This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-11T23:51:52+00:00 www.secnews.physaphae.fr Bleeping Computer - Magazine Américain OpenSSH has released security updates addressing two vulnerabilities, a machine-in-the-middle (MitM) and a denial of service flaw, with one of the flaws introduced over a decade ago. [...]]]> 2025-02-18T12:07:56+00:00 https://www.bleepingcomputer.com/news/security/new-openssh-flaws-expose-ssh-servers-to-mitm-and-dos-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8648887 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Financial technology giant Finastra is notifying victims of a data breach after their personal information was stolen by unknown attackers who first breached its systems in October 2024. [...]]]> 2025-02-18T10:01:27+00:00 https://www.bleepingcomputer.com/news/security/fintech-giant-finastra-notifies-victims-of-october-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8648874 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain Newspaper publishing giant Lee Enterprises has confirmed that a ransomware attack is behind ongoing disruptions impacting the group\'s operations for over two weeks. [...]]]> 2025-02-18T07:35:35+00:00 https://www.bleepingcomputer.com/news/security/lee-enterprises-newspaper-disruptions-caused-by-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8648853 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain A new variant of the XCSSET macOS modular malware has emerged in attacks that target users\' sensitive information, including digital wallets and data from the legitimate Notes app. [...]]]> 2025-02-17T11:04:51+00:00 https://www.bleepingcomputer.com/news/security/microsoft-spots-xcsset-macos-malware-variant-used-for-crypto-theft/ www.secnews.physaphae.fr/article.php?IdArticle=8648775 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain A new malware called FinalDraft has been using Outlook email drafts for command-and-control communication in attacks against a ministry in a South American country. [...]]]> 2025-02-16T10:15:30+00:00 https://www.bleepingcomputer.com/news/security/new-finaldraft-malware-abuses-outlook-mail-service-for-stealthy-comms/ www.secnews.physaphae.fr/article.php?IdArticle=8648660 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain A free-to-play game named PirateFi in the Steam store has been distributing the Vidar infostealing malware to unsuspecting users. [...]]]> 2025-02-14T12:32:32+00:00 https://www.bleepingcomputer.com/news/security/piratefi-game-on-steam-caught-installing-password-stealing-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8648600 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain ​Rapid7\'s vulnerability research team says attackers exploited a PostgreSQL security flaw as a zero-day to breach the network of privileged access management company BeyondTrust in December. [...]]]> 2025-02-14T09:15:47+00:00 https://www.bleepingcomputer.com/news/security/postgresql-flaw-exploited-as-zero-day-in-beyondtrust-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8648500 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain China\'s Salt Typhoon hackers are still actively targeting telecoms worldwide and have breached more U.S. telecommunications providers via unpatched Cisco IOS XE network devices. [...]]]> 2025-02-14T07:56:41+00:00 https://www.bleepingcomputer.com/news/security/chinese-hackers-breach-more-us-telecoms-via-unpatched-cisco-routers/ www.secnews.physaphae.fr/article.php?IdArticle=8648483 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Security researchers discovered a name confusion attack that allows access to an Amazon Web Services account to anyone that publishes an Amazon Machine Image (AMI) with a specific name. [...]]]> 2025-02-13T18:35:26+00:00 https://www.bleepingcomputer.com/news/security/whoami-attacks-give-hackers-code-execution-on-amazon-ec2-instances/ www.secnews.physaphae.fr/article.php?IdArticle=8648433 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Zacks Investment Research (Zacks) last year reportedly suffered another data breach that exposed sensitive information related to roughly 12 million accounts. [...]]]> 2025-02-13T12:39:36+00:00 https://www.bleepingcomputer.com/news/security/hacker-leaks-account-data-of-12-million-zacks-investment-users/ www.secnews.physaphae.fr/article.php?IdArticle=8648402 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain A China-based threat actor, tracked as Emperor Dragonfly and commonly associated with cybercriminal endeavors, has been observed using in a ransomware attack a toolset previously attributed to espionage actors. [...]]]> 2025-02-13T09:31:54+00:00 https://www.bleepingcomputer.com/news/security/chinese-espionage-tools-deployed-in-ra-world-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8648386 False Ransomware,Tool,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Decentralized money lender zkLend suffered a breach where threat actors exploited a smart contract flaw to steal 3,600 Ethereum, worth $9.5 million at the time. [...]]]> 2025-02-12T18:08:09+00:00 https://www.bleepingcomputer.com/news/cryptocurrency/zklend-loses-95m-in-crypto-heist-asks-hacker-to-return-90-percent/ www.secnews.physaphae.fr/article.php?IdArticle=8648291 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A relatively new ransomware operation named \'Sarcoma\' has claimed responsibility for an attack against the Unimicron printed circuit boards (PCB) maker in Taiwan. [...]]]> 2025-02-12T14:24:28+00:00 https://www.bleepingcomputer.com/news/security/sarcoma-ransomware-claims-breach-at-giant-pcb-maker-unimicron/ www.secnews.physaphae.fr/article.php?IdArticle=8648263 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain Google has fixed two vulnerabilities that, when chained together, could expose the email addresses of YouTube accounts, causing a massive privacy breach for those using the site anonymously. [...]]]> 2025-02-12T06:00:00+00:00 https://www.bleepingcomputer.com/news/security/google-fixes-flaw-that-could-unmask-youtube-users-email-addresses/ www.secnews.physaphae.fr/article.php?IdArticle=8648236 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Microsoft has released the KB5051974 cumulative update for Windows 10 22H2 and Windows 10 21H2, which automatically installs the new Outlook for Windows app and fixes a memory leak bug. [...]]]> 2025-02-11T14:32:57+00:00 https://www.bleepingcomputer.com/news/microsoft/windows-10-kb5051974-update-force-installs-new-microsoft-outlook-app/ www.secnews.physaphae.fr/article.php?IdArticle=8648113 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Fortinet warned today that attackers are exploiting another authentication bypass zero-day bug in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks. [...]]]> 2025-02-11T13:56:13+00:00 https://www.bleepingcomputer.com/news/security/fortinet-warns-of-new-zero-day-exploited-to-hijack-firewalls/ www.secnews.physaphae.fr/article.php?IdArticle=8648107 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain ​The United States, Australia, and the United Kingdom have sanctioned Zservers, a Russia-based bulletproof hosting (BPH) services provider, for supplying essential attack infrastructure for the LockBit ransomware gang. [...]]]> 2025-02-11T09:24:43+00:00 https://www.bleepingcomputer.com/news/security/us-sanctions-lockbit-ransomwares-bulletproof-hosting-provider/ www.secnews.physaphae.fr/article.php?IdArticle=8648057 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain Today, an Alabama man pleaded guilty to hijacking the U.S. Securities and Exchange Commission (SEC) account on X in a January 2024 SIM swapping attack. [...]]]> 2025-02-10T13:46:43+00:00 https://www.bleepingcomputer.com/news/security/hacker-pleads-guilty-to-sim-swap-attack-on-us-sec-x-account/ www.secnews.physaphae.fr/article.php?IdArticle=8647904 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain ​Microsoft announced over the weekend that it has expanded its Microsoft Copilot (AI) bug bounty program and increased payouts for moderate severity vulnerabilities. [...]]]> 2025-02-10T10:00:34+00:00 https://www.bleepingcomputer.com/news/microsoft/microsoft-raises-rewards-for-copilot-ai-bug-bounty-program/ www.secnews.physaphae.fr/article.php?IdArticle=8647869 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain A large-scale brute force password attack using almost 2.8 million IP addresses is underway, attempting to guess the credentials for a wide range of networking devices, including those from Palo Alto Networks, Ivanti, and SonicWall. [...]]]> 2025-02-08T10:15:25+00:00 https://www.bleepingcomputer.com/news/security/massive-brute-force-attack-uses-28-million-ips-to-target-vpn-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8647609 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Hewlett Packard Enterprise (HPE) is notifying employees whose data was stolen from the company\'s Office 365 email environment by Russian state-sponsored hackers in a May 2023 cyberattack. [...]]]> 2025-02-07T14:21:16+00:00 https://www.bleepingcomputer.com/news/security/hpe-notifies-employees-of-data-breach-after-russian-office-365-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8647482 False Data Breach,Hack None 3.0000000000000000 Bleeping Computer - Magazine Américain Software vendor Trimble is warning that hackers are exploiting a Cityworks deserialization vulnerability to remotely execute commands on IIS servers and deploy Cobalt Strike beacons for initial network access. [...]]]> 2025-02-07T13:42:44+00:00 https://www.bleepingcomputer.com/news/security/hackers-exploit-cityworks-rce-bug-to-breach-microsoft-iis-servers/ www.secnews.physaphae.fr/article.php?IdArticle=8647472 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Hospital Sisters Health System notified over 882,000 patients that an August 2023 cyberattack led to a data breach that exposed their personal and health information. [...]]]> 2025-02-07T11:44:32+00:00 https://www.bleepingcomputer.com/news/security/us-health-system-notifies-882-000-patients-of-august-2023-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8647457 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft warns that attackers are deploying malware in ViewState code injection attacks using static ASP. NET machine keys found online. [...]]]> 2025-02-06T15:59:41+00:00 https://www.bleepingcomputer.com/news/security/microsoft-says-attackers-use-exposed-aspnet-keys-to-deploy-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8647286 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers are targeting vulnerable SimpleHelp RMM clients to create administrator accounts, drop backdoors, and potentially lay the groundwork for ransomware attacks. [...]]]> 2025-02-06T12:50:54+00:00 https://www.bleepingcomputer.com/news/security/hackers-exploit-simplehelp-rmm-flaws-to-deploy-sliver-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8647262 False Ransomware,Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain An ongoing distributed denial of service (DDoS) attack targets Bohemia Interactive\'s infrastructure, preventing players of DayZ and Arma Reforger from playing the games online. [...]]]> 2025-02-06T11:09:19+00:00 https://www.bleepingcomputer.com/news/security/ddos-attacks-reportedly-behind-dayz-and-arma-network-outages/ www.secnews.physaphae.fr/article.php?IdArticle=8647247 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain British-based engineering firm IMI plc has disclosed a security breach after unknown attackers hacked into the company\'s systems. [...]]]> 2025-02-06T09:36:11+00:00 https://www.bleepingcomputer.com/news/security/british-engineering-firm-imi-discloses-breach-shares-no-details/ www.secnews.physaphae.fr/article.php?IdArticle=8647222 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft has released a PowerShell script to help Windows users and admins update bootable media so it utilizes the new "Windows UEFI CA 2023" certificate before the mitigations of the BlackLotus UEFI bootkit are enforced later this year. [...]]]> 2025-02-05T18:16:04+00:00 https://www.bleepingcomputer.com/news/microsoft/new-microsoft-script-updates-windows-media-with-bootkit-malware-fixes/ www.secnews.physaphae.fr/article.php?IdArticle=8647137 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain A new campaign dubbed \'SparkCat\' has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers. [...]]]> 2025-02-04T15:16:19+00:00 https://www.bleepingcomputer.com/news/mobile/crypto-stealing-apps-found-in-apple-app-store-for-the-first-time/ www.secnews.physaphae.fr/article.php?IdArticle=8647050 False Mobile None 4.0000000000000000 Bleeping Computer - Magazine Américain Five Eyes cybersecurity agencies in the UK, Australia, Canada, New Zealand, and the U.S. have issued guidance urging makers of network edge devices and appliances to improve forensic visibility to help defenders detect attacks and investigate breaches. [...]]]> 2025-02-04T13:24:20+00:00 https://www.bleepingcomputer.com/news/security/cyber-agencies-share-security-guidance-for-network-edge-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8646875 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain A Chinese hacking group is hijacking the SSH daemon on network appliances by injecting malware into the process for persistent access and covert operations. [...]]]> 2025-02-04T12:39:40+00:00 https://www.bleepingcomputer.com/news/security/chinese-cyberspies-use-new-ssh-backdoor-in-network-device-hacks/ www.secnews.physaphae.fr/article.php?IdArticle=8646865 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain As the gateways to corporate networks, VPNs are an attractive target for attackers. Learn from Specops Software about how hackers use compromised VPN passwords and how you can protect your organization. [...]]]> 2025-02-04T10:01:11+00:00 https://www.bleepingcomputer.com/news/security/how-hackers-target-your-active-directory-with-breached-vpn-passwords/ www.secnews.physaphae.fr/article.php?IdArticle=8646830 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain ​Food delivery company GrubHub disclosed a data breach impacting the personal information of an undisclosed number of customers, merchants, and drivers after attackers breached its systems using a service provider account. [...]]]> 2025-02-04T04:24:46+00:00 https://www.bleepingcomputer.com/news/security/grubhub-data-breach-impacts-customers-drivers-and-merchants/ www.secnews.physaphae.fr/article.php?IdArticle=8646761 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain The February 2025 Android security updates patch 48 vulnerabilities, including a zero-day kernel vulnerability that has been exploited in the wild. [...]]]> 2025-02-03T15:10:22+00:00 https://www.bleepingcomputer.com/news/security/google-fixes-android-kernel-zero-day-exploited-in-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8646654 False Vulnerability,Threat,Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain Threat actors are taking advantage of the rise in popularity of the DeepSeek to promote two malicious infostealer packages on the Python Package Index (PyPI), where they impersonated developer tools for the AI platform. [...]]]> 2025-02-03T11:33:23+00:00 https://www.bleepingcomputer.com/news/security/deepseek-ai-tools-impersonated-by-infostealer-malware-on-pypi/ www.secnews.physaphae.fr/article.php?IdArticle=8646596 False Malware,Tool,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Tata Technologies Ltd. had to suspend some of its IT services following a ransomware attack that impacted the company network. [...]]]> 2025-01-31T11:02:22+00:00 https://www.bleepingcomputer.com/news/security/indian-tech-giant-tata-technologies-hit-by-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8645305 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain Insurance giant Globe Life finished the investigation into the data breach it suffered last June and says that the incident may have impacted an additional 850,000 customers. [...]]]> 2025-01-31T10:24:38+00:00 https://www.bleepingcomputer.com/news/security/globe-life-data-breach-may-impact-an-additional-850-000-clients/ www.secnews.physaphae.fr/article.php?IdArticle=8645306 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain ​Mizuno USA, a subsidiary of Mizuno Corporation, one of the world\'s largest sporting goods manufacturers, confirmed in data breach notification letters that unknown attackers stole files from its network between August and October 2024. [...]]]> 2025-01-31T10:12:06+00:00 https://www.bleepingcomputer.com/news/security/mizuno-usa-says-hackers-stayed-in-its-network-for-two-months/ www.secnews.physaphae.fr/article.php?IdArticle=8645307 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Community Health Center (CHC), a leading Connecticut healthcare provider, is notifying over 1 million patients that their personal and health information was stolen in an October breach. [...]]]> 2025-01-31T08:18:29+00:00 https://www.bleepingcomputer.com/news/security/us-healthcare-provider-data-breach-impacts-1-million-patients/ www.secnews.physaphae.fr/article.php?IdArticle=8645263 False Data Breach,Medical None 2.0000000000000000 Bleeping Computer - Magazine Américain Google blocked 2.3 million Android app submissions to the Play Store in 2024 due to violations of its policies that made them potentially risky for users. [...]]]> 2025-01-30T15:57:47+00:00 https://www.bleepingcomputer.com/news/security/google-blocked-236-million-risky-android-apps-from-play-store-in-2024/ www.secnews.physaphae.fr/article.php?IdArticle=8644950 False Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain ​The New York Blood Center (NYBC), one of the world\'s largest independent blood collection and distribution organizations, says a Sunday ransomware attack forced it to reschedule some appointments. [...]]]> 2025-01-30T12:53:13+00:00 https://www.bleepingcomputer.com/news/security/ransomware-attack-disrupts-new-york-blood-donation-giant/ www.secnews.physaphae.fr/article.php?IdArticle=8644891 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain A new attack called \'Browser Syncjacking\' demonstrates the possibility of using a seemingly benign Chrome extension to take over a victim\'s device through the browser. [...]]]> 2025-01-30T09:33:33+00:00 https://www.bleepingcomputer.com/news/security/new-syncjacking-attack-hijacks-devices-using-chrome-extensions/ www.secnews.physaphae.fr/article.php?IdArticle=8644816 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain A ChatGPT jailbreak flaw, dubbed "Time Bandit," allows you to bypass OpenAI\'s safety guidelines when asking for detailed instructions on sensitive topics, including the creation of weapons, information on nuclear topics, and malware creation. [...]]]> 2025-01-30T07:00:00+00:00 https://www.bleepingcomputer.com/news/security/time-bandit-chatgpt-jailbreak-bypasses-safeguards-on-sensitive-topics/ www.secnews.physaphae.fr/article.php?IdArticle=8644768 False Malware ChatGPT 3.0000000000000000 Bleeping Computer - Magazine Américain A new variant of the Mirai-based botnet malware Aquabot has been observed actively exploiting CVE-2024-41710, a command injection vulnerability in Mitel SIP phones. [...]]]> 2025-01-29T19:55:06+00:00 https://www.bleepingcomputer.com/news/security/new-aquabotv3-botnet-malware-targets-mitel-command-injection-flaw/ www.secnews.physaphae.fr/article.php?IdArticle=8644524 False Malware,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain DogWifTools has disclosed on its official Discord channel that its software has been compromised by a supply chain attack that impacted its Windows client, infecting users with malware. [...]]]> 2025-01-29T19:33:11+00:00 https://www.bleepingcomputer.com/news/security/solana-pumpfun-tool-dogwiftool-compromised-to-drain-wallets/ www.secnews.physaphae.fr/article.php?IdArticle=8644525 False Malware,Tool None 2.0000000000000000 Bleeping Computer - Magazine Américain The FBI has seized the domains for the infamous Cracked.io and Nulled.to hacking forums, which are known for their focus on cybercrime, password theft, cracking, and credential stuffing attacks. [...]]]> 2025-01-29T12:30:09+00:00 https://www.bleepingcomputer.com/news/security/fbi-seizes-crackedio-nulledto-hacking-forums-in-operation-talent/ www.secnews.physaphae.fr/article.php?IdArticle=8644465 False None None 4.0000000000000000 Bleeping Computer - Magazine Américain Windows 11\'s Start menu is getting a big update with full-fledged Android and iPhone integration. [...]]]> 2025-01-29T11:54:43+00:00 https://www.bleepingcomputer.com/news/microsoft/windows-11s-start-menu-is-getting-iphone-and-android-integration/ www.secnews.physaphae.fr/article.php?IdArticle=8644375 False Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers are believed to be exploiting recently fixed SimpleHelp Remote Monitoring and Management (RMM) software vulnerabilities to gain initial access to target networks. [...]]]> 2025-01-28T16:49:41+00:00 https://www.bleepingcomputer.com/news/security/hackers-exploiting-flaws-in-simplehelp-rmm-to-breach-networks/ www.secnews.physaphae.fr/article.php?IdArticle=8644007 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain London-based engineering giant Smiths Group disclosed a security breach after unknown attackers gained access to the company\'s systems. [...]]]> 2025-01-28T12:28:15+00:00 https://www.bleepingcomputer.com/news/security/engineering-giant-smiths-group-discloses-security-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8643921 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Signal is finally adding a new feature that allows users to synchronize their old message history from their primary iOS or Android devices to newly linked devices like desktops and iPads. [...]]]> 2025-01-28T11:27:02+00:00 https://www.bleepingcomputer.com/news/security/signal-will-let-you-sync-old-messages-when-linking-new-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8643900 False Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Education software giant PowerSchool has started notifying individuals in the U.S. and Canada whose personal data was exposed in a late December 2024 cyberattack. [...]]]> 2025-01-28T10:43:31+00:00 https://www.bleepingcomputer.com/news/security/powerschool-starts-notifying-victims-of-massive-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8643874 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain Open-source password manager Bitwarden is adding an extra layer of security for accounts that are not protected by two-factor authentication, requiring email verification before allowing access to accounts. [...]]]> 2025-01-27T16:00:54+00:00 https://www.bleepingcomputer.com/news/security/bitwarden-makes-it-harder-to-hack-password-vaults-without-mfa/ www.secnews.physaphae.fr/article.php?IdArticle=8643487 False Hack None 3.0000000000000000 Bleeping Computer - Magazine Américain The Phemex crypto exchange suffered a massive security breach on Thursday where threat actors stole over $85 million worth of cryptocurrency. [...]]]> 2025-01-27T13:03:02+00:00 https://www.bleepingcomputer.com/news/security/hackers-steal-85-million-worth-of-cryptocurrency-from-phemex/ www.secnews.physaphae.fr/article.php?IdArticle=8643424 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Microsoft reminded Microsoft 365 admins that its new brand impersonation protection feature for Teams Chat will be available for all customers by mid-February 2025. [...]]]> 2025-01-27T12:43:27+00:00 https://www.bleepingcomputer.com/news/security/microsoft-teams-phishing-attack-alerts-coming-to-everyone-next-month/ www.secnews.physaphae.fr/article.php?IdArticle=8643425 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain A set of three distinct but related attacks, dubbed \'Clone2Leak,\' can leak credentials by exploiting how Git and its credential helpers handle authentication requests. [...]]]> 2025-01-27T11:36:38+00:00 https://www.bleepingcomputer.com/news/security/clone2leak-attacks-exploit-git-flaws-to-steal-credentials/ www.secnews.physaphae.fr/article.php?IdArticle=8643400 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain UnitedHealth has revealed that 190 million Americans had their personal and healthcare data stolen in the Change Healthcare ransomware attack, nearly doubling the previously disclosed figure. [...]]]> 2025-01-26T11:29:17+00:00 https://www.bleepingcomputer.com/news/security/unitedhealth-now-says-190-million-impacted-by-2024-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8642962 False Ransomware,Data Breach,Medical None 3.0000000000000000 Bleeping Computer - Magazine Américain UK telecommunications company TalkTalk is investigating a third-party supplier data breach after a threat actor began selling alleged customer data on a hacking forum. [...]]]> 2025-01-25T16:23:24+00:00 https://www.bleepingcomputer.com/news/security/talktalk-investigates-breach-after-data-for-sale-on-hacking-forum/ www.secnews.physaphae.fr/article.php?IdArticle=8642650 False Data Breach,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain New York State has announced a $2,000,000 settlement with PayPal over charges it failed to comply with the state\'s cybersecurity regulations, leading to a 2022 data breach. [...]]]> 2025-01-25T10:15:25+00:00 https://www.bleepingcomputer.com/news/security/paypal-to-pay-2-million-settlement-over-2022-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8642632 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain A threat actor targeted low-skilled hackers, known as "script kiddies," with a fake malware builder that secretly infected them with a backdoor to steal data and take over computers. [...]]]> 2025-01-24T11:34:40+00:00 https://www.bleepingcomputer.com/news/security/hacker-infects-18-000-script-kiddies-with-fake-malware-builder/ www.secnews.physaphae.fr/article.php?IdArticle=8642144 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers are distributing close to 1,000 web pages mimicking Reddit and the WeTransfer file sharing service that lead to downloading the Lumma Stealer malware. [...]]]> 2025-01-23T14:05:34+00:00 https://www.bleepingcomputer.com/news/security/hundreds-of-fake-reddit-sites-push-lumma-stealer-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8641701 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Google has announced a new Android "Identity Check" security feature that lock sensitive settings behind biometric authentication when outside a trusted location. [...]]]> 2025-01-23T13:00:00+00:00 https://www.bleepingcomputer.com/news/security/new-android-identity-check-locks-settings-outside-trusted-locations/ www.secnews.physaphae.fr/article.php?IdArticle=8641702 False Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain CISA and the FBI warned today that attackers are still exploiting Ivanti Cloud Service Appliances (CSA) security flaws patched since September to breach vulnerable networks. [...]]]> 2025-01-23T11:51:57+00:00 https://www.bleepingcomputer.com/news/security/cisa-hackers-still-exploiting-older-ivanti-bugs-to-breach-networks/ www.secnews.physaphae.fr/article.php?IdArticle=8641655 False Cloud None 3.0000000000000000 Bleeping Computer - Magazine Américain A malicious campaign has been specifically targeting Juniper edge devices, many acting as VPN gateways, with malware dubbed J-magic that starts a reverse shell only if it detects a "magic packet" in the network traffic. [...]]]> 2025-01-23T10:26:36+00:00 https://www.bleepingcomputer.com/news/security/stealthy-magic-packet-malware-targets-juniper-vpn-gateways/ www.secnews.physaphae.fr/article.php?IdArticle=8641625 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Threat actors on X are exploiting the news around Ross Ulbricht to direct unsuspecting users to a Telegram channel that tricks them into executing PowerShell code that infects them with malware. [...]]]> 2025-01-22T15:35:44+00:00 https://www.bleepingcomputer.com/news/security/telegram-captcha-tricks-you-into-running-malicious-powershell-scripts/ www.secnews.physaphae.fr/article.php?IdArticle=8641263 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain South Korean VPN provider IPany was breached in a supply chain attack by the "PlushDaemon" China-aligned hacking group, who compromised the company\'s VPN installer to deploy the custom \'SlowStepper\' malware. [...]]]> 2025-01-22T10:11:48+00:00 https://www.bleepingcomputer.com/news/security/ipany-vpn-breached-in-supply-chain-attack-to-push-custom-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8641145 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Creating a custom password-exclusion list can help prevent employees from using passwords that are likely to be guessed. Learn from Specops Software on using AI to generate password dictionary for securing your organization\'s credentials. [...]]]> 2025-01-22T10:00:10+00:00 https://www.bleepingcomputer.com/news/security/use-this-ai-chatbot-prompt-to-create-a-password-exclusion-list/ www.secnews.physaphae.fr/article.php?IdArticle=8641119 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain The largest distributed denial-of-service (DDoS) attack to date peaked at 5.6 terabits per second and came from a Mirai-based botnet with 13,000 compromised devices. [...]]]> 2025-01-21T16:04:09+00:00 https://www.bleepingcomputer.com/news/security/cloudflare-mitigated-a-record-breaking-56-tbps-ddos-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8640762 False None None 4.0000000000000000 Bleeping Computer - Magazine Américain Hackers are once again abusing Google ads to spread malware, using a fake Homebrew website to infect Macs and Linux devices with an infostealer that steals credentials, browser data, and cryptocurrency wallets. [...]]]> 2025-01-21T14:58:20+00:00 https://www.bleepingcomputer.com/news/security/fake-homebrew-google-ads-target-mac-users-with-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8640737 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Ransomware gangs are increasingly adopting email bombing followed by posing as tech support in Microsoft Teams calls to trick employees into allowing remote control and install malware that provides access to the company network. [...]]]> 2025-01-21T10:59:29+00:00 https://www.bleepingcomputer.com/news/security/ransomware-gangs-pose-as-it-support-in-microsoft-teams-phishing-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8640659 False Ransomware,Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Hewlett Packard Enterprise (HPE) is investigating claims of a new breach after a threat actor said they stole documents from the company\'s developer environments. [...]]]> 2025-01-20T14:06:38+00:00 https://www.bleepingcomputer.com/news/security/hewlett-packard-enterprise-investigates-new-breach-claims/ www.secnews.physaphae.fr/article.php?IdArticle=8640251 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Hotel management platform Otelier suffered a data breach after threat actors breached its Amazon S3 cloud storage to steal millions of guests\' personal information and reservations for well-known hotel brands like Marriott, Hilton, and Hyatt. [...]]]> 2025-01-17T15:17:22+00:00 https://www.bleepingcomputer.com/news/security/otelier-data-breach-exposes-info-hotel-reservations-of-millions/ www.secnews.physaphae.fr/article.php?IdArticle=8638916 False Data Breach,Threat,Cloud None 3.0000000000000000 Bleeping Computer - Magazine Américain The U.S. Department of the Treasury\'s Office of Foreign Assets Control (OFAC) has sanctioned Yin Kecheng, a Shanghai-based hacker for his role in the recent Treasury breach and a company associated with the Salt Typhoon threat group. [...]]]> 2025-01-17T11:57:01+00:00 https://www.bleepingcomputer.com/news/security/us-sanctions-chinese-firm-hacker-behind-telecom-and-treasury-hacks/ www.secnews.physaphae.fr/article.php?IdArticle=8638825 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Wolf Haldenstein Adler Freeman & Herz LLP ("Wolf Haldenstein") reports it has suffered a data breach that exposed the personal information of nearly 3.5 million individuals to hackers. [...]]]> 2025-01-16T11:26:41+00:00 https://www.bleepingcomputer.com/news/security/wolf-haldenstein-law-firm-says-35-million-impacted-by-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8638365 False Data Breach None 2.0000000000000000 Bleeping Computer - Magazine Américain A new hacking group has leaked the configuration files, IP addresses, and VPN credentials for over 15,000 FortiGate devices for free on the dark web, exposing a great deal of sensitive technical information to other cybercriminals. [...]]]> 2025-01-15T21:57:23+00:00 https://www.bleepingcomputer.com/news/security/hackers-leak-configs-and-vpn-credentials-for-15-000-fortigate-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8638022 False Technical None 3.0000000000000000 Bleeping Computer - Magazine Américain A newly discovered botnet of 13,000 MikroTik devices uses a misconfiguration in domain name server records to bypass email protections and deliver malware by spoofing roughly 20,000 web domains. [...]]]> 2025-01-15T15:04:45+00:00 https://www.bleepingcomputer.com/news/security/mikrotik-botnet-uses-misconfigured-spf-dns-records-to-spread-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8637880 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Avery Products Corporation is warning it suffered a data breach after its website was hacked to steal customers\' credit cards and personal information. [...]]]> 2025-01-15T14:44:28+00:00 https://www.bleepingcomputer.com/news/security/label-giant-avery-says-website-hacked-to-steal-credit-cards/ www.secnews.physaphae.fr/article.php?IdArticle=8637881 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain A new malware campaign has compromised more than 5,000 WordPress sites to create admin accounts, install a malicious plugin, and steal data. [...]]]> 2025-01-14T15:54:28+00:00 https://www.bleepingcomputer.com/news/security/wp3xyz-malware-attacks-add-rogue-admins-to-5-000-plus-wordpress-sites/ www.secnews.physaphae.fr/article.php?IdArticle=8637332 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain ​The U.S. Department of Justice announced today that the FBI has deleted Chinese PlugX malware from over 4,200 computers in networks across the United States. [...]]]> 2025-01-14T11:26:26+00:00 https://www.bleepingcomputer.com/news/security/fbi-deletes-chinese-plugx-malware-from-thousands-of-us-computers/ www.secnews.physaphae.fr/article.php?IdArticle=8637596 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Threat actors are utilizing the FastHTTP Go library to launch high-speed brute-force password attacks targeting Microsoft 365 accounts globally. [...]]]> 2025-01-14T10:57:07+00:00 https://www.bleepingcomputer.com/news/security/hackers-use-fasthttp-in-new-high-speed-microsoft-365-password-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8637199 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain ​Attackers are exploiting a new authentication bypass zero-day vulnerability in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks. [...]]]> 2025-01-14T10:24:27+00:00 https://www.bleepingcomputer.com/news/security/fortinet-warns-of-auth-bypass-zero-day-exploited-to-hijack-firewalls/ www.secnews.physaphae.fr/article.php?IdArticle=8637200 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Blood-donation not-for-profit OneBlood confirms that donors\' personal information was stolen in a ransomware attack last summer. [...]]]> 2025-01-13T17:36:16+00:00 https://www.bleepingcomputer.com/news/security/oneblood-confirms-personal-data-stolen-in-july-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8636896 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain Path of Exile 2 developers confirmed that a hacked admin account allowed a threat actor to change the password and access at least 66 accounts, finally explaining how PoE 2 accounts have been breached since November. [...]]]> 2025-01-13T15:33:46+00:00 https://www.bleepingcomputer.com/news/security/stolen-path-of-exile-2-admin-account-used-to-hack-player-accounts/ www.secnews.physaphae.fr/article.php?IdArticle=8636854 False Hack,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Nominet, the official .UK domain registry and one of the largest country code registries, has confirmed that its network was breached two weeks ago using an Ivanti VPN zero-day vulnerability. [...]]]> 2025-01-13T11:50:12+00:00 https://www.bleepingcomputer.com/news/security/uk-domain-registry-nominet-confirms-breach-via-ivanti-zero-day-vulnerability/ www.secnews.physaphae.fr/article.php?IdArticle=8636780 False Vulnerability,Threat None 4.0000000000000000 Bleeping Computer - Magazine Américain A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka "LDAPNightmare") on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. [...]]]> 2025-01-11T10:21:31+00:00 https://www.bleepingcomputer.com/news/security/fake-ldapnightmware-exploit-on-github-spreads-infostealer-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8636035 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Spanish telecommunications company Telefónica confirms its internal ticketing system was breached after stolen data was leaked on a hacking forum. [...]]]> 2025-01-10T14:15:09+00:00 https://www.bleepingcomputer.com/news/security/telefonica-confirms-internal-ticketing-system-breach-after-data-leak/ www.secnews.physaphae.fr/article.php?IdArticle=8635747 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Threat actors are employing a new tactic called "transaction simulation spoofing" to steal crypto, with one attack successfully stealing 143.45 Ethereum, worth approximately $460,000. [...]]]> 2025-01-10T13:12:17+00:00 https://www.bleepingcomputer.com/news/security/new-web3-attack-exploits-transaction-simulations-to-steal-crypto/ www.secnews.physaphae.fr/article.php?IdArticle=8635730 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Docker is warning that Docker Desktop is not starting on macOS due to malware warnings after some files were signed with an incorrect code-signing certificate. [...]]]> 2025-01-10T11:37:59+00:00 https://www.bleepingcomputer.com/news/security/docker-desktop-blocked-on-macs-due-to-false-malware-alert/ www.secnews.physaphae.fr/article.php?IdArticle=8635695 False Malware None 3.0000000000000000 Bleeping Computer - Magazine Américain Popular cannabis brand STIIIZY disclosed a data breach this week after hackers breached its point-of-sale (POS) vendor to steal customer information, including government IDs and purchase information. [...]]]> 2025-01-10T10:19:50+00:00 https://www.bleepingcomputer.com/news/security/stiiizy-data-breach-exposes-cannabis-buyers-ids-and-purchases/ www.secnews.physaphae.fr/article.php?IdArticle=8635672 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain ​BayMark Health Services, North America\'s largest provider of substance use disorder (SUD) treatment and recovery services, is notifying an undisclosed number of patients that attackers stole their personal and health information in a September 2024 breach. [...]]]> 2025-01-09T16:07:03+00:00 https://www.bleepingcomputer.com/news/security/largest-us-addiction-treatment-provider-notifies-patients-of-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8635395 False Data Breach None 3.0000000000000000 Bleeping Computer - Magazine Américain The National Police Agency (NPA) and the Cabinet Cyber Security Center in Japan have linked a cyber-espionage campaign targeting the country to the Chinese state-backed "MirrorFace" hacking group. [...]]]> 2025-01-09T12:20:26+00:00 https://www.bleepingcomputer.com/news/security/mirrorface-hackers-targeting-japanese-govt-politicians-since-2019/ www.secnews.physaphae.fr/article.php?IdArticle=8635353 False Legislation None 3.0000000000000000 Bleeping Computer - Magazine Américain ​Chinese state-backed hackers, tracked as Silk Typhoon, have been linked to the U.S. Office of Foreign Assets Control (OFAC) hack in early December. [...]]]> 2025-01-09T11:49:01+00:00 https://www.bleepingcomputer.com/news/security/us-treasury-hack-linked-to-silk-typhoon-chinese-state-hackers/ www.secnews.physaphae.fr/article.php?IdArticle=8635335 False Hack None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN appliances new malware called \'Dryhook\' and \'Phasejam\' that is not currently associated with any threat group. [...]]]> 2025-01-09T11:11:20+00:00 https://www.bleepingcomputer.com/news/security/google-chinese-hackers-likely-behind-ivanti-vpn-zero-day-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8635336 False Malware,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Ivanti is warning that a new Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 was exploited in zero-day attacks to install malware on appliances. [...]]]> 2025-01-08T15:43:34+00:00 https://www.bleepingcomputer.com/news/security/ivanti-warns-of-new-connect-secure-flaw-used-in-zero-day-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8635045 False Malware,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Russian internet service provider Nodex confirmed on Tuesday that its network was "destroyed" in a cyberattack claimed by Ukrainian hacktivists part of the Ukrainian Cyber Alliance [...]]]> 2025-01-08T14:26:04+00:00 https://www.bleepingcomputer.com/news/security/russian-isp-confirms-ukrainian-hackers-destroyed-its-network/ www.secnews.physaphae.fr/article.php?IdArticle=8635026 False None None 4.0000000000000000 Bleeping Computer - Magazine Américain ​Medusind, a leading billing provider for healthcare organizations, is notifying hundreds of thousands of individuals of a data breach that exposed their personal and health information more than a year ago, in December 2023. [...]]]> 2025-01-08T12:28:01+00:00 https://www.bleepingcomputer.com/news/security/medical-billing-firm-medusind-discloses-breach-affecting-360-000-people/ www.secnews.physaphae.fr/article.php?IdArticle=8634984 False Data Breach,Medical None 3.0000000000000000 Bleeping Computer - Magazine Américain ​American football team Green Bay Packers says cybercriminals stole the credit card data of over 8,500 customers after hacking its official Pro Shop online retail store in a September breach. [...]]]> 2025-01-08T10:05:50+00:00 https://www.bleepingcomputer.com/news/security/thousands-of-credit-cards-stolen-in-green-bay-packers-store-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8634926 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain ​The United Nations\' International Civil Aviation Organization (ICAO) has confirmed that a threat actor has stolen approximately 42,000 records after hacking into its recruitment database. [...]]]> 2025-01-08T08:30:46+00:00 https://www.bleepingcomputer.com/news/security/un-aviation-agency-confirms-recruitment-database-security-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8634902 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Education software giant PowerSchool has confirmed it suffered a cybersecurity incident that allowed a threat actor to steal the personal information of students and teachers from school districts using its PowerSchool SIS platform. [...]]]> 2025-01-07T23:26:09+00:00 https://www.bleepingcomputer.com/news/security/powerschool-hack-exposes-student-teacher-data-from-k-12-districts/ www.secnews.physaphae.fr/article.php?IdArticle=8634751 False Hack,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Japanese electronics manufacturer Casio says that the October 2024 ransomware incident exposed the personal data of approximately 8,500 people. [...]]]> 2025-01-07T16:56:52+00:00 https://www.bleepingcomputer.com/news/security/casio-says-data-of-8-500-people-exposed-in-october-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8634656 False Ransomware None 2.0000000000000000 Bleeping Computer - Magazine Américain ​Today, the White House announced the launch of the U.S. Cyber Trust Mark, a new cybersecurity safety label for internet-connected consumer devices. [...]]]> 2025-01-07T15:21:26+00:00 https://www.bleepingcomputer.com/news/security/us-govt-launches-cybersecurity-safety-label-for-smart-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8634639 False None None 3.0000000000000000