Spanish and Ukrainian law enforcement authorities dismantled a criminal ring that exploited war-displaced Ukrainian women to run an online gambling scheme that laundered nearly €4.75 million in illicit proceeds. [...]

Some weeks in cybersecurity feel routine. This one doesn’t. Several new developments surfaced over the past few days, showing how quickly the threat landscape keeps shifting. Researchers uncovered fresh activity, security teams shared new findings, and a few unexpected moves from major tech companies also drew attention. Together, these updates offer a useful snapshot of what is happening

Most organizations assume encrypted data is safe. But many attackers are already preparing for a future where today’s encryption can be broken. Instead of trying to decrypt information now, they are collecting encrypted data and storing it so it can be decrypted later using quantum computers. This tactic—known as “harvest now, decrypt later”—means sensitive data transmitted today could become

À l’approche des élections municipales les 15 et 22 mars prochains, la cybersécurité des mairies quitte la sphère purement technique pour s’inviter au cœur du débat démocratique. Les vagues de cyberattaques contre les collectivités françaises ont prouvé que la vulnérabilité d’un système d’information n’est plus un simple aléa administratif mais un risque politique réel, capable […]

The post Élections municipales 2026 : la cyber-résilience, pilier de la confiance et du service public first appeared on UnderNews.

Photos, vidéos, documents administratifs et captures d’écran occupent rapidement l’espace de stockage d’un téléphone. L’accumulation se fait souvent sans que l’on y prête attention. Quelques mois d’utilisation suffisent pour que la mémoire interne se remplisse et que certaines fonctions deviennent plus lentes. Libérer de l’espace ne signifie pourtant pas effacer des souvenirs précieux ou supprimer […]

The post Réduire le poids des fichiers sur son téléphone sans perdre ses souvenirs first appeared on UnderNews.

Le 8 mars marque la Journée internationale des droits des femmes. Ce rendez-vous a pour objectif de mettre en avant la lutte pour l’égalité et la réduction des disparités de genre. Alors que le monde des technologies présente traditionnellement une prédominance de profils masculins, cette journée représente une opportunité pour encourager la mixité au sein […]

The post Journée internationale des droits des femmes : la visibilité pour une plus grande inclusion first appeared on UnderNews.

À mesure que l’intelligence artificielle devient autonome, la question de la confiance numérique change d’échelle. Selon le dernier Digital Trust Digest de Keyfactor, consacré à l’identité à l’ère de l’IA, les entreprises déploient des agents autonomes plus vite qu’elles ne sont capables de les gérer et de les sécuriser. Tribune Keyfactor – L’étude met en […]

The post IA autonome & identité numérique : 7 enseignements clés pour les entreprises first appeared on UnderNews.

A suspected Iran-nexus threat actor has been attributed to a campaign targeting government officials in Iraq by impersonating the country's Ministry of Foreign Affairs to deliver a set of never-before-seen malware. Zscaler ThreatLabz, which observed the activity in January 2026, is tracking the cluster under the name Dust Specter. The attacks, which manifest in the form of two different

Organizations typically roll out multi-factor authentication (MFA) and assume stolen passwords are no longer enough to access systems. In Windows environments, that assumption is often wrong. Attackers still compromise networks every day using valid credentials. The issue is not MFA itself, but coverage.  Enforced through an identity provider (IdP) such as Microsoft Entra ID, Okta, or

Cybersecurity researchers have disclosed details of a new Russian cyber campaign that has targeted Ukrainian entities with two previously undocumented malware families named BadPaw and MeowMeow. "The attack chain initiates with a phishing email containing a link to a ZIP archive. Once extracted, an initial HTA file displays a lure document written in Ukrainian concerning border crossing appeals

​Cisco has flagged two Catalyst SD-WAN Manager security flaws as actively exploited in the wild, urging administrators to upgrade vulnerable devices. [...]

A Russian national pleaded guilty to a wire fraud conspiracy charge related to his role in administering the Phobos ransomware operation, which breached hundreds of victims worldwide. [...]

Tycoon 2FA, one of the prominent phishing-as-a-service (PhaaS) toolkits that allowed cybercriminals to stage adversary-in-the-middle (AitM) credential harvesting attacks at scale, was dismantled by a coalition of law enforcement agencies and security companies. The subscription-based phishing kit, which first emerged in August 2023, was described by Europol as one of the largest phishing

A joint law enforcement operation has dismantled LeakBase, one of the world's largest online forums for cybercriminals to buy and sell stolen data and cybercrime tools. The LeakBase forum, per the U.S. Department of Justice (DoJ), had over 142,000 members and more than 215,000 messages between members as of December 2025. Those attempting to access the forum's website ("leakbase[.]la") are now

The education sector is notoriously short on cash, but rich in assets for threat actors to target. How can managed detection and response (MDR) help learning institutions regain the initiative?

Bitwarden announced support for logging into Windows 11 devices using passkeys stored in the manager's vault, enabling phishing-resistant authentication. [...]

Cybersecurity researchers have warned of a surge in retaliatory hacktivist activity following the U.S.-Israel coordinated military campaign against Iran, codenamed Epic Fury and Roaring Lion. "The hacktivist threat in the Middle East is highly lopsided, with two groups, Keymous+ and DieNet, driving nearly 70% of all attack activity between February 28 and March 2," Radware said in a Tuesday

A maximum severity vulnerability in the FreeScout helpdesk platform allows hackers to achieve remote code execution without any user interaction or authentication. [...]

Microsoft has released the KB5075039 Windows Recovery Environment update for Windows 10 to fix a long-standing issue that prevented some users from accessing the Recovery environment. [...]