28) exploitant des failles XSS dans des messageries en ligne first appeared on UnderNews.

​Microsoft has confirmed that some Windows 10 and Windows 10 Enterprise LTSC 2021 systems will boot into BitLocker recovery after installing the May 2025 security updates. [...]

An American-Israeli national namedAlexander Gurevich has been arrested in Israel for his alleged involvement in exploiting the Nomad bridge smart-contract in August 2022 that allowed hackers to siphon $190 million. [...]

OpenAI is rolling out 'Codex' for ChatGPT, which is an AI agent that automates and delegates programming tasks for software engineers. [...]

During the second day of Pwn2Own Berlin 2025, competitors earned $435,000 after exploiting zero-day bugs in multiple products, including Microsoft SharePoint, VMware ESXi, Oracle VirtualBox, Red Hat Enterprise Linux, and Mozilla Firefox. [...]

La justice commence à pousser les fournisseurs de VPN à agir pour empêcher l'accès des internautes à des sites bloqués en France. Avec comme objectif de contrer la possibilité de regarder du sport (comme des matchs de foot) sur des sites proposant du streaming pirate.

La justice commence à pousser les fournisseurs de VPN à agir pour empêcher l'accès des internautes à des sites bloqués en France. Avec comme objectif de contrer la possibilité de regarder du sport (comme des matchs de foot) sur des sites proposant du streaming pirate.

For at least half a year, the official software supplied with Procolored printers included malware in the form of a remote access trojan and a cryptocurrency stealer. [...]

Ransomware gang members increasingly use a new malware called Skitnet ("Bossnet") to perform stealthy post-exploitation activities on breached networks. [...]

Operation RoundPress targets webmail software to steal secrets from email accounts belonging mainly to governmental organizations in Ukraine and defense contractors in the EU

ESET researchers uncover a Russia-aligned espionage operation targeting webmail servers via XSS vulnerabilities

La justice commence à pousser les fournisseurs de VPN à agir pour empêcher l'accès des internautes à des sites bloqués en France. Avec comme objectif de contrer la possibilité de regarder du sport (comme des matchs de foot) sur des sites proposant du streaming pirate.

Cybersecurity researchers are calling attention to a new botnet malware called HTTPBot that has been used to primarily single out the gaming industry, as well as technology companies and educational institutions in China. "Over the past few months, it has expanded aggressively, continuously leveraging infected devices to launch external attacks," NSFOCUS said in a report published this week. "By

Data is the lifeblood of productivity, and protecting sensitive data is more critical than ever. With cyber threats evolving rapidly and data privacy regulations tightening, organizations must stay vigilant and proactive to safeguard their most valuable assets. But how do you build an effective data protection framework? In this article, we'll explore data protection best practices from meeting

Coinbase, l’une des plus grandes plateformes de cryptomonnaies au monde, a été victime d’un piratage sophistiqué. Face à une demande de rançon de 20 millions de dollars et une fuite de données sensibles, l’entreprise a décidé de retourner la menace contre ses auteurs : elle propose la même somme à quiconque permettra de les identifier.

Twelve more suspects were charged in a RICO conspiracy for their alleged involvement in the theft of over $230 million in cryptocurrency and laundering the funds using crypto exchanges and mixing services. [...]

On Thursday, CISA warned U.S. federal agencies to secure their systems against ongoing attacks exploiting a high-severity vulnerability in the Chrome web browser. [...]

Researchers at ETH Zürich have discovered yet another security flaw that they say impacts all modern Intel CPUs and causes them to leak sensitive data from memory, showing that the vulnerability known as Spectre continues to haunt computer systems after more than seven years. The vulnerability, referred to as Branch Privilege Injection (BPI), "can be exploited to misuse the prediction