This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T12:05:07+00:00 www.secnews.physaphae.fr Bleeping Computer - Magazine Américain Ascension, one of the largest private healthcare systems in the United States, has revealed that a data breach disclosed last month affects the personal and healthcare information of over 430,000 patients. [...]]]> 2025-05-09T14:48:15+00:00 https://www.bleepingcomputer.com/news/security/ascension-says-recent-data-breach-affects-over-430-000-patients/ www.secnews.physaphae.fr/article.php?IdArticle=8673808 False Data Breach,Medical None None Bleeping Computer - Magazine Américain The FBI warns that threat actors are deploying malware on end-of-life (EoL) routers to convert them into proxies sold on the 5Socks and Anyproxy networks. [...]]]> 2025-05-08T18:15:39+00:00 https://www.bleepingcomputer.com/news/security/fbi-end-of-life-routers-hacked-for-cybercrime-proxy-networks/ www.secnews.physaphae.fr/article.php?IdArticle=8673429 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain An npm package named \'rand-user-agent\' has been compromised in a supply chain attack to inject obfuscated code that activates a remote access trojan (RAT) on the user\'s system. [...]]]> 2025-05-08T15:03:24+00:00 https://www.bleepingcomputer.com/news/security/supply-chain-attack-hits-npm-package-with-45-000-weekly-downloads/ www.secnews.physaphae.fr/article.php?IdArticle=8673394 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A malicious Python package targeting Discord developers with remote access trojan (RAT) malware was spotted on the Python Package Index (PyPI) after more than three years. [...]]]> 2025-05-08T14:51:14+00:00 https://www.bleepingcomputer.com/news/security/malicious-pypi-package-hides-rat-malware-targets-discord-devs-since-2022/ www.secnews.physaphae.fr/article.php?IdArticle=8673352 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Venture capital firm Insight Partners has confirmed that sensitive data for employees and limited partners was stolen in a January 2025 cyberattack. [...]]]> 2025-05-08T11:01:39+00:00 https://www.bleepingcomputer.com/news/security/vc-giant-insight-partners-confirms-investor-data-stolen-in-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8673264 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Since the start of the year, the Russian state-backed ColdRiver hacking group has been using new LostKeys malware to steal files in espionage attacks targeting Western governments, journalists, think tanks, and non-governmental organizations. [...]]]> 2025-05-08T09:39:15+00:00 https://www.bleepingcomputer.com/news/security/google-links-new-lostkeys-data-theft-malware-to-russian-cyberspies/ www.secnews.physaphae.fr/article.php?IdArticle=8673236 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain The LockBit ransomware gang has suffered a data breach after its dark web affiliate panels were defaced and replaced with a message linking to a MySQL database dump. [...]]]> 2025-05-07T20:06:32+00:00 https://www.bleepingcomputer.com/news/security/lockbit-ransomware-gang-hacked-victim-negotiations-exposed/ www.secnews.physaphae.fr/article.php?IdArticle=8672984 False Ransomware,Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain PowerSchool is warning that the hacker behind its December cyberattack is now individually extorting schools, threatening to release the previously stolen student and teacher data if a ransom is not paid. [...]]]> 2025-05-07T14:25:39+00:00 https://www.bleepingcomputer.com/news/security/powerschool-hacker-now-extorting-individual-school-districts/ www.secnews.physaphae.fr/article.php?IdArticle=8672894 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain The Play ransomware gang has exploited a high-severity Windows Common Log File System flaw in zero-day attacks to gain SYSTEM privileges and deploy malware on compromised systems. [...]]]> 2025-05-07T10:45:19+00:00 https://www.bleepingcomputer.com/news/security/play-ransomware-exploited-windows-logging-flaw-in-zero-day-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8672809 False Ransomware,Malware,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A U.S. federal jury has ordered Israeli spyware vendor NSO Group to pay WhatsApp $167,254,000 in punitive damages and $444,719 in compensatory damages for a 2019 campaign that targeted 1,400 users of the communication app. [...]]]> 2025-05-07T10:09:33+00:00 https://www.bleepingcomputer.com/news/legal/nso-group-fined-167m-for-spyware-attacks-on-1-400-whatsapp-users/ www.secnews.physaphae.fr/article.php?IdArticle=8672781 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Passwords alone aren\'t cutting it-31% of breaches involve stolen credentials. Learn from Specops Software about how Universal 2nd Factor (U2F) and strong password policies can work together to keep your organization secure. [...]]]> 2025-05-07T10:02:12+00:00 https://www.bleepingcomputer.com/news/security/doubling-down-how-universal-2nd-factor-u2f-boosts-online-security/ www.secnews.physaphae.fr/article.php?IdArticle=8672782 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers are exploiting an unauthenticated remote code execution (RCE) vulnerability in the Samsung MagicINFO 9 Server to hijack devices and deploy malware. [...]]]> 2025-05-06T13:10:23+00:00 https://www.bleepingcomputer.com/news/security/samsung-magicinfo-9-server-rce-flaw-now-exploited-in-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8672397 False Malware,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has tagged a Langflow remote code execution vulnerability as actively exploited, urging organizations to apply security updates and mitigations as soon as possible. [...]]]> 2025-05-06T12:05:10+00:00 https://www.bleepingcomputer.com/news/security/critical-langflow-rce-flaw-exploited-to-hack-ai-app-servers/ www.secnews.physaphae.fr/article.php?IdArticle=8672356 False Hack,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain You can\'t protect what you can\'t see. From shadow IT to supplier risk, modern attack surfaces are sprawling fast - and External Attack Surface Management (EASM) is how security teams take back control. Learn from Outpost24 how EASM powers proactive digital risk protection. [...]]]> 2025-05-06T10:01:11+00:00 https://www.bleepingcomputer.com/news/security/why-easm-is-vital-to-modern-digital-risk-protection/ www.secnews.physaphae.fr/article.php?IdArticle=8672309 False None None 4.0000000000000000 Bleeping Computer - Magazine Américain Google has released the May 2025 security updates for Android with fixes for 45 security flaws, including an actively exploited zero-click FreeType 2 code execution vulnerability. [...]]]> 2025-05-06T09:33:38+00:00 https://www.bleepingcomputer.com/news/security/google-fixes-actively-exploited-freetype-flaw-on-android/ www.secnews.physaphae.fr/article.php?IdArticle=8672310 False Vulnerability,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain A supply-chain attack targets Linux servers with disk-wiping malware hidden in Golang modules published on GitHub. [...]]]> 2025-05-06T05:13:16+00:00 https://www.bleepingcomputer.com/news/security/linux-wiper-malware-hidden-in-malicious-go-modules-on-github/ www.secnews.physaphae.fr/article.php?IdArticle=8672212 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain The data-theft extortion group known as Luna Moth, aka Silent Ransom Group, has ramped up callback phishing campaigns in attacks on legal and financial institutions in the United States. [...]]]> 2025-05-05T18:19:42+00:00 https://www.bleepingcomputer.com/news/security/luna-moth-extortion-hackers-pose-as-it-help-desks-to-breach-us-firms/ www.secnews.physaphae.fr/article.php?IdArticle=8672034 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain A new "Bring Your Own Installer" EDR bypass technique is exploited in attacks to bypass SentinelOne\'s tamper protection feature, allowing threat actors to disable endpoint detection and response (EDR) agents to install the Babuk ransomware. [...]]]> 2025-05-05T16:28:34+00:00 https://www.bleepingcomputer.com/news/security/new-bring-your-own-installer-edr-bypass-used-in-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8671996 False Ransomware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain TeleMessage, an Israeli company that sells an unofficial Signal message archiving tool used by some U.S. government officials, has suspended all services after reportedly being hacked. [...]]]> 2025-05-05T15:11:17+00:00 https://www.bleepingcomputer.com/news/security/unofficial-signal-app-used-by-trump-officials-investigates-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8671977 False Hack,Tool None 2.0000000000000000 Bleeping Computer - Magazine Américain Following three high-profile cyberattacks impacting major UK retailers, the country\'s National Cyber Security Centre (NCSC) has published guidance that all companies are advised to follow to strengthen their cybersecurity defenses. [...]]]> 2025-05-05T11:19:18+00:00 https://www.bleepingcomputer.com/news/security/uk-shares-security-tips-after-major-retail-cyberattacks/ www.secnews.physaphae.fr/article.php?IdArticle=8671891 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain The creators of StealC, a widely-used information stealer and malware downloader, have released its second major version, bringing multiple stealth and data theft enhancements. [...]]]> 2025-05-04T10:11:21+00:00 https://www.bleepingcomputer.com/news/security/stealc-malware-enhanced-with-stealth-upgrades-and-data-theft-tools/ www.secnews.physaphae.fr/article.php?IdArticle=8671473 False Malware,Tool None 3.0000000000000000 Bleeping Computer - Magazine Américain Microsoft has announced that it will discontinue the password storage and autofill feature in the Authenticator app starting in July and will complete the deprecation in August 2025. [...]]]> 2025-05-03T10:16:26+00:00 https://www.bleepingcomputer.com/news/security/microsoft-ends-authenticator-password-autofill-moves-users-to-edge/ www.secnews.physaphae.fr/article.php?IdArticle=8671176 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain The Co-op cyberattack is far worse than initially reported, with the company now confirming that data was stolen for a significant number of current and past customers. [...]]]> 2025-05-02T15:52:50+00:00 https://www.bleepingcomputer.com/news/security/co-op-confirms-data-theft-after-dragonforce-ransomware-claims-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8670716 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain A supply chain attack involving 21 backdoored Magento extensions has compromised between 500 and 1,000 e-commerce stores, including one belonging to a $40 billion multinational. [...]]]> 2025-05-02T14:09:55+00:00 https://www.bleepingcomputer.com/news/security/magento-supply-chain-attack-compromises-hundreds-of-e-stores/ www.secnews.physaphae.fr/article.php?IdArticle=8670693 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain The United Kingdom\'s National Cyber Security Centre warned that ongoing cyberattacks impacting multiple UK retail chains should be taken as a "wake-up call." [...]]]> 2025-05-02T09:57:31+00:00 https://www.bleepingcomputer.com/news/security/uk-ncsc-cyberattacks-impacting-uk-retailers-are-a-wake-up-call/ www.secnews.physaphae.fr/article.php?IdArticle=8670590 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Microsoft has announced that all new Microsoft accounts will be "passwordless by default" to secure them against password attacks such as phishing, brute force, and credential stuffing. [...]]]> 2025-05-02T03:21:24+00:00 https://www.bleepingcomputer.com/news/microsoft/microsoft-makes-all-new-accounts-passwordless-by-default/ www.secnews.physaphae.fr/article.php?IdArticle=8670460 False None None 4.0000000000000000 Bleeping Computer - Magazine Américain A China-aligned APT threat actor named "TheWizards" abuses an IPv6 networking feature to launch adversary-in-the-middle (AitM) attacks that hijack software updates to install Windows malware. [...]]]> 2025-04-30T20:33:42+00:00 https://www.bleepingcomputer.com/news/security/hackers-abuse-ipv6-networking-feature-to-hijack-software-updates/ www.secnews.physaphae.fr/article.php?IdArticle=8670063 False Malware,Threat None 4.0000000000000000 Bleeping Computer - Magazine Américain A new malware campaign targeting WordPress sites employs a malicious plugin disguised as a security tool to trick users into installing and trusting it. [...]]]> 2025-04-30T17:05:46+00:00 https://www.bleepingcomputer.com/news/security/wordpress-plugin-disguised-as-a-security-tool-injects-backdoor/ www.secnews.physaphae.fr/article.php?IdArticle=8670045 False Malware,Tool None 2.0000000000000000 Bleeping Computer - Magazine Américain Commvault, a leading provider of data protection solutions, says a nation-state threat actor who breached its Azure environment didn\'t gain access to customer backup data. [...]]]> 2025-04-30T12:20:53+00:00 https://www.bleepingcomputer.com/news/security/commvault-says-recent-breach-didnt-impact-customer-backup-data/ www.secnews.physaphae.fr/article.php?IdArticle=8670007 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain British supermarket chain Co-op Food has confirmed to BleepingComputer via a statement that it has suffered limited operational disruption as it responds to a cyberattack. [...]]]> 2025-04-30T10:12:54+00:00 https://www.bleepingcomputer.com/news/security/uk-retailer-co-op-shuts-down-some-it-systems-after-hack-attempt/ www.secnews.physaphae.fr/article.php?IdArticle=8669968 False Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain ​Ascension, one of the largest private healthcare systems in the United States, is notifying patients that their personal and health information was stolen in a December 2024 data theft attack, which affected a former business partner. [...]]]> 2025-04-30T09:21:31+00:00 https://www.bleepingcomputer.com/news/security/ascension-discloses-new-data-breach-after-third-party-hacking-incident/ www.secnews.physaphae.fr/article.php?IdArticle=8669969 False Data Breach,Medical None 2.0000000000000000 Bleeping Computer - Magazine Américain South Korean mobile provider SK Telecom has announced free SIM card replacements to its 25 million mobile customers following a recent USIM data breach, but only 6 million cards are available through May. [...]]]> 2025-04-29T12:49:53+00:00 https://www.bleepingcomputer.com/news/security/sk-telecom-cyberattack-free-sim-replacements-for-25-million-customers/ www.secnews.physaphae.fr/article.php?IdArticle=8669552 False Data Breach,Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain Google\'s Threat Intelligence Group (GTIG) says attackers exploited 75 zero-day vulnerabilities in the wild last year, over 50% of which were linked to spyware attacks. [...]]]> 2025-04-29T06:00:00+00:00 https://www.bleepingcomputer.com/news/security/google-97-zero-days-exploited-in-2024-over-50-percent-in-spyware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8669519 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Ongoing outages at British retail giant Marks & Spencer are caused by a ransomware attack believed to be conducted by a hacking collective known as "Scattered Spider" BleepingComputer has learned from multiple sources. [...]]]> 2025-04-28T16:28:54+00:00 https://www.bleepingcomputer.com/news/security/marks-and-spencer-breach-linked-to-scattered-spider-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8669157 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain Hitachi Vantara, a subsidiary of Japanese multinational conglomerate Hitachi, was forced to take servers offline over the weekend to contain an Akira ransomware attack. [...]]]> 2025-04-28T15:39:09+00:00 https://www.bleepingcomputer.com/news/security/hitachi-vantara-takes-servers-offline-after-akira-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8669140 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain Employee benefits administration firm VeriSource Services is warning that a data breach exposed the personal information of four million people.  [...]]]> 2025-04-28T13:54:47+00:00 https://www.bleepingcomputer.com/news/security/verisource-now-says-february-data-breach-impacts-4-million-people/ www.secnews.physaphae.fr/article.php?IdArticle=8669096 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Coinbase has fixed a confusing bug in its account activity logs that caused users to think their credentials were compromised. [...]]]> 2025-04-27T14:21:15+00:00 https://www.bleepingcomputer.com/news/security/coinbase-fixes-2fa-log-error-making-people-think-they-were-hacked/ www.secnews.physaphae.fr/article.php?IdArticle=8668642 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Two vulnerabilities impacting Craft CMS were chained together in zero-day attacks to breach servers and steal data, with exploitation ongoing, according to CERT Orange Cyberdefense. [...]]]> 2025-04-25T15:44:35+00:00 https://www.bleepingcomputer.com/news/security/craft-cms-rce-exploit-chain-used-in-zero-day-attacks-to-steal-data/ www.secnews.physaphae.fr/article.php?IdArticle=8667814 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain African mobile giant MTN Group announced that a cybersecurity incident has compromised the personal information of some of its subscribers in certain countries. [...]]]> 2025-04-25T10:57:05+00:00 https://www.bleepingcomputer.com/news/security/mobile-provider-mtn-says-cyberattack-compromised-customer-data/ www.secnews.physaphae.fr/article.php?IdArticle=8667701 False Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain ​Baltimore City Public Schools notified tens of thousands of employees and students of a data breach following an incident in February when unknown attackers hacked into its network. [...]]]> 2025-04-25T10:06:23+00:00 https://www.bleepingcomputer.com/news/security/baltimore-city-public-schools-data-breach-affects-over-31-000-people/ www.secnews.physaphae.fr/article.php?IdArticle=8667678 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain In a recent espionage campaign, the infamous North Korean threat group Lazarus targeted multiple organizations in the software, IT, finance, and telecommunications sectors in South Korea. [...]]]> 2025-04-24T15:13:32+00:00 https://www.bleepingcomputer.com/news/security/lazarus-hackers-breach-six-companies-in-watering-hole-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8667329 False Threat APT 38 3.0000000000000000 Bleeping Computer - Magazine Américain ​A ransomware attack in January at Frederick Health Medical Group, a major healthcare provider in Maryland, has led to a data breach affecting nearly one million patients. [...]]]> 2025-04-24T12:19:14+00:00 https://www.bleepingcomputer.com/news/security/frederick-health-data-breach-impacts-nearly-1-million-patients/ www.secnews.physaphae.fr/article.php?IdArticle=8667270 False Ransomware,Data Breach,Medical None 3.0000000000000000 Bleeping Computer - Magazine Américain Microsoft announced an increase in bug bounty payouts to $30,000 for AI vulnerabilities found in Dynamics 365 and Power Platform services and products. [...]]]> 2025-04-24T11:06:59+00:00 https://www.bleepingcomputer.com/news/microsoft/microsoft-now-pays-up-to-30-000-for-some-ai-vulnerabilities/ www.secnews.physaphae.fr/article.php?IdArticle=8667240 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Microsoft announced an increase in bug bounty payouts to $30,000 for AI vulnerabilities found in Dynamics 365 and Power Platform services and products. [...]]]> 2025-04-24T11:06:59+00:00 https://www.bleepingcomputer.com/news/microsoft/Microsoft now pays up to $30,000 for some AI vulnerabilities/ www.secnews.physaphae.fr/article.php?IdArticle=8667210 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain The Interlock ransomware gang has claimed the cyberattack on DaVita kidney dialysis firm and leaked data allegedly stolen from the organization. [...]]]> 2025-04-24T10:59:00+00:00 https://www.bleepingcomputer.com/news/security/interlock-ransomware-claims-davita-attack-leaks-stolen-data/ www.secnews.physaphae.fr/article.php?IdArticle=8667211 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain Yale New Haven Health (YNHHS) is warning that threat actors stole the personal data of 5.5 million patients in a cyberattack earlier this month. [...]]]> 2025-04-24T10:12:24+00:00 https://www.bleepingcomputer.com/news/security/yale-new-haven-health-data-breach-affects-55-million-patients/ www.secnews.physaphae.fr/article.php?IdArticle=8667212 False Data Breach,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A new Android malware has been discovered hidden inside trojanized versions of the Alpine Quest mapping app, which is reportedly used by Russian soldiers as part of war zone operational planning. [...]]]> 2025-04-23T14:30:17+00:00 https://www.bleepingcomputer.com/news/security/russian-army-targeted-by-new-android-malware-hidden-in-mapping-app/ www.secnews.physaphae.fr/article.php?IdArticle=8666788 False Malware,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Blue Shield of California disclosed it suffered a data breach after exposing protected health information of 4.7 million members to Google\'s analytics and advertisement platforms. [...]]]> 2025-04-23T11:38:37+00:00 https://www.bleepingcomputer.com/news/security/blue-shield-of-california-leaked-health-data-of-47-million-members-to-google/ www.secnews.physaphae.fr/article.php?IdArticle=8666714 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain Phishing attacks now evade email filters, proxies, and MFA - making every attack feel like a zero-day. This article from Push Security breaks down why detection is failing and how real-time, in-browser analysis can help turn the tide. [...]]]> 2025-04-23T10:02:12+00:00 https://www.bleepingcomputer.com/news/security/phishing-detection-is-broken-why-most-attacks-feel-like-a-zero-day/ www.secnews.physaphae.fr/article.php?IdArticle=8666689 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain South Korea\'s largest mobile operator, SK Telecom, is warning that a malware infection allowed threat actors to access sensitive USIM-related information for customers. [...]]]> 2025-04-22T14:26:59+00:00 https://www.bleepingcomputer.com/news/security/sk-telecom-warns-customer-usim-data-exposed-in-malware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8666284 False Malware,Threat,Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain The recommended Ripple cryptocurrency NPM JavaScript library named "xrpl.js" was compromised to steal XRP wallet seeds and private keys and transfer them to an attacker-controlled server, allowing threat actors to steal all the funds stored in the wallets. [...]]]> 2025-04-22T12:45:04+00:00 https://www.bleepingcomputer.com/news/security/ripples-recommended-xrp-library-xrpljs-hacked-to-steal-wallets/ www.secnews.physaphae.fr/article.php?IdArticle=8666239 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A proof-of-concept attack called "Cookie-Bite" uses a browser extension to steal browser session cookies from Azure Entra ID to bypass multi-factor authentication (MFA) protections and maintain access to cloud services like Microsoft 365, Outlook, and Teams. [...]]]> 2025-04-22T11:02:35+00:00 https://www.bleepingcomputer.com/news/security/cookie-bite-attack-poc-uses-chrome-extension-to-steal-session-tokens/ www.secnews.physaphae.fr/article.php?IdArticle=8666183 False Cloud None 3.0000000000000000 Bleeping Computer - Magazine Américain In a rather clever attack, hackers leveraged a weakness that allowed them to send a fake email that seemed delivered from Google\'s systems, passing all verifications but pointing to a fraudulent page that collected logins. [...]]]> 2025-04-20T13:31:13+00:00 https://www.bleepingcomputer.com/news/security/phishers-abuse-google-oauth-to-spoof-google-in-dkim-replay-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8665678 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain ClickFix attacks are being increasingly adopted by threat actors of all levels, with researchers now seeing multiple advanced persistent threat (APT) groups from North Korea, Iran, and Russia utilizing the tactic to breach networks. [...]]]> 2025-04-20T10:14:24+00:00 https://www.bleepingcomputer.com/news/security/state-sponsored-hackers-embrace-clickfix-social-engineering-tactic/ www.secnews.physaphae.fr/article.php?IdArticle=8665679 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain A new malware-as-a-service (MaaS) platform named \'SuperCard X\' has emerged, targeting Android devices via NFC relay attacks that enable point-of-sale and ATM transactions using compromised payment card data. [...]]]> 2025-04-19T11:17:28+00:00 https://www.bleepingcomputer.com/news/security/supercard-x-android-malware-use-stolen-cards-in-nfc-relay-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8665015 False Malware,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain The Interlock ransomware gang now uses ClickFix attacks that impersonate IT tools to breach corporate networks and deploy file-encrypting malware on devices. [...]]]> 2025-04-18T13:44:40+00:00 https://www.bleepingcomputer.com/news/security/interlock-ransomware-gang-pushes-fake-it-tools-in-clickfix-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8664573 False Ransomware,Malware,Tool None 3.0000000000000000 Bleeping Computer - Magazine Américain Chinese-speaking IronHusky hackers are targeting Russian and Mongolian government organizations using upgraded MysterySnail remote access trojan (RAT) malware. [...]]]> 2025-04-18T09:43:58+00:00 https://www.bleepingcomputer.com/news/security/chinese-hackers-target-russian-govt-with-upgraded-rat-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8664499 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers don\'t break in-they log in. Credential-based attacks now fuel nearly half of all breaches. Learn how to scan your Active Directory for compromised passwords and stop attackers before they strike. [...]]]> 2025-04-18T09:33:08+00:00 https://www.bleepingcomputer.com/news/security/7-steps-to-take-after-a-credential-based-cyberattack/ www.secnews.physaphae.fr/article.php?IdArticle=8664500 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Entertainment venue management firm Legends International warns it suffered a data breach in November 2024, which has impacted employees and people who visited venues under its management. [...]]]> 2025-04-17T16:51:18+00:00 https://www.bleepingcomputer.com/news/security/entertainment-services-giant-legends-international-discloses-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8664213 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain A Windows vulnerability that exposes NTLM hashes using .library-ms files is now actively exploited by hackers in phishing campaigns targeting government entities and private companies. [...]]]> 2025-04-17T15:20:39+00:00 https://www.bleepingcomputer.com/news/security/windows-ntlm-hash-leak-flaw-exploited-in-phishing-attacks-on-governments/ www.secnews.physaphae.fr/article.php?IdArticle=8664194 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Food retail giant Ahold Delhaize confirms that data was stolen from its U.S. business systems during a November 2024 cyberattack. [...]]]> 2025-04-17T10:49:09+00:00 https://www.bleepingcomputer.com/news/security/ahold-delhaize-confirms-data-theft-after-inc-ransomware-claims-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8664085 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain On Wednesday, CISA warned of heightened breach risks after the compromise of legacy Oracle Cloud servers earlier this year and highlighted the significant threat to enterprise networks. [...]]]> 2025-04-17T07:23:16+00:00 https://www.bleepingcomputer.com/news/security/cisa-warns-of-increased-breach-risks-following-oracle-cloud-leak/ www.secnews.physaphae.fr/article.php?IdArticle=8664015 False Threat,Cloud None 3.0000000000000000 Bleeping Computer - Magazine Américain Over 16,000 internet-exposed Fortinet devices have been detected as compromised with a new symlink backdoor that allows read-only access to sensitive files on previously compromised devices. [...]]]> 2025-04-16T16:47:04+00:00 https://www.bleepingcomputer.com/news/security/over-16-000-fortinet-devices-compromised-with-symlink-backdoor/ www.secnews.physaphae.fr/article.php?IdArticle=8663736 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Your dashboards say you\'re secure-but 41% of threats still get through. Picus Security\'s Adversarial Exposure Validation uncovers what your stack is missing with continuous attack simulations and automated pentesting. [...]]]> 2025-04-16T10:02:12+00:00 https://www.bleepingcomputer.com/news/security/41-percent-of-attacks-bypass-defenses-adversarial-exposure-validation-fixes-that/ www.secnews.physaphae.fr/article.php?IdArticle=8663575 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Russian state-sponsored espionage group Midnight Blizzard is behind a new spear-phishing campaign targeting diplomatic entities in Europe, including embassies. [...]]]> 2025-04-15T16:25:57+00:00 https://www.bleepingcomputer.com/news/security/midnight-blizzard-deploys-new-grapeloader-malware-in-embassy-phishing/ www.secnews.physaphae.fr/article.php?IdArticle=8663228 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Landmark Admin has issued an update to its investigation of a cyberattack it suffered in May 2024, increasing the number of impacted individuals to 1.6 million. [...]]]> 2025-04-15T14:33:57+00:00 https://www.bleepingcomputer.com/news/security/landmark-admin-data-breach-impact-now-reaches-16-million-people/ www.secnews.physaphae.fr/article.php?IdArticle=8663193 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain 4chan, a notorious online forum, was taken offline earlier today after what appears to be a significant hack and has since been loading intermittently. [...]]]> 2025-04-15T14:13:46+00:00 https://www.bleepingcomputer.com/news/security/infamous-message-board-4chan-taken-down-following-major-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8663194 False Hack None 3.0000000000000000 Bleeping Computer - Magazine Américain Google is rolling out a new security mechanism on Android devices that will automatically reboot locked, unused devices after three consecutive days of inactivity, restoring memory to an encrypted state. [...]]]> 2025-04-15T09:54:57+00:00 https://www.bleepingcomputer.com/news/security/google-adds-android-auto-reboot-to-block-forensic-data-extractions/ www.secnews.physaphae.fr/article.php?IdArticle=8663100 False Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Car rental giant Hertz Corporation warns it suffered a data breach after customer data for its Hertz, Thrifty, and Dollar brands was stolen in the Cleo zero-day data theft attacks. [...]]]> 2025-04-14T19:16:03+00:00 https://www.bleepingcomputer.com/news/security/hertz-confirms-customer-info-drivers-licenses-stolen-in-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8662867 False Data Breach,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A new remote access trojan (RAT) called \'ResolverRAT\' is being used against organizations globally, with the malware used in recent attacks targeting the healthcare and pharmaceutical sectors. [...]]]> 2025-04-14T12:40:23+00:00 https://www.bleepingcomputer.com/news/security/new-resolverrat-malware-targets-pharma-and-healthcare-orgs-worldwide/ www.secnews.physaphae.fr/article.php?IdArticle=8662760 False Malware,Medical None 3.0000000000000000 Bleeping Computer - Magazine Américain Kidney dialysis firm DaVita disclosed Monday it suffered a weekend ransomware attack that encrypted parts of its network and impacted some of its operations. [...]]]> 2025-04-14T10:20:25+00:00 https://www.bleepingcomputer.com/news/security/kidney-dialysis-firm-davita-hit-by-weekend-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8662720 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain Security shouldn\'t wait until the end of development. Wazuh brings real-time threat detection, compliance, and vulnerability scanning into your DevOps pipeline-powering a stronger DevSecOps strategy from day one. Learn more about how Wazuh can help secure your development cycle. [...]]]> 2025-04-14T10:01:11+00:00 https://www.bleepingcomputer.com/news/security/enhancing-your-devsecops-with-wazuh-the-open-source-xdr-platform/ www.secnews.physaphae.fr/article.php?IdArticle=8662721 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain OpenAI is working on yet another AI model, reportedly called GPT-4.1, a successor to GPT-4o. [...]]]> 2025-04-12T12:09:43+00:00 https://www.bleepingcomputer.com/news/artificial-intelligence/leak-confirms-openais-gpt-41-is-coming-before-gpt-50/ www.secnews.physaphae.fr/article.php?IdArticle=8662130 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Western Sydney University (WSU) announced two security incidents that exposed personal information belonging to members of its community. [...]]]> 2025-04-11T12:29:52+00:00 https://www.bleepingcomputer.com/news/security/western-sydney-university-discloses-security-breaches-data-leak/ www.secnews.physaphae.fr/article.php?IdArticle=8661800 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Fortinet warns that threat actors use a post-exploitation technique that helps them maintain read-only access to previously compromised FortiGate VPN devices even after the original attack vector was patched. [...]]]> 2025-04-11T12:08:54+00:00 https://www.bleepingcomputer.com/news/security/fortinet-hackers-retain-access-to-patched-fortigate-vpns-using-symlinks/ www.secnews.physaphae.fr/article.php?IdArticle=8661801 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Laboratory Services Cooperative (LSC) has released a statement informing it suffered a data breach where hackers stole sensitive information of roughly 1.6 million people from its systems. [...]]]> 2025-04-11T09:23:18+00:00 https://www.bleepingcomputer.com/news/security/us-lab-testing-provider-exposed-health-data-of-16-million-people/ www.secnews.physaphae.fr/article.php?IdArticle=8661751 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain Fourlis Group, the operator of IKEA stores in Greece, Cyprus, Romania, and Bulgaria, has informed that the ransomware attack it suffered just before Black Friday on November 27, 2024, caused losses estimated to €20 million ($22.8M). [...]]]> 2025-04-11T08:24:37+00:00 https://www.bleepingcomputer.com/news/security/ransomware-attack-cost-ikea-operator-in-eastern-europe-23-million/ www.secnews.physaphae.fr/article.php?IdArticle=8661729 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain The Russian state-backed hacking group Gamaredon (aka "Shuckworm") has been targeting a military mission of a Western country in Ukraine in attacks likely deployed from removable drives. [...]]]> 2025-04-10T10:23:04+00:00 https://www.bleepingcomputer.com/news/security/russian-hackers-attack-western-military-mission-using-malicious-drive/ www.secnews.physaphae.fr/article.php?IdArticle=8661405 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Sensata Technologies (known as Sensata) has suffered a ransomware attack last weekend that encrypted parts of the company network and disrupted operations. [...]]]> 2025-04-10T09:23:34+00:00 https://www.bleepingcomputer.com/news/security/sensata-technologies-hit-by-ransomware-attack-impacting-operations/ www.secnews.physaphae.fr/article.php?IdArticle=8661386 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain Oracle finally confirmed in email notifications sent to customers that a hacker stole and leaked credentials that were stolen from what it described as "two obsolete servers." [...]]]> 2025-04-09T15:12:51+00:00 https://www.bleepingcomputer.com/news/security/oracle-says-obsolete-servers-hacked-denies-cloud-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8661217 False Cloud None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers exploited a vulnerability in Gladinet CentreStack\'s secure file-sharing software as a zero-day since March to breach storage servers [...]]]> 2025-04-09T11:38:30+00:00 https://www.bleepingcomputer.com/news/security/centrestack-rce-exploited-as-zero-day-to-breach-file-sharing-servers/ www.secnews.physaphae.fr/article.php?IdArticle=8661172 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain In follow-up activity for Operation Endgame, law enforcement tracked down Smokeloader botnet\'s customers and detained at least five individuals. [...]]]> 2025-04-09T09:33:56+00:00 https://www.bleepingcomputer.com/news/security/police-detains-smokeloader-malware-customers-seizes-servers/ www.secnews.physaphae.fr/article.php?IdArticle=8661146 False Malware,Legislation None 3.0000000000000000 Bleeping Computer - Magazine Américain Threat actors are abusing SourceForge to distribute fake Microsoft add-ins that install malware on victims\' computers to both mine and steal cryptocurrency. [...]]]> 2025-04-08T16:53:33+00:00 https://www.bleepingcomputer.com/news/security/fake-microsoft-office-add-in-tools-push-malware-via-sourceforge/ www.secnews.physaphae.fr/article.php?IdArticle=8661012 False Malware,Tool,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Unknown attackers who breached the Treasury\'s Office of the Comptroller of the Currency (OCC) in June 2023 gained access to over 150,000 emails. [...]]]> 2025-04-08T13:29:23+00:00 https://www.bleepingcomputer.com/news/security/hackers-lurked-in-treasury-occs-systems-since-june-2023-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8660985 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain The dark web leak site of the Everest ransomware gang has apparently been hacked over the weekend by an unknown attacker and is now offline. [...]]]> 2025-04-07T14:30:26+00:00 https://www.bleepingcomputer.com/news/security/everest-ransomwares-dark-web-leak-site-defaced-now-offline/ www.secnews.physaphae.fr/article.php?IdArticle=8660797 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain Google has released patches for 62 vulnerabilities in Android\'s April 2025 security update, including two zero-days exploited in targeted attacks. [...]]]> 2025-04-07T13:55:51+00:00 https://www.bleepingcomputer.com/news/security/google-fixes-android-zero-days-exploited-in-attacks-60-other-flaws/ www.secnews.physaphae.fr/article.php?IdArticle=8660788 False Vulnerability,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain US food giant WK Kellogg Co is warning employees and vendors that company data was stolen during the 2024 Cleo data theft attacks. [...]]]> 2025-04-07T11:56:51+00:00 https://www.bleepingcomputer.com/news/security/food-giant-wk-kellogg-discloses-data-breach-linked-to-clop-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8660766 False Ransomware,Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Coinbase is fixing an incorrect account activity message that freaks out customers and makes them think their credentials were compromised. [...]]]> 2025-04-05T11:36:45+00:00 https://www.bleepingcomputer.com/news/security/coinbase-to-fix-2fa-account-activity-entry-freaking-out-users/ www.secnews.physaphae.fr/article.php?IdArticle=8660431 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain ​Port of Seattle, the U.S. government agency overseeing Seattle\'s seaport and airport, is notifying roughly 90,000 individuals of a data breach after their personal information was stolen in an August 2024 ransomware attack. [...]]]> 2025-04-04T13:26:38+00:00 https://www.bleepingcomputer.com/news/security/port-of-seattle-says-ransomware-breach-impacts-90-000-people/ www.secnews.physaphae.fr/article.php?IdArticle=8660288 False Ransomware,Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain A hacker breached the GitLab repositories of multinational car-rental company Europcar Mobility Group and stole source code for Android and iOS applications, as well as some personal information belonging to up to 200,000 users. [...]]]> 2025-04-04T10:07:21+00:00 https://www.bleepingcomputer.com/news/security/europcar-gitlab-breach-exposes-data-of-up-to-200-000-customers/ www.secnews.physaphae.fr/article.php?IdArticle=8660261 False Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Ivanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a China-linked espionage actor to deploy malware since at least mid-March 2025. [...]]]> 2025-04-03T13:43:34+00:00 https://www.bleepingcomputer.com/news/security/ivanti-patches-connect-secure-zero-day-exploited-since-mid-march/ www.secnews.physaphae.fr/article.php?IdArticle=8660092 False Malware,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain The State Bar of Texas is warning it suffered a data breach after the INC ransomware gang claimed to have breached the organization and began leaking samples of stolen data. [...]]]> 2025-04-03T11:43:17+00:00 https://www.bleepingcomputer.com/news/security/texas-state-bar-warns-of-data-breach-after-inc-ransomware-claims-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8660073 False Ransomware,Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain Oracle has finally acknowledged to some customers that attackers have stolen old client credentials after breaching a "legacy environment" last used in 2017. [...]]]> 2025-04-03T11:26:45+00:00 https://www.bleepingcomputer.com/news/security/oracle-privately-confirms-cloud-breach-to-customers/ www.secnews.physaphae.fr/article.php?IdArticle=8660074 False Cloud None 3.0000000000000000 Bleeping Computer - Magazine Américain A cascading supply chain attack on GitHub that targeted Coinbase in March has now been traced back to a single token stolen from a SpotBugs workflow, which allowed a threat actor to compromise multiple GitHub projects. [...]]]> 2025-04-03T10:46:50+00:00 https://www.bleepingcomputer.com/news/security/recent-github-supply-chain-attack-traced-to-leaked-spotbugs-token/ www.secnews.physaphae.fr/article.php?IdArticle=8660058 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain ​Royal Mail is investigating claims of a security breach after a threat actor leaked over 144GB of data allegedly stolen from the company\'s systems. [...]]]> 2025-04-02T12:34:08+00:00 https://www.bleepingcomputer.com/news/security/royal-mail-investigates-data-leak-claims-no-impact-on-operations/ www.secnews.physaphae.fr/article.php?IdArticle=8659876 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Most orgs only discover their security controls failed after a breach. With OnDefend\'s continuous validation, you can test, measure, and prove your defenses work-before attackers exploit blind spots. [...]]]> 2025-04-02T10:01:11+00:00 https://www.bleepingcomputer.com/news/security/the-reality-behind-security-control-failures-and-how-to-prevent-them/ www.secnews.physaphae.fr/article.php?IdArticle=8659856 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A new version of the Triada trojan has been discovered preinstalled on thousands of new Android devices, allowing threat actors to steal data as soon as they are set up. [...]]]> 2025-04-02T09:57:23+00:00 https://www.bleepingcomputer.com/news/security/counterfeit-android-devices-found-preloaded-with-triada-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8659836 False Malware,Threat,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain A RAR file, a fake summons, and a Nietzsche quote-all part of a multi-stage malware chain delivering DCRat & Rhadamanthys. Acronis TRU breaks down how attackers use VBS, batch, and PowerShell scripts to slip past defenses. [...]]]> 2025-04-01T13:30:00+00:00 https://www.bleepingcomputer.com/news/security/we-smell-a-dcrat-revealing-a-sophisticated-malware-delivery-chain/ www.secnews.physaphae.fr/article.php?IdArticle=8659666 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain A significant spike in scanning activity targeting Palo Alto Network GlobalProtect login portals has been observed, with researchers concerned it may be a prelude to an upcoming attack or flaw being exploited. [...]]]> 2025-04-01T10:31:00+00:00 https://www.bleepingcomputer.com/news/security/nearly-24-000-ips-behind-wave-of-palo-alto-global-protect-scans/ www.secnews.physaphae.fr/article.php?IdArticle=8659630 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A phishing-as-a-service (PhaaS) platform named \'Lucid\' has been targeting 169 entities in 88 countries using well-crafted messages sent on iMessage (iOS) and RCS (Android). [...]]]> 2025-03-31T14:49:00+00:00 https://www.bleepingcomputer.com/news/security/phishing-platform-lucid-behind-wave-of-ios-android-sms-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8659455 False Mobile None 3.0000000000000000