[Deal du jour] Un gestionnaire de mots de passe est indispensable si vous multipliez les comptes sur diverses plateformes et sites web. Proton Pass fait partie des meilleurs dans ce domaine, et en passant par Numerama, vous bénéficiez en ce moment d'une belle réduction sur l’abonnement annuel Pass Plus.

Taiwan's National Security Bureau (NSB) has warned that China-developed applications like RedNote (aka Xiaohongshu), Weibo, TikTok, WeChat, and Baidu Cloud pose security risks due to excessive data collection and data transfer to China. The alert comes following an inspection of these apps carried out in coordination with the Ministry of Justice Investigation Bureau (MJIB) and the Criminal

Threat actors are weaponizing exposed Java Debug Wire Protocol (JDWP) interfaces to obtain code execution capabilities and deploy cryptocurrency miners on compromised hosts. "The attacker used a modified version of XMRig with a hard-"coded configuration, allowing them to avoid suspicious command-line arguments that are often flagged by defenders," Wiz researchers Yaara Shriki and Gili

Google says Veo 3, which is the company's state-of-the-art video generator, is now shipping to everyone using the Gemini app with a $20 subscription. [...]

ChatGPT Deep Research, which is an AI research tool to automate research, is getting support for new connectors (integrations), including Slack. [...]

IT giant Ingram Micro is experiencing a global outage that is impacting its websites and internal systems, with customers concerned that it may be a cyberattack after the company remains silent on the cause of the issues. [...]

A hacker is threatening to leak 106GB of data allegedly stolen from Spanish telecommunications company Telefónica in a breach that the company did not acknowledge. [...]

Selon un rapport d'Interpol, publié fin juin 2025, les « scam centers » auraient jeté leur dévolu sur l’Afrique de l’Ouest. À la croisée de la cybercriminalité et de la traite d’êtres humains, ces réseaux, venus majoritairement d'Asie du Sud-Est, s'installent de plus en plus dans la région.

Cybersecurity researchers have shed light on a previously undocumented threat actor called NightEagle (aka APT-Q-95) that has been observed targeting Microsoft Exchange servers as a part of a zero-day exploit chain designed to target government, defense, and technology sectors in China. According to QiAnXin's RedDrip Team, the threat actor has been active since 2023 and has switched network

Generative AI is changing how businesses work, learn, and innovate. But beneath the surface, something dangerous is happening. AI agents and custom GenAI workflows are creating new, hidden ways for sensitive enterprise data to leak—and most teams don’t even realize it. If you’re building, deploying, or managing AI systems, now is the time to ask: Are your AI agents exposing confidential data

Cybersecurity researchers have disclosed two security flaws in the Sudo command-line utility for Linux and Unix-like operating systems that could enable local attackers to escalate their privileges to root on susceptible machines. A brief description of the vulnerabilities is below - CVE-2025-32462 (CVSS score: 2.8) - Sudo before 1.9.17p1, when used with a sudoers file that specifies a host

Google has been ordered by a court in the U.S. state of California to pay $314 million over charges that it misused Android device users' cellular data when they were idle to passively send information to the company. The verdict marks an end to a legal class-action complaint that was originally filed in August 2019. In their lawsuit, the plaintiffs argued that Google's Android operating system

L’Amazon Prime Day 2025 aura lieu le 8 juillet. Les acheteurs du monde entier ont préparé leur panier. Les cybercriminels sont sur le qui-vive. Rien qu’en juin, plus de 1 000 nouveaux domaines contenant des noms ressemblant à Amazon sont apparus en ligne. De manière alarmante, 87 % d’entre eux ont déjà été signalés comme […]

The post Amazon Prime Day 2025 : Les bonnes affaires vous attendent, les cybercriminels aussi first appeared on UnderNews.

Fraude numérique en France : 7,6 milliards d’euros envolés en un an. Un fléau qui touche plus d’un Français sur deux. Tribune BioCatch — Les Français sont confrontés à une explosion des fraudes en ligne : plus d’un adulte sur deux (54 %) déclare avoir été victime d’une arnaque au cours des 12 derniers mois, […]

The post Fraude numérique en France : 7,6 milliards d’euros envolés en un an first appeared on UnderNews.

Les poupées Labubu, un phénomène marketing originaire de Hong Kong, continuent de faire sensation sur les réseaux sociaux. Malheureusement, cette popularité attire également des escrocs. Certains profitent de l’engouement pour piéger parents et collectionneurs, en créant de faux sites web imitant la boutique officielle.

Hunters International, l’un des groupes de ransomwares les plus actifs de ces dernières années, a officiellement annoncé la fermeture de ses opérations en juillet 2025. Le groupe se transforme en une nouvelle entité baptisée « World Leaks », axée uniquement sur l’extorsion de données.

Deep cuts in cybersecurity spending risk creating ripple effects that will put many organizations at a higher risk of falling victim to cyberattacks

A few new code references in the ChatGPT web app and Android point to an Operator-like tool in GPT's chain of thoughts. [...]

xAI is preparing the rollout of Grok 4, which replaces Grok 3 as the new state-of-the-art model. [...]