Vue lecture

Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.

Industrialized ransomware alliance targets software supply chains and developers

Industrialized ransomware alliance targets software supply chains and developers
The Vect ransomware group and the TeamPCP cybercriminal collective have formed a strategic partnership to industrialize the deployment of ransomware. This collaboration combines TeamPCP’s large-scale credential harvesting from software supply chains with Vect’s established ransomware-as-a-service infrastructure. Security researchers warn that this business-like model significantly lowers the barrier to entry for cybercriminals by automating complex attack pipelines.

Source

Protecting the server lifecycle with quantum-safe management hardware

Protecting the server lifecycle with quantum-safe management hardware
HPE has integrated post-quantum cryptography into its latest iLO management controllers to protect server firmware against future threats. The Gen12 hardware utilizes NIST-standardized algorithms, specifically Leighton-Micali Signatures and Module-Lattice-Based Digital Signature Algorithm, to secure the boot process. These mathematical approaches are designed to resist decryption attempts from quantum computers, addressing the "save now, decrypt later" strategy used by some adversaries.

Source

FBI and Google dismantle NetNut proxy botnet hiding in smart TVs

FBI and Google dismantle NetNut proxy botnet hiding in smart TVs
The FBI and Google coordinated a global operation to disrupt NetNut, a massive residential proxy network that co-opted over two million consumer devices. This network, also tracked as the Popa botnet, primarily targeted Android-based smart TVs and streaming boxes through deceptive software development kits. These SDKs were often bundled into unofficial apps or inexpensive hardware, turning home internet connections into exit nodes for third-party traffic without meaningful user consent.

Source

Research by Check Point reveals that automated AI tools have high false positive rates

Research by Check Point reveals that automated AI tools have high false positive rates
Cybersecurity teams are experiencing a massive surge in security alerts as attackers utilize automated AI tools to scan for vulnerabilities at scale. Research from Check Point Software indicates that the proportion of critical risks has jumped from 18.7% to 42.6% within a single year. This rapid escalation has created an exposure gap where the volume of incoming reports far exceeds the manual assessment capacity of security personnel.

Source

PamStealer is a new type of of macOS malware

PamStealer is a new type of of macOS malware
A new macOS infostealer named PamStealer is targeting users by masquerading as the legitimate open-source clipboard manager Maccy. The infection begins when a victim downloads a malicious disk image from a fraudulent website designed to mimic the official project page. This initial stage utilizes a clever AppleScript wrapper that executes hidden JavaScript for Automation to retrieve the final payload.

Source

Google Cloud developer billed thousands despite automated account hijack warning

Google Cloud developer billed thousands despite automated account hijack warning
A developer faced over $11,000 in fraudulent charges after a compromised Firebase service account key triggered massive Gemini AI image-generation activity. Although Google’s automated systems suspended the account for abusive activity consistent with a hijack, the company’s billing department refused to waive the debt. The victim followed all recommended remediation steps, yet remains financially liable for the usage that occurred during the 48-hour breach.

Source

Fedora 45 proposes hardware-enforced shadow stacks to block ROP exploits

Fedora 45 proposes hardware-enforced shadow stacks to block ROP exploits
Fedora 45 is considering a proposal to enable x86_64 Shadow Stack protection by default to enhance system security on modern processors. This hardware-assisted feature creates a hidden, isolated stack to store copies of return addresses for verification during function calls. By comparing these copies against the primary stack, the CPU can detect and block Return-Oriented Programming (ROP) attacks that attempt to hijack control flow.

Source

Court documents reveal how Anthropic AI ethics sparked government clash

Court documents reveal how Anthropic AI ethics sparked government clash
Newly released court documents detail a significant legal and ethical confrontation between Anthropic and the Pentagon regarding the military application of the Claude AI model. The dispute originated when Anthropic attempted to impose strict guardrails prohibiting its technology from being used for domestic surveillance or fully autonomous lethal weapons systems. Defense Department officials rejected these limitations, asserting that the military requires total flexibility to utilize artificial intelligence for all lawful national security operations.

Source

Cisco Live Protect uses eBPF to shield Nexus switches without reboots

Cisco Live Protect uses eBPF to shield Nexus switches without reboots
Cisco has introduced Live Protect for its Nexus infrastructure to address the critical "patching gap" that occurs between vulnerability discovery and software updates. This new feature allows data center operators to deploy real-time shields that mitigate specific security risks without requiring system reboots or scheduled downtime. By providing immediate protection against zero-day exploits, the solution helps maintain operational uptime while security teams prepare permanent software fixes.

Source

Microsoft Purview unifies insider risk alerts and user context for faster triage

Microsoft Purview unifies insider risk alerts and user context for faster triage
Microsoft has introduced a unified alert experience for Purview Insider Risk Management to streamline how security teams investigate potential internal threats. This update consolidates classic alerts and agent-generated insights into a single queue, eliminating the need to toggle between different views. Analysts can now preview AI-generated summaries and user details directly from the primary list to prioritize high-risk activities more effectively.

Source

Cloudflare to block AI training crawlers by default on ad-supported sites

Cloudflare to block AI training crawlers by default on ad-supported sites
Cloudflare has announced a significant policy shift that will block "mixed-use" web crawlers from ad-supported pages by default starting September 15, 2026. This change targets bots that combine traditional search indexing with AI training or agentic functions, forcing providers to separate these activities. The update applies to all new Cloudflare customers, new sites from existing customers, and all users on the Free service tier.

Source

US government got hacked

US government got hacked
The Department of Homeland Security is investigating a significant breach of its Homeland Security Information Network (HSIN). This platform serves as a critical hub for federal, state, and local agencies to coordinate emergency responses and share sensitive intelligence. The unauthorized access reportedly occurred between late May and early June, potentially compromising data used for major event planning.

Source

Autonomous AI agent JADEPUFFER automates end-to-end database ransomware attack

Autonomous AI agent JADEPUFFER automates end-to-end database ransomware attack
A newly discovered threat actor named JADEPUFFER has conducted what researchers believe is the first fully autonomous ransomware attack driven by an AI agent. The operation exploited CVE-2025-3248, a remote code execution vulnerability in Langflow, an open-source framework used to design large language model workflows. Once inside the environment, the AI agent performed reconnaissance, harvested cloud and API credentials, and established persistence without human intervention.

Source

Google tests camera-based hand gesture reCAPTCHA to verify human users

Google tests camera-based hand gesture reCAPTCHA to verify human users
Google is testing a new reCAPTCHA verification method that requires users to perform hand gestures in front of their webcams. The system utilizes machine learning to map 21 specific coordinates on the hand, including finger joints and palm geometry, to ensure a live person is present. This experimental feature is designed to combat automated fraud such as credential stuffing and bulk account creation by implementing liveness detection.

Source

Google Chrome terminates Manifest V2 support in version 150

Google Chrome terminates Manifest V2 support in version 150
Google Chrome version 150 has officially removed support for Manifest V2 extensions, effectively disabling older ad blockers and tools. While initial expectations suggested this change would arrive with version 151, the transition occurred earlier than anticipated. This shift forces users to adopt Manifest V3 alternatives or seek different browser platforms to maintain specific extension functionalities.

Source

Microsoft sets October 2026 support deadline for Windows 11 24H2 consumer editions

Microsoft sets October 2026 support deadline for Windows 11 24H2 consumer editions
Microsoft has announced that Windows 11 version 24H2 Home and Pro editions will reach the end of servicing on October 13, 2026. After this date, these specific versions will no longer receive monthly security updates, technical support, or fixes for known issues. Systems running these editions must transition to a newer release to remain protected against emerging security threats.

Source

Windows 11 version 26H2 enters testing as Kerberos hardening reaches final phase

Windows 11 version 26H2 enters testing as Kerberos hardening reaches final phase
Microsoft has launched Windows 11 version 26H2 for early validation through the Windows Insider Program, utilizing an enablement package for streamlined deployment. This update coincides with the general availability of point-in-time restore, a recovery feature that allows users to roll back devices to a previous state within minutes. Additionally, the Intune Enterprise Application Management platform now supports auto-updates, enabling managed applications to transition between incremental releases without manual admin intervention.

Source

Managing local administrator passwords with Windows LAPS and Microsoft Intune

Managing local administrator passwords with Windows LAPS and Microsoft Intune
Microsoft Intune now integrates with the Windows Local Administrator Password Solution (LAPS) to manage local account security on enrolled devices. This integration utilizes the Windows LAPS Configuration Service Provider (CSP) to automate the management of local administrator accounts. Administrators can use these policies to enforce complex password requirements and ensure that local credentials are not reused across the fleet.

Source

Palantir CEO Alex Karp slams closed-weight AI providers OpenAI and Anthropic

Palantir CEO Alex Karp slams closed-weight AI providers OpenAI and Anthropic
Palantir CEO Alex Karp has launched a scathing critique of the AI industry, labeling the current trajectory of Silicon Valley’s leading labs as "effing insane." He argues that enterprise customers are becoming increasingly livid over token-based pricing models that burn through budgets without delivering tangible business value. According to Karp, these proprietary systems act as a "wealth tax" that exploits corporate resources while failing to respect the operational needs of American business.

Source

❌