Cybersecurity researchers have uncovered a new set of malicious npm packages that are designed to steal cryptocurrency wallets and sensitive data. The activity is being tracked by ReversingLabs as the Ghost campaign. The list of identified packages, all published by a user named mikilanjillo, is below - react-performance-suite react-state-optimizer-core react-fast-utilsa ai-fast-auto-trader

On February 25, 2026, Gartner published its inaugural Market Guide for Guardian Agents, marking an important milestone for this emerging category. For those unfamiliar with the various Gartner report types, “a Market Guide defines a market and explains what clients can expect it to do in the short term. With the focus on early, more chaotic markets, a Market Guide does not rate or position

The Dutch Ministry of Finance confirmed on Monday that some of its systems were breached in a cyberattack detected last week. [...]

Le 15 mars 2026, un attaquant s'est introduit dans COMPAS, le système de gestion RH des enseignants stagiaires du ministère de l'Éducation nationale, en usurpant les identifiants d'un compte externe. Il a fallu quatre jours pour détecter l'intrusion. Entre-temps, les données personnelles de 243 000 agents avaient déjà été extraites, et une partie circulerait désormais en ligne.

Dans son article « Zero Trust dans l’industrie : un impératif, pas une option », Ramses Gallego, Chief Technologist, Cybersecurity, DXC Technology revient sur la notion du Zero Trust et ce que la méthode apporte au secteur industriel. Avec ses milliers de systèmes interconnectés, le secteur industriel est aujourd’hui un secteur de plus en plus ciblé par […]

The post Cybersécurité et chaîne d’approvisionnement : un impératif stratégique de confiance first appeared on UnderNews.

Dans un environnement numérique en constante évolution, les cybermenaces et incidents IT exigent une double approche : renforcer la sécurité de vos systèmes tout en garantissant leur résilience. Sécuriser ses données, anticiper les attaques et assurer une reprise rapide en cas d’incident sont des points stratégiques. S’appuyer sur des dispositifs alliant cybersécurité proactive et stratégies de […]

The post Cybersécurité et bonne gestion des données : une composante clé d’une transformation digitale réussie first appeared on UnderNews.

Cybersecurity has changed fast. Roles are more specialized, and tooling is more advanced. On paper, this should make organizations more secure. But in practice, many teams struggle with the same basic problems they faced years ago: unclear risk priorities, misaligned tooling decisions, and difficulty explaining security issues in terms the business understands. These challenges do not

Two more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor known as TeamPCP, the cloud-native cybercriminal operation also behind the Trivy supply chain attack. The workflows, both maintained by the supply chain security company Checkmarx, are listed below - checkmarx/ast-github-action checkmarx/kics-github-action Cloud security

Le 23 mars 2026, une vidéo publiée sur X par Claude a propulsé Dispatch sur le devant de la scène. Cette fonctionnalité de Cowork permet à l'IA d'Anthropic de travailler seule sur votre ordinateur pendant que vous lui donnez des ordres depuis votre téléphone. Lancée discrètement quelques jours plus tôt, elle est désormais au cœur de l'attention, et ce qu'Anthropic écrit en petites lettres sur la sécurité mérite qu'on s'y attarde.

A 26-year-old Russian citizen has been sentenced in the U.S. to 6.75 years (81 months) in prison for his role in assisting major cybercrime groups, including the Yanluowang ransomware crew, in conducting numerous attacks against U.S. companies and other organizations. According to the U.S. Department of Justice (DoJ), Aleksei Olegovich Volkov facilitated dozens of ransomware attacks across the

Citrix has released security updates to address two vulnerabilities in NetScaler ADC and NetScaler Gateway, including a critical flaw that could be exploited to leak sensitive data from the application. The vulnerabilities are listed below - CVE-2026-3055 (CVSS score: 9.3) - Insufficient input validation leading to memory overread CVE-2026-4368 (CVSS score: 7.7) - Race condition leading to user

OpenAI is rolling out a new feature called 'Library' for ChatGPT, which allows you to store your personal files or images on OpenAI's cloud storage, so you can reference those items in a future chat. [...]

Mazda Motor Corporation (Mazda) announced that information belonging to its employees and business partners had been exposed in a security incident detected last December. [...]

The Tycoon2FA phishing-as-a-service (PhaaS) platform that Europol and partners disrupted on March 4 has already returned to previously observed activity levels. [...]

The TeamPCP hacking group is targeting Kubernetes clusters with a malicious script that wipes all machines when it detects systems configured for Iran. [...]

Popular anime streaming platform Crunchyroll is investigating a breach after hackers claimed to have stolen personal information for approximately 6.8 million people. [...]

The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that's distributed via malicious Microsoft Visual Studio Code (VS Code) projects. The use of VS Code "tasks.json" to distribute malware is a relatively new tactic adopted by the threat actor since December 2025, with the attacks

Publication du 17e rapport annuel M-Trends de Mandiant, qui met en lumière les résultats de plus de 500 000 heures d’enquêtes sur les incidents en 2025. Principales conclusions du rapport M-Trends 2026 : Essor de l’ingénierie sociale vocale : le phishing vocal est devenu le deuxième vecteur d’infection initial le plus courant, reflétant une évolution vers des attaques […]

The post GCS : Rapport annuel M-Trends 2026 & annonces de la RSA Conference 2026 first appeared on UnderNews.

The TeamPCP hackers behind the Trivy supply-chain attack continued to target Aqua Security, pushing malicious Docker images and hijacking the company's GitHub organization to tamper with dozens of repositories. [...]