This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T16:38:41+00:00 www.secnews.physaphae.fr Bleeping Computer - Magazine Américain Chipmaking giant TSMC (Taiwan Semiconductor Manufacturing Company) denied being hacked after the LockBit ransomware gang demanded $70 million not to release stolen data. [...]]]> 2023-06-30T09:45:30+00:00 https://www.bleepingcomputer.com/news/security/tsmc-denies-lockbit-hack-as-ransomware-gang-demands-70-million/ www.secnews.physaphae.fr/article.php?IdArticle=8351015 False Ransomware,Hack None 3.0000000000000000 Bleeping Computer - Magazine Américain Security analysts have discovered a previously undocumented remote access trojan (RAT) named \'EarlyRAT,\' used by Andariel, a sub-group of the Lazarus North Korean state-sponsored hacking group. [...]]]> 2023-06-29T13:39:41+00:00 https://www.bleepingcomputer.com/news/security/new-earlyrat-malware-linked-to-north-korean-andariel-hacking-group/ www.secnews.physaphae.fr/article.php?IdArticle=8350710 False Malware APT 38 2.0000000000000000 Bleeping Computer - Magazine Américain Proton AG has announced the global availability of Proton Pass, an open-source and free-to-use password manager available as a browser extension or mobile app on Android and iOS.manager. [...]]]> 2023-06-29T10:56:35+00:00 https://www.bleepingcomputer.com/news/security/proton-launches-open-source-password-manager-with-some-limitations/ www.secnews.physaphae.fr/article.php?IdArticle=8350641 False General Information None 3.0000000000000000 Bleeping Computer - Magazine Américain OSINT-based CTI search engine Criminal IP has launched a bug bounty program aimed at strengthening the safety of its services and protecting its users. [...]]]> 2023-06-29T10:02:04+00:00 https://www.bleepingcomputer.com/news/security/criminal-ip-unveils-bug-bounty-program-to-boost-user-safety-security/ www.secnews.physaphae.fr/article.php?IdArticle=8350642 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain The NPM (Node Package Manager) registry suffers from a security lapse called "manifest confusion," which undermines the trustworthiness of packages and makes it possible for attackers to hide malware in dependencies or perform malicious script execution during installation. [...]]]> 2023-06-28T10:28:35+00:00 https://www.bleepingcomputer.com/news/security/npm-ecosystem-at-risk-from-manifest-confusion-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8350168 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Siemens Energy has confirmed that data was stolen during the recent Clop ransomware data-theft attacks using a zero-day vulnerability in the MOVEit Transfer platform. [...]]]> 2023-06-27T14:11:47+00:00 https://www.bleepingcomputer.com/news/security/siemens-energy-confirms-data-breach-after-moveit-data-theft-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8349845 False Ransomware,Data Breach,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain A new process injection technique named \'Mockingjay\' could allow threat actors to bypass EDR (Endpoint Detection and Response) and other security products to stealthily execute malicious code on compromised systems. [...]]]> 2023-06-27T09:00:00+00:00 https://www.bleepingcomputer.com/news/security/new-mockingjay-process-injection-technique-evades-edr-detection/ www.secnews.physaphae.fr/article.php?IdArticle=8349729 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain A new mobile malware campaign since March 2023 pushes the Android banking trojan \'Anatsa\' to online banking customers in the U.S., the U.K., Germany, Austria, and Switzerland. [...]]]> 2023-06-26T13:21:29+00:00 https://www.bleepingcomputer.com/news/security/anatsa-android-trojan-now-steals-banking-info-from-users-in-us-uk/ www.secnews.physaphae.fr/article.php?IdArticle=8349420 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Security researchers discovered a new malicious tool they named PindOS that delivers the Bumblebee and IcedID malware typically associated with ransomware attacks. [...]]]> 2023-06-26T12:39:22+00:00 https://www.bleepingcomputer.com/news/security/new-pindos-javascript-dropper-deploys-bumblebee-icedid-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8349421 False Ransomware,Malware,Tool None 2.0000000000000000 Bleeping Computer - Magazine Américain The New York City Department of Education (NYC DOE) says hackers stole documents containing the sensitive personal information of up to 45,000 students from its MOVEit Transfer server. [...]]]> 2023-06-26T12:15:39+00:00 https://www.bleepingcomputer.com/news/security/hackers-steal-data-of-45-000-new-york-city-students-in-moveit-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8349401 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A trojanized installer for a popular Super Mario Bros game has been infecting unsuspecting players with multiple Windows malware families. [...]]]> 2023-06-25T10:36:18+00:00 https://www.bleepingcomputer.com/news/security/trojanized-super-mario-game-used-to-install-windows-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8349359 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain LastPass password manager users have been experiencing significant login issues starting early May after being prompted to reset their authenticator apps.  [...]]]> 2023-06-24T10:15:30+00:00 https://www.bleepingcomputer.com/news/security/lastpass-users-furious-after-being-locked-out-due-to-mfa-resets/ www.secnews.physaphae.fr/article.php?IdArticle=8348921 False None LastPass,LastPass 2.0000000000000000 Bleeping Computer - Magazine Américain American Airlines and Southwest Airlines, two of the largest airlines in the world, disclosed data breaches on Friday caused by the hack of Pilot Credentials, a third-party vendor that manages multiple airlines\' pilot applications and recruitment portals. [...]]]> 2023-06-24T03:02:13+00:00 https://www.bleepingcomputer.com/news/security/american-airlines-southwest-airlines-disclose-data-breaches-affecting-pilots/ www.secnews.physaphae.fr/article.php?IdArticle=8348854 False Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain Today, CISA ordered federal agencies to patch recently patched security vulnerabilities exploited as zero-days to deploy Triangulation spyware on iPhones via iMessage zero-click exploits. [...]]]> 2023-06-23T14:06:38+00:00 https://www.bleepingcomputer.com/news/security/cisa-orders-agencies-to-patch-iphone-bugs-abused-in-spyware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8348606 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain PBI Research Services (PBI) has suffered a data breach with three clients disclosing that the data for 4.75 million people was stolen in the recent MOVEit Transfer data-theft attacks. [...]]]> 2023-06-23T11:06:33+00:00 https://www.bleepingcomputer.com/news/security/moveit-breach-impacts-genworth-calpers-as-data-for-32-million-exposed/ www.secnews.physaphae.fr/article.php?IdArticle=8348533 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Security researchers have found a simple way to deliver malware to an organization with Microsoft Teams, despite restrictions in the application for files from external sources. [...]]]> 2023-06-22T17:15:08+00:00 https://www.bleepingcomputer.com/news/security/microsoft-teams-bug-allows-malware-delivery-from-external-accounts/ www.secnews.physaphae.fr/article.php?IdArticle=8348263 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The U.S. National Security Agency (NSA) released today guidance on how to defend against BlackLotus UEFI bootkit malware attacks. [...]]]> 2023-06-22T16:50:44+00:00 https://www.bleepingcomputer.com/news/security/nsa-shares-tips-on-blocking-blacklotus-uefi-malware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8348237 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Car mount and mobile accessory maker iOttie warns that its site was compromised for almost two months to steal online shoppers\' credit cards and personal information. [...]]]> 2023-06-21T18:01:32+00:00 https://www.bleepingcomputer.com/news/security/iottie-discloses-data-breach-after-site-hacked-to-steal-credit-cards/ www.secnews.physaphae.fr/article.php?IdArticle=8347849 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain The North Korean APT37 hacking group uses a new \'FadeStealer\' information-stealing malware containing a \'wiretapping\' feature, allowing the threat actor to snoop and record from victims\' microphones. [...]]]> 2023-06-21T16:16:11+00:00 https://www.bleepingcomputer.com/news/security/apt37-hackers-deploy-new-fadestealer-eavesdropping-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8347834 False Malware,Threat APT 37,APT 37 2.0000000000000000 Bleeping Computer - Magazine Américain Apple addressed three new zero-day vulnerabilities exploited in attacks installing Triangulation spyware on iPhones via iMessage zero-click exploits. [...]]]> 2023-06-21T14:31:59+00:00 https://www.bleepingcomputer.com/news/apple/apple-fixes-zero-days-used-to-deploy-triangulation-spyware-via-imessage/ www.secnews.physaphae.fr/article.php?IdArticle=8347804 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Multinational shipping company UPS is alerting Canadian customers that some of their personal information might have been exposed via its online package look-up tools and abused in phishing attacks. [...]]]> 2023-06-21T13:43:49+00:00 https://www.bleepingcomputer.com/news/security/ups-discloses-data-breach-after-exposed-customer-info-used-in-sms-phishing/ www.secnews.physaphae.fr/article.php?IdArticle=8347779 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain The Chinese state-sponsored hacking group tracked as APT15 has been observed using a novel backdoor named \'Graphican\' in a new campaign between late 2022 and early 2023. [...]]]> 2023-06-21T06:00:00+00:00 https://www.bleepingcomputer.com/news/security/chinese-apt15-hackers-resurface-with-new-graphican-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8347642 False Malware APT 15,APT 15 3.0000000000000000 Bleeping Computer - Magazine Américain A new DDoS-as-a-Service botnet called "Condi" emerged in May 2023, exploiting a vulnerability in TP-Link Archer AX21 (AX1800) Wi-Fi routers to build an army of bots to conduct attacks. [...]]]> 2023-06-20T17:06:17+00:00 https://www.bleepingcomputer.com/news/security/new-condi-malware-builds-ddos-botnet-out-of-tp-link-ax21-routers/ www.secnews.physaphae.fr/article.php?IdArticle=8347473 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain The ransomware operation behind a cyberattack on the University of Manchester has begun to email students, warning that their data will soon be leaked after an extortion demand was not paid. [...]]]> 2023-06-20T16:17:11+00:00 https://www.bleepingcomputer.com/news/security/hackers-warn-university-of-manchester-students-of-imminent-data-leak/ www.secnews.physaphae.fr/article.php?IdArticle=8347474 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain An unknown threat actor is brute-forcing Linux SSH servers to install a wide range of malware, including the Tsunami DDoS (distributed denial of service) bot, ShellBot, log cleaners, privilege escalation tools, and an XMRig (Monero) coin miner. [...]]]> 2023-06-20T13:50:59+00:00 https://www.bleepingcomputer.com/news/security/hackers-infect-linux-ssh-servers-with-tsunami-botnet-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8347429 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A threat group tracked as APT28 and linked to Russia\'s General Staff Main Intelligence Directorate (GRU) has breached Roundcube email servers belonging to multiple Ukrainian organizations, including government entities. [...]]]> 2023-06-20T09:00:00+00:00 https://www.bleepingcomputer.com/news/security/russian-apt28-hackers-breach-ukrainian-govt-email-servers/ www.secnews.physaphae.fr/article.php?IdArticle=8347329 False Threat APT 28 2.0000000000000000 Bleeping Computer - Magazine Américain A cyberespionage and hacking campaign tracked as \'RedClouds\' uses the custom \'RDStealer\' malware to automatically steal data from drives shared through Remote Desktop connections. [...]]]> 2023-06-20T09:00:00+00:00 https://www.bleepingcomputer.com/news/security/new-rdstealer-malware-steals-from-drives-shared-over-remote-desktop/ www.secnews.physaphae.fr/article.php?IdArticle=8347328 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain More than 101,000 ChatGPT user accounts have been compromised by information stealers over the past year, according to dark web marketplace data. [...]]]> 2023-06-20T04:00:00+00:00 https://www.bleepingcomputer.com/news/security/over-100-000-chatgpt-accounts-stolen-via-info-stealing-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8347307 False Malware ChatGPT,ChatGPT 2.0000000000000000 Bleeping Computer - Magazine Américain Des Moines Public Schools, Iowa\'s largest school district, confirmed today that a ransomware attack was behind an incident that forced it to take all networked systems offline on January 9, 2023. [...]]]> 2023-06-19T16:16:36+00:00 https://www.bleepingcomputer.com/news/security/iowas-largest-school-district-confirms-ransomware-attack-data-theft/ www.secnews.physaphae.fr/article.php?IdArticle=8347117 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain A malware campaign is using fake OnlyFans content and adult lures to install a remote access trojan known as \'DcRAT,\' allowing threat actors to steal data and credentials or deploy ransomware on the infected device. [...]]]> 2023-06-19T13:14:23+00:00 https://www.bleepingcomputer.com/news/security/hackers-use-fake-onlyfans-pics-to-drop-info-stealing-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8347066 False Ransomware,Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Three Android apps on Google Play were used by state-sponsored threat actors to collect intelligence from targeted devices, such as location data and contact lists. [...]]]> 2023-06-19T11:22:50+00:00 https://www.bleepingcomputer.com/news/security/android-spyware-camouflaged-as-vpn-chat-apps-on-google-play/ www.secnews.physaphae.fr/article.php?IdArticle=8347034 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain The BlackCat (ALPHV) ransomware gang is behind a February cyberattack on Reddit, where the threat actors claim to have stolen 80GB of data from the company. [...]]]> 2023-06-18T12:01:03+00:00 https://www.bleepingcomputer.com/news/security/reddit-hackers-threaten-to-leak-data-stolen-in-february-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8346738 False Ransomware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain A new information-stealing malware named \'Mystic Stealer,\' has been promoted on hacking forums and darknet markets since April 2023, quickly gaining traction in the cybercrime community. [...]]]> 2023-06-18T11:14:07+00:00 https://www.bleepingcomputer.com/news/security/new-mystic-stealer-malware-increasingly-used-in-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8346703 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The U.S. State Department\'s Rewards for Justice program announced up to a $10 million bounty yesterday for information linking the Clop ransomware attacks to a foreign government. [...]]]> 2023-06-17T16:06:22+00:00 https://www.bleepingcomputer.com/news/security/us-govt-offers-10-million-bounty-for-info-on-clop-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8346527 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain A team of university researchers has devised a new side-channel attack named \'Freaky Leaky SMS,\' which relies on the timing of SMS delivery reports to deduce a recipient\'s location. [...]]]> 2023-06-17T10:07:14+00:00 https://www.bleepingcomputer.com/news/security/sms-delivery-reports-can-be-used-to-infer-recipients-location/ www.secnews.physaphae.fr/article.php?IdArticle=8346509 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain The Windows 11 22H2 KB5027231 cumulative update released during this month\'s Patch Tuesday also breaks Google Chrome on systems protected by Cisco and WatchGuard EDR and antivirus solutions. [...]]]> 2023-06-16T12:56:21+00:00 https://www.bleepingcomputer.com/news/microsoft/windows-11-kb5027231-also-breaks-chrome-for-cisco-watchguard-edr-users/ www.secnews.physaphae.fr/article.php?IdArticle=8346248 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Louisiana and Oregon warn that millions of driver\'s licenses were exposed in a data breach after a ransomware gang hacked their MOVEit Transfer security file transfer systems to steal stored data. [...]]]> 2023-06-16T10:28:13+00:00 https://www.bleepingcomputer.com/news/security/millions-of-oregon-louisiana-state-ids-stolen-in-moveit-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8346197 False Ransomware,Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain A new Android malware campaign spreading the latest version of GravityRAT has been underway since August 2022, infecting mobile devices with a trojanized chat app named \'BingeChat,\' which attempts to steal data from victims\' devices. [...]]]> 2023-06-15T12:10:17+00:00 https://www.bleepingcomputer.com/news/security/android-gravityrat-malware-now-steals-your-whatsapp-backups/ www.secnews.physaphae.fr/article.php?IdArticle=8345811 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The Clop ransomware gang has started extorting companies impacted by the MOVEit data theft attacks by listing them on a data leak site, a common extortion tactic used as a precursor for the public leaking of stolen data. [...]]]> 2023-06-15T11:39:03+00:00 https://www.bleepingcomputer.com/news/security/clop-ransomware-gang-starts-extorting-moveit-data-theft-victims/ www.secnews.physaphae.fr/article.php?IdArticle=8345789 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain The Russian state-sponsored hacking group Gamaredon (aka Armageddon, or Shuckworm) continues to target critical organizations in Ukraine\'s military and security intelligence sectors, employing a refreshed toolset and new infection tactics. [...]]]> 2023-06-15T06:00:00+00:00 https://www.bleepingcomputer.com/news/security/russian-hackers-use-powershell-usb-malware-to-drop-backdoors/ www.secnews.physaphae.fr/article.php?IdArticle=8345745 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain A new ChromeLoader campaign is underway, infecting visitors of warez and pirated movie sites with a new variant of the search hijacker and adware browser extension named Shampoo. [...]]]> 2023-06-14T13:56:33+00:00 https://www.bleepingcomputer.com/news/security/new-shampoo-chromeloader-malware-pushed-via-fake-warez-sites/ www.secnews.physaphae.fr/article.php?IdArticle=8345437 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain The Chinese threat group \'ChamelGang\' infects Linux devices with a previously unknown implant named \'ChamelDoH,\' allowing DNS-over-HTTPS communications with attackers\' servers. [...]]]> 2023-06-14T13:01:08+00:00 https://www.bleepingcomputer.com/news/security/chinese-hackers-use-dns-over-https-for-linux-malware-communication/ www.secnews.physaphae.fr/article.php?IdArticle=8345382 False Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers are impersonating cybersecurity researchers on Twitter and GitHub to publish fake proof-of-concept exploits for zero-day vulnerabilities that infect Windows and Linux with malware. [...]]]> 2023-06-14T06:00:00+00:00 https://www.bleepingcomputer.com/news/security/fake-zero-day-poc-exploits-on-github-push-windows-linux-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8345239 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers are distributing Windows 10 using torrents that hide cryptocurrency hijackers in the EFI (Extensible Firmware Interface) partition to evade detection. [...]]]> 2023-06-13T17:16:30+00:00 https://www.bleepingcomputer.com/news/security/pirated-windows-10-isos-install-clipper-malware-via-efi-partitions/ www.secnews.physaphae.fr/article.php?IdArticle=8344997 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Romanian national Mihai Ionut Paunescu, aka "Virus," was sentenced to three years in prison by a Manhattan federal court for running a bulletproof hosting service and facilitating the distribution of the Gozi (Ursnif), Zeus, SpyEye, and BlackEnergy malware. [...]]]> 2023-06-13T10:52:14+00:00 https://www.bleepingcomputer.com/news/security/bulletproof-hoster-gets-3-years-for-pushing-urfsnif-zeus-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8344842 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Zacks Investment Research (Zacks) has reportedly suffered an older, previously undisclosed data breach impacting 8.8 million customers, with the database now shared on a hacking forum. [...]]]> 2023-06-12T13:59:35+00:00 https://www.bleepingcomputer.com/news/security/have-i-been-pwned-warns-of-new-zacks-data-breach-impacting-8-million/ www.secnews.physaphae.fr/article.php?IdArticle=8344475 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain The Swiss government has disclosed that a recent ransomware attack on an IT supplier might have impacted its data, while today, it warns that it is now targeted in DDoS attacks. [...]]]> 2023-06-12T10:58:06+00:00 https://www.bleepingcomputer.com/news/security/swiss-government-warns-of-ongoing-ddos-attacks-data-leak/ www.secnews.physaphae.fr/article.php?IdArticle=8344415 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain A group of Ukrainian hackers known as the Cyber.Anarchy.Squad claimed an attack that took down Russian telecom provider Infotel JSC on Thursday evening. [...]]]> 2023-06-09T18:06:51+00:00 https://www.bleepingcomputer.com/news/security/ukrainian-hackers-take-down-service-provider-for-russian-banks/ www.secnews.physaphae.fr/article.php?IdArticle=8343785 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A hacking group tracked as \'Asylum Ambuscade\' was observed in recent attacks targeting small to medium-sized companies worldwide, combining cyber espionage with cybercrime. [...]]]> 2023-06-08T15:21:33+00:00 https://www.bleepingcomputer.com/news/security/asylum-ambuscade-hackers-mix-cybercrime-with-espionage/ www.secnews.physaphae.fr/article.php?IdArticle=8343392 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Google Chrome is getting new security-enhancing features for the built-in Password Manager, making it easier for users to manage their passwords and stay safe from account hijacking attacks. [...]]]> 2023-06-08T12:00:00+00:00 https://www.bleepingcomputer.com/news/security/google-chrome-password-manager-gets-new-safeguards-for-your-credentials/ www.secnews.physaphae.fr/article.php?IdArticle=8343350 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Pharmaceutical company Eisai has disclosed it suffered a ransomware incident that impacted its operations, admitting that attackers encrypted some of its servers. [...]]]> 2023-06-08T10:22:14+00:00 https://www.bleepingcomputer.com/news/security/japanese-pharma-giant-eisai-discloses-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8343327 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain Honda\'s e-commerce platform for power equipment, marine, lawn & garden, was vulnerable to unauthorized access by anyone due to API flaws that allow password reset for any account. [...]]]> 2023-06-07T16:10:57+00:00 https://www.bleepingcomputer.com/news/security/honda-api-flaws-exposed-customer-data-dealer-panels-internal-docs/ www.secnews.physaphae.fr/article.php?IdArticle=8343133 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers used the popular Minecraft modding platforms Bukkit and CurseForge to distribute a new \'Fractureiser\' information-stealing malware through uploaded modifications and by injecting malicious code into existing projects. [...]]]> 2023-06-07T12:34:06+00:00 https://www.bleepingcomputer.com/news/security/new-fractureiser-malware-used-curseforge-minecraft-mods-to-infect-windows-linux/ www.secnews.physaphae.fr/article.php?IdArticle=8343074 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Over 60,000 Android apps disguised as legitimate applications have been quietly installing adware on mobile devices while remaining undetected for the past six months. [...]]]> 2023-06-06T15:10:26+00:00 https://www.bleepingcomputer.com/news/security/over-60-000-android-apps-secretly-installed-adware-for-past-six-months/ www.secnews.physaphae.fr/article.php?IdArticle=8342698 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Stealer logs represent one of the primary threat vectors for modern companies. This Flare explainer article will delve into the lifecycle of stealer malware and provide tips for detection and remediation. [...]]]> 2023-06-06T10:04:08+00:00 https://www.bleepingcomputer.com/news/security/dissecting-the-dark-web-supply-chain-stealer-logs-in-context/ www.secnews.physaphae.fr/article.php?IdArticle=8342626 False Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Google has released the monthly security update for the Android platform, adding fixes for 56 vulnerabilities, five of them with a critical severity rating and one exploited since at least last December. [...]]]> 2023-06-06T09:19:37+00:00 https://www.bleepingcomputer.com/news/security/android-security-update-fixes-mali-gpu-bug-exploited-as-zero-day/ www.secnews.physaphae.fr/article.php?IdArticle=8343038 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A new PowerShell malware script named \'PowerDrop\' has been discovered to be used in attacks targeting the U.S. aerospace defense industry. [...]]]> 2023-06-06T09:00:00+00:00 https://www.bleepingcomputer.com/news/security/new-powerdrop-powershell-malware-targets-us-aerospace-industry/ www.secnews.physaphae.fr/article.php?IdArticle=8342628 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The Clop ransomware gang has told BleepingComputer they are behind the MOVEit Transfer data-theft attacks, where a zero-day vulnerability was exploited to breach multiple companies\' servers and steal data. [...]]]> 2023-06-05T17:27:12+00:00 https://www.bleepingcomputer.com/news/security/clop-ransomware-claims-responsibility-for-moveit-extortion-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8342301 False Ransomware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Cybersecurity firm Kaspersky has released a tool to detect if Apple iPhones and other iOS devices are infected with a new \'Triangulation\' malware. [...]]]> 2023-06-05T13:58:29+00:00 https://www.bleepingcomputer.com/news/security/new-tool-scans-iphones-for-triangulation-malware-infection/ www.secnews.physaphae.fr/article.php?IdArticle=8342289 False Malware,Tool None 2.0000000000000000 Bleeping Computer - Magazine Américain The SpinOk malware was found in a new batch of Android apps on Google Play, reportedly installed an additional 30 million times. [...]]]> 2023-06-05T12:50:51+00:00 https://www.bleepingcomputer.com/news/security/spinok-android-malware-found-in-more-apps-with-30-million-installs/ www.secnews.physaphae.fr/article.php?IdArticle=8342216 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain KeePass has released version 2.54, fixing the CVE-2023-3278 vulnerability that allows the extraction of the cleartext master password from the application\'s memory. [...]]]> 2023-06-05T10:15:30+00:00 https://www.bleepingcomputer.com/news/security/keepass-v254-fixes-bug-that-leaked-cleartext-master-password/ www.secnews.physaphae.fr/article.php?IdArticle=8342200 False Vulnerability None 1.00000000000000000000 Bleeping Computer - Magazine Américain Online sellers are targeted in a new campaign to push the Vidar information-stealing malware, allowing threat actors to steal credentials for more damaging attacks. [...]]]> 2023-06-03T11:52:24+00:00 https://www.bleepingcomputer.com/news/security/online-sellers-targeted-by-new-information-stealing-malware-campaign/ www.secnews.physaphae.fr/article.php?IdArticle=8341797 False Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Leading snowboard maker Burton Snowboards confirmed notified customers of a data breach after some of their sensitive information was "potentially" accessed or stolen during what the company described in February as a "cyber incident."  [...]]]> 2023-06-02T12:19:20+00:00 https://www.bleepingcomputer.com/news/security/burton-snowboards-discloses-data-breach-after-february-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8341534 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain A previously unknown campaign involving the Hotabot botnet malware has targeted Spanish-speaking users in Latin America since at least November 2020, infecting them with a banking trojan and spam tool. [...]]]> 2023-06-01T16:54:40+00:00 https://www.bleepingcomputer.com/news/security/new-horabot-campaign-takes-over-victims-gmail-outlook-accounts/ www.secnews.physaphae.fr/article.php?IdArticle=8341327 False Spam,Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Harvard Pilgrim Health Care (HPHC) has disclosed that a ransomware attack it suffered in April 2023 impacted 2,550,922 people, with the threat actors also stealing their sensitive data from compromised systems. [...]]]> 2023-06-01T13:02:54+00:00 https://www.bleepingcomputer.com/news/security/harvard-pilgrim-health-care-ransomware-attack-hits-25-million-people/ www.secnews.physaphae.fr/article.php?IdArticle=8341260 False Ransomware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Russian cybersecurity firm Kaspersky says some iPhones on its network were hacked using an iOS vulnerability that installed malware via iMessage zero-click exploits. Russia blames these attacks on US intelligence agencies. [...]]]> 2023-06-01T12:11:28+00:00 https://www.bleepingcomputer.com/news/security/russia-says-us-hacked-thousands-of-iphones-in-ios-zero-click-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8341261 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Google announced today that bug bounty hunters who report sandbox escape chain exploits targeting its Chrome web browser are now eligible for triple the standard reward until December 1st, 2023. [...]]]> 2023-06-01T12:00:00+00:00 https://www.bleepingcomputer.com/news/google/google-triples-rewards-for-chrome-sandbox-escape-chain-exploits/ www.secnews.physaphae.fr/article.php?IdArticle=8341262 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain A stealthy remote access trojan (RAT) named \'SeroXen\' has recently gained popularity as cybercriminals begin using it for its low detection rates and powerful capabilities. [...]]]> 2023-05-31T12:56:42+00:00 https://www.bleepingcomputer.com/news/security/stealthy-seroxen-rat-malware-increasingly-used-to-target-gamers/ www.secnews.physaphae.fr/article.php?IdArticle=8340927 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Network and email security firm Barracuda today revealed that a recently patched zero-day vulnerability had been exploited for at least seven months to backdoor customers\' Email Security Gateway (ESG) appliances with custom malware and steal data. [...]]]> 2023-05-30T16:25:22+00:00 https://www.bleepingcomputer.com/news/security/barracuda-zero-day-abused-since-2022-to-drop-new-malware-steal-data/ www.secnews.physaphae.fr/article.php?IdArticle=8340632 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Apple has recently addressed a vulnerability that lets attackers with root privileges bypass System Integrity Protection (SIP) to install "undeletable" malware and access the victim\'s private data by circumventing Transparency, Consent, and Control (TCC) security checks. [...]]]> 2023-05-30T15:20:41+00:00 https://www.bleepingcomputer.com/news/security/microsoft-finds-macos-bug-that-lets-hackers-bypass-sip-root-restrictions/ www.secnews.physaphae.fr/article.php?IdArticle=8340614 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain A new campaign distributing the RomCom backdoor malware is impersonating the websites of well-known or fictional software, tricking users into downloading and launching malicious installers. [...]]]> 2023-05-30T15:01:01+00:00 https://www.bleepingcomputer.com/news/security/romcom-malware-spread-via-google-ads-for-chatgpt-gimp-more/ www.secnews.physaphae.fr/article.php?IdArticle=8340589 False Malware ChatGPT 2.0000000000000000 Bleeping Computer - Magazine Américain A new Android malware distributed as an advertisement SDK has been discovered in multiple apps, many previously on Google Play and collectively downloaded over 400 million times. [...]]]> 2023-05-30T10:38:31+00:00 https://www.bleepingcomputer.com/news/security/android-apps-with-spyware-installed-421-million-times-from-google-play/ www.secnews.physaphae.fr/article.php?IdArticle=8340539 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Jimbos Protocol, an Arbitrum-based DeFi project, has suffered a flash loan attack that resulted in the loss of more than of 4000 ETH tokens, currently valued at over $7,500,000. [...]]]> 2023-05-29T11:20:23+00:00 https://www.bleepingcomputer.com/news/security/flash-loan-attack-on-jimbos-protocol-steals-over-75-million/ www.secnews.physaphae.fr/article.php?IdArticle=8340219 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Managed Care of North America (MCNA) Dental has published a data breach notification on its website, informing almost 9 million patients that their personal data were compromised. [...]]]> 2023-05-29T09:49:01+00:00 https://www.bleepingcomputer.com/news/security/mcna-dental-data-breach-impacts-89-million-people-after-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8340203 False Ransomware,Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain CISA warned of a recently patched zero-day vulnerability exploited last week to hack into Barracuda Email Security Gateway (ESG) appliances. [...]]]> 2023-05-27T12:14:25+00:00 https://www.bleepingcomputer.com/news/security/cisa-warns-govt-agencies-of-recently-patched-barracuda-zero-day/ www.secnews.physaphae.fr/article.php?IdArticle=8339903 False Hack,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain The QBot malware operation has started to abuse a DLL hijacking flaw in the Windows 10 WordPad program to infect computers, using the legitimate program to evade detection by security software. [...]]]> 2023-05-27T11:12:06+00:00 https://www.bleepingcomputer.com/news/security/qbot-malware-abuses-windows-wordpad-exe-to-infect-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8339904 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain A team of researchers at Georgia Tech, the University of Michigan, and Ruhr University Bochum have developed a novel attack called "Hot Pixels," which can retrieve pixels from the content displayed in the target\'s browser and infer the navigation history. [...]]]> 2023-05-27T10:08:16+00:00 https://www.bleepingcomputer.com/news/security/hot-pixels-attack-checks-cpu-temp-power-changes-to-steal-data/ www.secnews.physaphae.fr/article.php?IdArticle=8339905 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Ransomware gangs continue to hammer local governments in attacks, taking down IT systems and disrupting city\'s online services. [...]]]> 2023-05-26T16:45:18+00:00 https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-may-26th-2023-cities-under-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8339716 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain Emby says it remotely shut down an undisclosed number of user-hosted media server instances that were recently hacked by exploiting a previously known vulnerability and an insecure admin account configuration. [...]]]> 2023-05-26T10:56:41+00:00 https://www.bleepingcomputer.com/news/security/emby-shuts-down-user-media-servers-hacked-in-recent-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8339613 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Security researchers at Cisco Talos and the Citizen Lab have presented a new technical analysis of the commercial Android spyware \'Predator\' and its loader \'Alien,\' sharing its data-theft capabilities and other operational details. [...]]]> 2023-05-25T14:57:29+00:00 https://www.bleepingcomputer.com/news/security/predator-looking-under-the-hood-of-intellexas-android-spyware/ www.secnews.physaphae.fr/article.php?IdArticle=8339447 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Attackers are now using encrypted RPMSG attachments sent via compromised Microsoft 365 accounts to steal Microsoft credentials in targeted phishing attacks designed to evade detection by email security gateways. [...]]]> 2023-05-25T13:12:26+00:00 https://www.bleepingcomputer.com/news/security/microsoft-365-phishing-attacks-use-encrypted-rpmsg-messages/ www.secnews.physaphae.fr/article.php?IdArticle=8339437 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Mandiant security researchers have discovered a new OT known as CosmicEnergy that targets operational technology (OT), raising concerns about potential disruptions to electric power systems worldwide.  [...]]]> 2023-05-25T11:27:33+00:00 https://www.bleepingcomputer.com/news/security/new-russian-linked-cosmicenergy-malware-targets-industrial-systems/ www.secnews.physaphae.fr/article.php?IdArticle=8339400 False Malware,Industrial CosmicEnergy 2.0000000000000000 Bleeping Computer - Magazine Américain 2023-05-25T10:04:02+00:00 https://www.bleepingcomputer.com/news/security/whats-a-double-blind-password-strategy-and-when-should-it-be-used/ www.secnews.physaphae.fr/article.php?IdArticle=8339401 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft says a Chinese cyberespionage group it tracks as Volt Typhoon has been targeting critical infrastructure organizations across the United States, including Guam, since at least mid-2021. [...]]]> 2023-05-24T16:43:37+00:00 https://www.bleepingcomputer.com/news/security/chinese-hackers-breach-us-critical-infrastructure-in-stealthy-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8339140 False None Guam 2.0000000000000000 Bleeping Computer - Magazine Américain A new PowerShell-based malware dubbed PowerExchange was used in attacks linked to APT34 Iranian state hackers to backdoor on-premise Microsoft Exchange servers. [...]]]> 2023-05-24T15:17:19+00:00 https://www.bleepingcomputer.com/news/security/new-powerexchange-malware-backdoors-microsoft-exchange-servers/ www.secnews.physaphae.fr/article.php?IdArticle=8339110 False Malware APT 34 2.0000000000000000 Bleeping Computer - Magazine Américain A suspected Iranian state-supported threat actor known as \'Agrius\' is now deploying a new ransomware strain named \'Moneybird\' against Israeli organizations. [...]]]> 2023-05-24T12:28:28+00:00 https://www.bleepingcomputer.com/news/security/iranian-hackers-use-new-moneybird-ransomware-to-attack-israeli-orgs/ www.secnews.physaphae.fr/article.php?IdArticle=8339069 False Ransomware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain German automotive and arms manufacturer Rheinmetall AG confirms that it suffered a BlackBasta ransomware attack that impacted its civilian business. [...]]]> 2023-05-23T12:02:04+00:00 https://www.bleepingcomputer.com/news/security/arms-maker-rheinmetall-confirms-blackbasta-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8338800 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain ESET malware researchers have discovered a new remote access trojan (RAT) on the Google Play Store, bundled with an Android screen recording app with 50,000 installs. [...]]]> 2023-05-23T10:53:07+00:00 https://www.bleepingcomputer.com/news/security/new-ahrat-android-malware-hidden-in-app-with-50-000-installs/ www.secnews.physaphae.fr/article.php?IdArticle=8338751 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain Google has launched the Mobile Vulnerability Rewards Program (Mobile VRP), a new bug bounty program that will pay security researchers for flaws found in the company\'s Android applications. [...]]]> 2023-05-22T17:18:38+00:00 https://www.bleepingcomputer.com/news/google/google-launches-bug-bounty-program-for-its-android-applications/ www.secnews.physaphae.fr/article.php?IdArticle=8338534 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Researchers at Tencent Labs and Zhejiang University have presented a new attack called \'BrutePrint,\' which brute-forces fingerprints on modern smartphones to bypass user authentication and take control of the device. [...]]]> 2023-05-21T10:12:24+00:00 https://www.bleepingcomputer.com/news/security/android-phones-are-vulnerable-to-fingerprint-brute-force-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8338266 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain PyPI, the official third-party registry of open source Python packages has temporarily suspended new users from signing up, and new projects from being uploaded to the platform until further notice. The unexpected move comes amid the registry\'s struggle to upkeep with a large influx of malicious users and packages [...]]]> 2023-05-20T21:19:19+00:00 https://www.bleepingcomputer.com/news/security/pypi-temporarily-pauses-new-users-projects-amid-high-volume-of-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8338165 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain A new malware distribution campaign is underway impersonating the CapCut video editing tool to push various malware strains to unsuspecting victims. [...]]]> 2023-05-20T11:08:16+00:00 https://www.bleepingcomputer.com/news/security/cloned-capcut-websites-push-information-stealing-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8338132 False Malware,Tool None 2.0000000000000000 Bleeping Computer - Magazine Américain Researchers have discovered multiple npm packages named after NodeJS libraries that even pack a Windows executable that resembles NodeJS but instead drops a sinister trojan. [...]]]> 2023-05-20T09:06:20+00:00 https://www.bleepingcomputer.com/news/security/npm-packages-hide-turkorat-malware-in-what-looks-like-a-nodejs-exe/ www.secnews.physaphae.fr/article.php?IdArticle=8338077 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain CISA warned today of a security vulnerability affecting Samsung devices used in attacks to bypass Android address space layout randomization (ASLR) protection. [...]]]> 2023-05-19T15:07:51+00:00 https://www.bleepingcomputer.com/news/security/cisa-warns-of-samsung-aslr-bypass-flaw-exploited-in-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8337965 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Dish Network, an American television provider, most likely paid a ransom after being hit by a ransomware attack in February based on the wording used in data breach notification letters sent to impacted employees. [...]]]> 2023-05-19T11:34:57+00:00 https://www.bleepingcomputer.com/news/security/dish-network-likely-paid-ransom-after-recent-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8337917 False Ransomware,Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Luxottica has confirmed one of its partners suffered a data breach in 2021 that exposed the personal information of 70 million customers after a database was posted this month for free on hacking forums. [...]]]> 2023-05-19T09:37:23+00:00 https://www.bleepingcomputer.com/news/security/luxottica-confirms-2021-data-breach-after-info-of-70m-leaks-online/ www.secnews.physaphae.fr/article.php?IdArticle=8337893 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain A cybercriminal tracked as the "Lemon Group" has been infecting millions of Android-based smartphones, watches, TVs, and TV boxes, with a malware strain named \'Guerilla.\' [...]]]> 2023-05-18T17:40:01+00:00 https://www.bleepingcomputer.com/news/security/cybercrime-gang-pre-infects-millions-of-android-devices-with-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8337767 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain The popular KeePass password manager is vulnerable to extracting the master password from the application\'s memory, allowing attackers who compromise a device to retrieve the password even with the database is locked. [...]]]> 2023-05-18T16:26:27+00:00 https://www.bleepingcomputer.com/news/security/keepass-exploit-helps-retrieve-cleartext-master-password-fix-coming-soon/ www.secnews.physaphae.fr/article.php?IdArticle=8337760 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Apple has addressed three new zero-day vulnerabilities exploited in attacks to hack into iPhones, Macs, and iPads. [...]]]> 2023-05-18T15:34:54+00:00 https://www.bleepingcomputer.com/news/apple/apple-fixes-three-new-zero-days-exploited-to-hack-iphones-macs/ www.secnews.physaphae.fr/article.php?IdArticle=8337736 False Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers are now actively probing for vulnerable Essential Addons for Elementor plugin versions on thousands of WordPress websites in massive Internet scans, attempting to exploit a critical account password reset flaw disclosed earlier in the month. [...]]]> 2023-05-18T12:36:06+00:00 https://www.bleepingcomputer.com/news/security/hackers-target-vulnerable-wordpress-elementor-plugin-after-poc-released/ www.secnews.physaphae.fr/article.php?IdArticle=8337705 False None None 2.0000000000000000