A critical combination of legacy components could have allowed complete access to the Microsoft Entra ID tenant of every company in the world. [...]

Le 20 septembre 2025, plusieurs aéroports européens ont connu de très nombreux retards et annulations. La faute à une cyberattaque qui a mis à mal le système d'enregistrement des passagers.

Threat actors with ties to the Democratic People's Republic of Korea (aka DPRK or North Korea) have been observed leveraging ClickFix-style lures to deliver a known malware called BeaverTail and InvisibleFerret. "The threat actor used ClickFix lures to target marketing and trader roles in cryptocurrency and retail sector organizations rather than targeting software development roles," GitLab

The Royal Canadian Mounted Police has shut down the TradeOgre cryptocurrency exchange and seized more than $40 million believed to originate from criminal activities. [...]

Notorious APT group Turla collaborates with Gamaredon, both FSB-associated groups, to compromise high‑profile targets in Ukraine

LastPass is warning of an ongoing, widespread information stealer campaign targeting Apple macOS users through fake GitHub repositories that distribute malware-laced programs masquerading as legitimate tools. "In the case of LastPass, the fraudulent repositories redirected potential victims to a repository that downloads the Atomic infostealer malware," researchers Alex Cox, Mike Kosak, and

Cybersecurity researchers have discovered what they say is the earliest example known to date of a malware that bakes in Large Language Model (LLM) capabilities. The malware has been codenamed MalTerminal by SentinelOne SentinelLABS research team. The findings were presented at the LABScon 2025 security conference. In a report examining the malicious use of LLMs, the cybersecurity company said

Cybersecurity researchers have disclosed a zero-click flaw in OpenAI ChatGPT's Deep Research agent that could allow an attacker to leak sensitive Gmail inbox data with a single crafted email without any user action. The new class of attack has been codenamed ShadowLeak by Radware. Following responsible disclosure on June 18, 2025, the issue was addressed by OpenAI in early August. "The attack

Les chercheurs en menaces de Proofpoint viennent de publier une nouvelle étude identifiant une campagne de cyber-espionnage inédite menée par TA415 (APT41), un acteur de la menace aligné sur la Chine. Les cybercriminels ont notamment usurpé l’identité du député américain John Moolenaar. TRIBUNE Proofpoint – Cette campagne exploite l’incertitude croissante dans les relations économiques sino-américaines. […]

The post Une campagne de spearphishing chinoise cible le gouvernement américain first appeared on UnderNews.

L’entreprise de cybersécurité PRODAFT révèle les dessous d’une vaste opération de cyberespionnage visant le secteur des télécommunications et attribuée à des hackers iraniens. Au moins une entreprise française ferait partie des victimes de cette campagne, menée à l’aide de faux profils RH créés sur LinkedIn.

Le 18 septembre 2025, des chercheurs de Splx ont publié une étude démontrant que des agents IA basés sur ChatGPT ont réussi à contourner plusieurs types de CAPTCHA, ces outils conçus pour bloquer les robots. L’exploit ne réside pas tant dans la performance technique que dans la manière dont l’humain parvient à pousser l’IA à accomplir ce qu’elle n’est pas censée faire.

Un rapport publié par la société de cybersécurité sud-coréenne Genians révèle les dessous d'une campagne de cyberespionnage menée par un groupe nord-coréen proche du pouvoir de Pyongyang. Fait notoire dans cette opération, les hackers sont parvenus à tromper ChatGPT en lui faisant générer de faux papiers d'identité militaire.

Microsoft has begun rolling out the beta version of its AI-powered Gaming Copilot to Windows 11 systems for users aged 18 or older, excluding those in mainland China. [...]

The FBI warned today that cybercriminals are impersonating its Internet Crime Complaint Center (IC3) website in what the law enforcement agency described as "possible malicious activity." [...]

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the malware deployed in attacks exploiting vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM). [...]

Fortra has released security updates to patch a maximum severity vulnerability in GoAnywhere MFT's License Servlet that can be exploited in command injection attacks. [...]

Ransomware remains one of the most destructive threats—because defenses keep failing. Picus Blue Report 2025 shows prevention dropped to 62%, while data exfiltration prevention collapsed to just 3%. [...]

An Iran-nexus cyber espionage group known as UNC1549 has been attributed to a new campaign targeting European telecommunications companies, successfully infiltrating 34 devices across 11 organizations as part of a recruitment-themed activity on LinkedIn. Swiss cybersecurity company PRODAFT is tracking the cluster under the name Subtle Snail. It's assessed to be affiliated with Iran's Islamic