What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-12-19 17:35:09 | SSH protège les réseaux les plus sensibles du monde.Ça devient beaucoup plus faible SSH protects the world\\'s most sensitive networks. It just got a lot weaker (lien direct) |
La nouvelle attaque de Terrapin utilise la troncature préfixe pour rétrograder la sécurité des canaux SSH.
Novel Terrapin attack uses prefix truncation to downgrade the security of SSH channels. |
Vulnerability | ★★★★ | |
|
2023-12-13 15:21:27 | Dans quelle mesure devrions-nous nous inquiéter de la fuite d'identification «AutoSpill» dans les gestionnaires de mots de passe Android? How worried should we be about the “AutoSpill” credential leak in Android password managers? (lien direct) |
Cette vulnérabilité nouvellement découverte est réelle, mais elle est plus nuancée que cela.
This newly discovered vulnerability is real, but it\'s more nuanced than that. |
Vulnerability Mobile | ★★ | |
|
2023-09-07 22:47:27 | Apple Patches «Clickless» Vulnérabilité de traitement d'image de 0 jour dans iOS, macOS Apple patches “clickless” 0-day image processing vulnerability in iOS, macOS (lien direct) |
Le bug "BlastPass" peut installer des logiciels malveillants sans interaction utilisateur.
"BLASTPASS" bug can install malware without user interaction. |
Malware Vulnerability | LastPass | ★★ |
|
2023-03-22 15:29:06 | La capture d'écran "Acropalypse" Android se transforme en une vulnérabilité Windows de 0 jour [“Acropalypse” Android screenshot bug turns into a 0-day Windows vulnerability] (lien direct) | Le bug non corrigé peut être exploité avec des versions modifiées des scripts Android.
Unpatched bug can be exploited with modified versions of the Android scripts. |
Vulnerability | ★★★★ | |
|
2022-06-04 15:14:24 | An actively exploited Microsoft 0-day flaw still doesn\'t have a patch (lien direct) | Microsoft downplays severity of vulnerability in all supported versions of Windows. | Vulnerability | ||
|
2022-05-12 20:51:07 | (Déjà vu) Zyxel silently patches command-injection vulnerability with 9.8 severity rating (lien direct) | Flaw makes it possible to install web shell to maintain control of affected devices. | Vulnerability | ||
|
2022-05-09 20:46:49 | Hackers are actively exploiting BIG-IP vulnerability with a 9.8 severity rating (lien direct) | Flaw in widely used gear from F5 executes root commands, no password necessary. | Vulnerability | ★★★★ | |
|
2022-05-03 21:15:39 | Gear from Netgear, Linksys, and 200 others has unpatched DNS poisoning flaw (lien direct) | Vulnerability in 3rd-party libraries can send devices users to malicious sites. | Vulnerability | ||
|
2022-04-05 00:14:44 | Zyxel patches critical vulnerability that can allow Firewall and VPN hijacks (lien direct) | Hackers can exploit authentication bypass flaw to gain administrative control. | Vulnerability | ||
|
2022-04-02 00:33:07 | Explaining Spring4Shell: The Internet security disaster that wasn\'t (lien direct) | Vulnerability in the Spring Java Framework is important, but it's no Log4Shell. | Vulnerability | ||
|
2022-02-11 19:07:07 | Apple fixes Mac battery drain, WebKit vulnerability in software updates (lien direct) | There's also a minor watchOS update today. | Vulnerability | ||
|
2022-01-24 23:20:39 | Dark Souls servers taken down following discovery of critical vulnerability (lien direct) | No interaction required. "I didn't even know that shit was possible," pwned player says. | Vulnerability | ||
|
2022-01-06 14:59:34 | 5 months on, Apple has yet to fix iOS bug that sends devices into a crash spiral (lien direct) | Denial-of-service vulnerability can be triggered by sending a malicious HomeKit invite. | Vulnerability | ||
|
2021-12-15 21:40:54 | Patch fixing critical Log4J 0-day has its own vulnerability that\'s under exploit (lien direct) | If you've patched using Log4J 2.15.0, it's time to update again. Stat! | Vulnerability | ||
|
2021-12-10 18:44:13 | The Internet\'s biggest players are all affected by critical Log4Shell 0-day (lien direct) | Seeing is believing. Critical Log4j vulnerability is an Internet-wide threat. | Vulnerability | ||
|
2021-12-10 04:35:22 | Minecraft and other apps face serious threat from Log4j code execution bug (lien direct) | Vulnerability in Log4j could pose a threat to all kinds of open source apps. | Vulnerability Threat | ||
|
2021-12-01 13:24:20 | Thousands of AT&T customers in the US infected by new data-stealing malware (lien direct) | Malware exploits 2017 vulnerability in a widely used network edge device. | Malware Vulnerability | ||
|
2019-05-14 18:10:05 | New speculative execution bug leaks data from Intel chips\' internal buffers (lien direct) | Intel-specific vulnerability was found by researchers both inside and outside the company. | Vulnerability |
1
We have: 18 articles.
We have: 18 articles.
To see everything:
Our RSS (filtrered)
