Cybersecurity researchers have warned of a surge in retaliatory hacktivist activity following the U.S.-Israel coordinated military campaign against Iran, codenamed Epic Fury and Roaring Lion. "The hacktivist threat in the Middle East is highly lopsided, with two groups, Keymous+ and DieNet, driving nearly 70% of all attack activity between February 28 and March 2," Radware said in a Tuesday

A maximum severity vulnerability in the FreeScout helpdesk platform allows hackers to achieve remote code execution without any user interaction or authentication. [...]

Microsoft has released the KB5075039 Windows Recovery Environment update for Windows 10 to fix a long-standing issue that prevented some users from accessing the Recovery environment. [...]

Password management software provider LastPass is warning users of a phishing campaign targeting its users with fake unauthorized account access alerts. [...]

Cisco has released security updates to patch two maximum-severity vulnerabilities in its Secure Firewall Management Center (FMC) software. [...]

A previously undocumented set of 23 iOS exploits named "Coruna" has been deployed by multiple threat actors in targeted espionage campaigns and financially motivated attacks. [...]

Customers of restaurants using the HungerRush point-of-sale (POS) platform say they received emails from a threat actor attempting to extort the company, warning that restaurant and customer data could be exposed if HungerRush fails to respond. [...]

The FBI has seized the LeakBase cybercrime forum, a major online forum used by cybercriminals buy and sell hacking tools and stolen data. [...]

An international law enforcement operation coordinated by Europol has disrupted Tycoon2FA, a major phishing-as-a-service (PhaaS) platform linked to tens of millions of phishing messages each month. [...]

The University of Mississippi Medical Center (UMMC) says it has resumed normal operations, nine days after a ransomware attack blocked access to electronic medical records and took down many of its IT systems. [...]

Quelques jours après avoir annoncé un contrat avec le département américain de la Défense, OpenAI évoque désormais un possible accord avec l’OTAN. L’entreprise avance en terrain miné, profitant d'une ouverture inédite de l'Alliance politico-militaire aux technologies grand public.

Google said it identified a "new and powerful" exploit kit dubbed Coruna (aka CryptoWaters) targeting Apple iPhone models running iOS versions between 13.0 and 17.2.1. The exploit kit featured five full iOS exploit chains and a total of 23 exploits, Google Threat Intelligence Group (GTIG) said. It's not effective against the latest version of iOS. The findings were first reported by WIRED. "The

Google et l’entreprise de cybersécurité iVerify ont publié hier leurs recherches sur Coruna, un puissant kit d’exploitation (spyware) ciblant iOS. Tribune – Ce logiciel espion s’appuie sur deux failles zero-day critiques (CVE-2023-32434 et CVE-2023-38606) qui ont été initialement découvertes et documentées par les experts de Kaspersky lors de leur enquête sur la vaste campagne d’espionnage […]

The post Espionnage iOS « Coruna » : Les liens avec l’Opération Triangulation décryptés par Kaspersky first appeared on UnderNews.

A routine RDP brute-force alert led to unusual credential hunting and a geo-distributed VPN-linked infrastructure. Huntress Labs explains how one compromised login unraveled a suspected ransomware-as-a-service ecosystem tied to initial access brokers. [...]

L’adoption de l’IA, les botnets coordonnés et les groupes hacktivistes persistants sont à l’origine de millions d’attaques. Tribune – NETSCOUT® SYSTEMS, INC., publie son rapport Threat Intelligence du deuxième semestre 2025 consacré aux attaques par déni de service distribué (Distributed Denial-of-Service, DDoS). Ce document montre comment la collaboration étroite entre cybercriminels, la résilience des botnets […]

The post Changements qualitatifs dans le niveau de sophistication des attaques DDoS, la capacité des infrastructures et le savoir-faire des cybercriminels first appeared on UnderNews.

As AI becomes the central engine for enterprise productivity, security leaders are finally getting the green light — and the budget — to secure it. But there’s a quiet crisis unfolding in the boardroom: many organizations know they need "AI Governance," but they have no idea what they are actually looking for. The CISO’s Dilemma: You Have the AI Budget, but Do You Have the Requirements? As AI

La persistance des attaques de phishing, y compris leurs variantes comme le spear phishing et le smishing, reste une menace critique pour les entreprises, comme le montre le Baromètre Cesin 2026. Celui-ci révèle que ces attaques sont responsables de 55 % des incidents signalés. Cette tendance est le résultat d’un écart fondamental, où les tactiques […]

The post Combler les lacunes en matière de phishing avec des clés de sécurité physiques first appeared on UnderNews.

Cybersecurity researchers have flagged malicious Packagist PHP packages masquerading as Laravel utilities that act as a conduit for a cross-platform remote access trojan (RAT) that's functional on Windows, macOS, and Linux systems. The names of the packages are listed below - nhattuanbl/lara-helper (37 Downloads) nhattuanbl/simple-queue (29 Downloads) nhattuanbl/lara-swagger (49 Downloads)

Cybersecurity researchers have disclosed details of an advanced persistent threat (APT) group dubbed Silver Dragon that has been linked to cyber attacks targeting entities in Europe and Southeast Asia since at least mid-2024. "Silver Dragon gains its initial access by exploiting public-facing internet servers and by delivering phishing emails that contain malicious attachments," Check Point said