This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-12T22:44:50+00:00 www.secnews.physaphae.fr Bleeping Computer - Magazine Américain ​CISA warned today that attackers are actively exploiting a maximum-severity GitLab vulnerability that allows them to take over accounts via password resets. [...]]]> 2024-05-01T12:29:36+00:00 https://www.bleepingcomputer.com/news/security/cisa-says-gitlab-account-takeover-bug-is-actively-exploited-in-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8491933 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Google has increased rewards for reporting remote code execution vulnerabilities within select Android apps by ten times, from $30,000 to $300,000, with the maximum reward reaching $450,000 for exceptional quality reports. [...]]]> 2024-04-30T14:33:51+00:00 https://www.bleepingcomputer.com/news/security/google-now-pays-up-to-450-000-for-rce-bugs-in-some-android-apps/ www.secnews.physaphae.fr/article.php?IdArticle=8491419 False Vulnerability,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain ​Cisco warned today that a state-backed hacking group has been exploiting two zero-day vulnerabilities in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls since November 2023 to breach government networks worldwide. [...]]]> 2024-04-24T13:07:51+00:00 https://www.bleepingcomputer.com/news/security/arcanedoor-hackers-exploit-cisco-zero-days-to-breach-govt-networks/ www.secnews.physaphae.fr/article.php?IdArticle=8488121 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Ivanti has released security updates to fix 27 vulnerabilities in its Avalanche mobile device management (MDM) solution, two of them critical heap overflows that can be exploited for remote command execution. [...]]]> 2024-04-16T15:52:14+00:00 https://www.bleepingcomputer.com/news/security/ivanti-warns-of-critical-flaws-in-its-avalanche-mdm-solution/ www.secnews.physaphae.fr/article.php?IdArticle=8483648 False Vulnerability,Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain Suspected state-sponsored hackers have been exploiting a zero-day vulnerability in Palo Alto Networks firewalls tracked as CVE-2024-3400 since March 26, using the compromised devices to breach internal networks, steal data and credentials. [...]]]> 2024-04-13T08:35:15+00:00 https://www.bleepingcomputer.com/news/security/palo-alto-networks-zero-day-exploited-since-march-to-backdoor-firewalls/ www.secnews.physaphae.fr/article.php?IdArticle=8481394 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Microsoft has fixed two actively exploited zero-day vulnerabilities during the April 2024 Patch Tuesday, although the company failed to initially tag them as such. [...]]]> 2024-04-09T18:06:06+00:00 https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-two-windows-zero-days-exploited-in-malware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8478933 False Malware,Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain A Romanian botnet group named \'RUBYCARP\' is leveraging known vulnerabilities and performing brute force attacks to breach corporate networks and compromise servers for financial gain. [...]]]> 2024-04-09T11:30:06+00:00 https://www.bleepingcomputer.com/news/security/rubycarp-hackers-linked-to-10-year-old-cryptomining-botnet/ www.secnews.physaphae.fr/article.php?IdArticle=8478768 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Newly discovered HTTP/2 protocol vulnerabilities called "CONTINUATION Flood" can lead to denial of service (DoS) attacks, crashing web servers with a single TCP connection in some implementations. [...]]]> 2024-04-04T11:28:55+00:00 https://www.bleepingcomputer.com/news/security/new-http-2-dos-attack-can-crash-web-servers-with-a-single-connection/ www.secnews.physaphae.fr/article.php?IdArticle=8475966 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain IT security software company Ivanti has released patches to fix multiple security vulnerabilities impacting its Connect Secure and Policy Secure gateways. [...]]]> 2024-04-03T13:29:32+00:00 https://www.bleepingcomputer.com/news/security/ivanti-fixes-vpn-gateway-vulnerability-allowing-rce-dos-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8475367 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Data belonging to more than 1.3 million customers of the PandaBuy online shopping platform has been leaked, allegedly after two threat actors exploited multiple vulnerabilities to breach systems. [...]]]> 2024-04-01T11:00:28+00:00 https://www.bleepingcomputer.com/news/security/shopping-platform-pandabuy-data-leak-impacts-13-million-users/ www.secnews.physaphae.fr/article.php?IdArticle=8474071 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Google\'s Threat Analysis Group (TAG) and Google subsidiary Mandiant said they\'ve observed a significant increase in the number of zero-day vulnerabilities exploited in attacks in 2023, many of them linked to spyware vendors and their clients. [...]]]> 2024-03-27T09:00:00+00:00 https://www.bleepingcomputer.com/news/security/google-spyware-vendors-behind-50-percent-of-zero-days-exploited-in-2023/ www.secnews.physaphae.fr/article.php?IdArticle=8471385 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A new hacking campaign dubbed "ShadowRay" targets an unpatched vulnerability in Ray, a popular open-source AI framework, to hijack computing power and leak sensitive data from thousands of companies. [...]]]> 2024-03-26T14:51:32+00:00 https://www.bleepingcomputer.com/news/security/hackers-exploit-ray-framework-flaw-to-breach-servers-hijack-resources/ www.secnews.physaphae.fr/article.php?IdArticle=8470917 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Ivanti warned customers to immediately patch a critical severity Standalone Sentry vulnerability reported by NATO Cyber Security Centre researchers. [...]]]> 2024-03-20T13:08:58+00:00 https://www.bleepingcomputer.com/news/security/ivanti-fixes-critical-standalone-sentry-bug-reported-by-nato/ www.secnews.physaphae.fr/article.php?IdArticle=8467447 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain The Cyber Crime Center (DC3) of the U.S. Department of Defense (DoD) says it has reached the milestone of processing its 50,000th vulnerability report submitted by 5,635 researchers since its inception in November 2016. [...]]]> 2024-03-19T17:13:01+00:00 https://www.bleepingcomputer.com/news/security/us-defense-dept-received-50-000-vulnerability-reports-since-2016/ www.secnews.physaphae.fr/article.php?IdArticle=8466936 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain A new wave of attacks by the DarkGate malware operation exploits a now-fixed Windows Defender SmartScreen vulnerability to bypass security checks and automatically install fake software installers. [...]]]> 2024-03-13T17:26:41+00:00 https://www.bleepingcomputer.com/news/security/hackers-exploit-windows-smartscreen-flaw-to-drop-darkgate-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8463461 False Malware,Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers are breaching WordPress sites by exploiting a vulnerability in outdated versions of the Popup Builder plugin, infecting over 3,300 websites with malicious code. [...]]]> 2024-03-10T11:38:34+00:00 https://www.bleepingcomputer.com/news/security/hackers-exploit-wordpress-plugin-flaw-to-infect-3-300-sites-with-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8461729 False Malware,Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain A financially motivated hacking group named Magnet Goblin uses various 1-day vulnerabilities to breach public-facing servers and deploy custom malware on Windows and Linux systems. [...]]]> 2024-03-09T10:08:16+00:00 https://www.bleepingcomputer.com/news/security/magnet-goblin-hackers-use-1-day-flaws-to-drop-custom-linux-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8461730 False Malware,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain CISA ordered U.S. Federal Civilian Executive Branch (FCEB) agencies to secure their Windows systems against a high-severity vulnerability in the Microsoft Streaming Service (MSKSSRV.SYS) that\'s actively exploited in attacks. [...]]]> 2024-03-01T14:18:31+00:00 https://www.bleepingcomputer.com/news/security/cisa-warns-of-microsoft-streaming-bug-exploited-in-malware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8457657 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed today that attackers who hack Ivanti VPN appliances using one of multiple actively exploited vulnerabilities may be able to maintain root persistence even after performing factory resets. [...]]]> 2024-02-29T15:35:08+00:00 https://www.bleepingcomputer.com/news/security/cisa-cautions-against-using-hacked-ivanti-vpn-gateways-even-after-factory-resets/ www.secnews.physaphae.fr/article.php?IdArticle=8457254 False Hack,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain The White House Office of the National Cyber Director (ONCD) urged tech companies today to switch to memory-safe programming languages, such as Rust, to improve software security by reducing the number of memory safety vulnerabilities. [...]]]> 2024-02-26T16:34:42+00:00 https://www.bleepingcomputer.com/news/security/white-house-urges-devs-to-switch-to-memory-safe-programming-languages/ www.secnews.physaphae.fr/article.php?IdArticle=8455575 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Attackers are exploiting a maximum severity authentication bypass vulnerability to breach unpatched ScreenConnect servers and deploy LockBit ransomware payloads on compromised networks. [...]]]> 2024-02-22T13:34:58+00:00 https://www.bleepingcomputer.com/news/security/new-screenconnect-rce-flaw-exploited-in-ransomware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8454111 False Ransomware,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Both technical details and proof-of-concept exploits are available for the two vulnerabilities ConnectWise disclosed earlier this week for ScreenConnect, its remote desktop and access software. [...]]]> 2024-02-21T12:18:14+00:00 https://www.bleepingcomputer.com/news/security/screenconnect-critical-bug-now-under-attack-as-exploit-code-emerges/ www.secnews.physaphae.fr/article.php?IdArticle=8453302 False Vulnerability,Threat,Technical None 3.0000000000000000 Bleeping Computer - Magazine Américain A serious vulnerability named KeyTrap in the Domain Name System Security Extensions (DNSSEC) feature could be exploited to deny internet access to applications for an extended period. [...]]]> 2024-02-17T11:08:19+00:00 https://www.bleepingcomputer.com/news/security/keytrap-attack-internet-access-disrupted-with-one-dns-packet/ www.secnews.physaphae.fr/article.php?IdArticle=8452308 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain A logic flaw between Ubuntu\'s \'command-not-found\' package suggestion system and the snap package repository could enable attackers to promote malicious Linux packages to unsuspecting users. [...]]]> 2024-02-14T11:00:14+00:00 https://www.bleepingcomputer.com/news/security/ubuntu-command-not-found-tool-can-be-abused-to-spread-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8450038 False Malware,Tool,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Microsoft has patched today a Windows Defender SmartScreen zero-day exploited in the wild by a financially motivated threat group to deploy the DarkMe remote access trojan (RAT). [...]]]> 2024-02-13T15:52:54+00:00 https://www.bleepingcomputer.com/news/security/hackers-used-new-windows-defender-zero-day-to-drop-darkme-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8449717 False Malware,Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Commercial spyware vendors (CSV) were behind 80% of the zero-day vulnerabilities Google\'s Threat Analysis Group (TAG) discovered in 2023 and used to spy on devices worldwide. [...]]]> 2024-02-06T12:27:54+00:00 https://www.bleepingcomputer.com/news/security/google-says-spyware-vendors-behind-most-zero-days-it-discovers/ www.secnews.physaphae.fr/article.php?IdArticle=8447360 False Vulnerability,Threat,Commercial None 4.0000000000000000 Bleeping Computer - Magazine Américain A new vulnerability dubbed \'LeftoverLocals\' affecting graphics processing units from AMD, Apple, Qualcomm, and Imagination Technologies allows retrieving data from the local memory space. [...]]]> 2024-01-17T10:32:06+00:00 https://www.bleepingcomputer.com/news/security/amd-apple-qualcomm-gpus-leak-ai-data-in-leftoverlocals-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8439930 False Vulnerability None 4.0000000000000000 Bleeping Computer - Magazine Américain A Phemedrone information-stealing malware campaign exploits a Microsoft Defender SmartScreen vulnerability (CVE-2023-36025) to bypass Windows security prompts when opening URL files. [...]]]> 2024-01-15T13:32:13+00:00 https://www.bleepingcomputer.com/news/security/windows-smartscreen-flaw-exploited-to-drop-phemedrone-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8439313 False Malware,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers have been exploiting the two zero-day vulnerabilities in Ivanti Connect Secure disclosed this week since early December to deploy multiple families of custom malware for espionage purposes. [...]]]> 2024-01-12T10:30:18+00:00 https://www.bleepingcomputer.com/news/security/ivanti-connect-secure-zero-days-exploited-to-deploy-custom-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8438313 False Malware,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain The U.S. Cybersecurity and Infrastructure Security Agency has added to its to the Known Exploited Vulnerabilities catalog six vulnerabilities that impact products from Adobe, Apache, D-Link, and Joomla. [...]]]> 2024-01-09T14:32:37+00:00 https://www.bleepingcomputer.com/news/security/cisa-warns-agencies-of-fourth-flaw-used-in-triangulation-spyware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8437272 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Cyber Threat Intelligence (CTI) search engine Criminal IP has established a technical partnership with Tenable. Learn more from Criminal IP about how this partnership can assist in real-time vulnerability and maliciousness scans. [...]]]> 2024-01-09T10:02:04+00:00 https://www.bleepingcomputer.com/news/security/criminal-ip-and-tenable-partner-for-swift-vulnerability-detection/ www.secnews.physaphae.fr/article.php?IdArticle=8437214 False Vulnerability,Threat,Technical None 2.0000000000000000 Bleeping Computer - Magazine Américain The Israel National Cyber Directorate warns of phishing emails pretending to be F5 BIG-IP zero-day security updates that deploy Windows and Linux data wipers. [...]]]> 2023-12-20T16:52:42+00:00 https://www.bleepingcomputer.com/news/security/fake-f5-big-ip-zero-day-warning-emails-push-data-wipers/ www.secnews.physaphae.fr/article.php?IdArticle=8426358 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Academic researchers developed a new attack called Terrapin that manipulates sequence numbers during the handshake process to breaks the SSH channel integrity when certain widely-used encryption modes are used. [...]]]> 2023-12-19T12:03:18+00:00 https://www.bleepingcomputer.com/news/security/terrapin-attacks-can-downgrade-security-of-openssh-connections/ www.secnews.physaphae.fr/article.php?IdArticle=8425554 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain A Mirai-based botnet named \'InfectedSlurs\' is exploiting a remote code execution (RCE) vulnerability in QNAP VioStor NVR (Network Video Recorder) devices to hijack and make them part of its DDoS (distributed denial of service) swarm. [...]]]> 2023-12-16T11:17:34+00:00 https://www.bleepingcomputer.com/news/security/qnap-viostor-nvr-vulnerability-actively-exploited-by-malware-botnet/ www.secnews.physaphae.fr/article.php?IdArticle=8423779 False Malware,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain A new set of vulnerabilities in 5G modems by Qualcomm and MediaTek, collectively called "5Ghoul," impact 710 5G smartphone models from Google partners (Android) and Apple, routers, and USB modems. [...]]]> 2023-12-08T10:23:53+00:00 https://www.bleepingcomputer.com/news/security/new-5ghoul-attack-impacts-5g-phones-with-qualcomm-mediatek-chips/ www.secnews.physaphae.fr/article.php?IdArticle=8420213 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning about hackers actively exploiting a critical vulnerability in Adobe ColdFusion identified as CVE-2023-26360 to gain initial access to government servers. [...]]]> 2023-12-05T12:07:17+00:00 https://www.bleepingcomputer.com/news/security/hackers-breach-us-govt-agencies-using-adobe-coldfusion-exploit/ www.secnews.physaphae.fr/article.php?IdArticle=8419323 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Google announced today that the December 2023 Android security updates tackle 85 vulnerabilities, including a critical severity zero-click remote code execution (RCE) bug. [...]]]> 2023-12-04T14:37:38+00:00 https://www.bleepingcomputer.com/news/security/december-android-updates-fix-critical-zero-click-rce-flaw/ www.secnews.physaphae.fr/article.php?IdArticle=8419096 False Vulnerability,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Multiple security vulnerabilities collectively named LogoFAIL affect image-parsing components in the UEFI code from various vendors. Researchers warn that they could be exploited to hijack the execution flow of the booting process and to deliver bootkits. [...]]]> 2023-11-30T22:08:26+00:00 https://www.bleepingcomputer.com/news/security/logofail-attack-can-install-uefi-bootkits-through-bootup-logos/ www.secnews.physaphae.fr/article.php?IdArticle=8418371 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Cactus ransomware has been exploiting critical vulnerabilities in the Qlik Sense data analytics solution to get initial access on corporate networks. [...]]]> 2023-11-30T12:46:34+00:00 https://www.bleepingcomputer.com/news/security/cactus-ransomware-exploiting-qlik-sense-flaws-to-breach-networks/ www.secnews.physaphae.fr/article.php?IdArticle=8418131 False Ransomware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain A new Android malware named FjordPhantom has been discovered using virtualization to run malicious code in a container and evade detection. [...]]]> 2023-11-30T09:00:00+00:00 https://www.bleepingcomputer.com/news/security/fjordphantom-android-malware-uses-virtualization-to-evade-detection/ www.secnews.physaphae.fr/article.php?IdArticle=8418099 False Malware,Vulnerability,Mobile,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain A new Mirai-based malware botnet named \'InfectedSlurs\' has been exploiting two zero-day remote code execution (RCE) vulnerabilities to infect routers and video recorder (NVR) devices. [...]]]> 2023-11-22T12:39:04+00:00 https://www.bleepingcomputer.com/news/security/new-botnet-malware-exploits-two-zero-days-to-infect-nvrs-and-routers/ www.secnews.physaphae.fr/article.php?IdArticle=8416022 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain The Lumma information-stealer malware (aka \'LummaC2\') is promoting a new feature that allegedly allows cybercriminals to restore expired Google cookies, which can be used to hijack Google accounts. [...]]]> 2023-11-21T14:29:05+00:00 https://www.bleepingcomputer.com/news/security/malware-dev-says-they-can-revive-expired-google-auth-cookies/ www.secnews.physaphae.fr/article.php?IdArticle=8415993 False Malware,Vulnerability None 4.0000000000000000 Bleeping Computer - Magazine Américain The Kinsing malware operator is actively exploiting the CVE-2023-46604 critical vulnerability in the Apache ActiveMQ open-source message broker to compromise Linux systems. [...]]]> 2023-11-20T11:54:44+00:00 https://www.bleepingcomputer.com/news/security/kinsing-malware-exploits-apache-activemq-rce-to-plant-rootkits/ www.secnews.physaphae.fr/article.php?IdArticle=8414942 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain After Sandworm and APT28 (known as Fancy Bear), another state-sponsored Russian hacker group, APT29, is leveraging the CVE-2023-38831 vulnerability in WinRAR for cyberattacks. [...]]]> 2023-11-19T11:14:25+00:00 https://www.bleepingcomputer.com/news/security/russian-hackers-use-ngrok-feature-and-winrar-exploit-to-attack-embassies/ www.secnews.physaphae.fr/article.php?IdArticle=8414888 False Vulnerability,Threat APT 29,APT 28 3.0000000000000000 Bleeping Computer - Magazine Américain A new software-based fault injection attack, CacheWarp, can let threat actors hack into AMD SEV-protected virtual machines by targeting memory writes to escalate privileges and gain remote code execution. [...]]]> 2023-11-14T15:34:15+00:00 https://www.bleepingcomputer.com/news/security/new-cachewarp-amd-cpu-attack-lets-hackers-gain-root-in-linux-vms/ www.secnews.physaphae.fr/article.php?IdArticle=8412075 False Hack,Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain The Lockbit ransomware attacks use publicly available exploits for the Citrix Bleed vulnerability (CVE-2023-4966) to breach the systems of large organizations, steal data, and encrypt files. [...]]]> 2023-11-14T15:03:21+00:00 https://www.bleepingcomputer.com/news/security/lockbit-ransomware-exploits-citrix-bleed-in-attacks-10k-servers-exposed/ www.secnews.physaphae.fr/article.php?IdArticle=8412057 False Ransomware,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Security researchers are warning that hackers are targeting multiple healthcare organizations in the U.S. by abusing the ScreenConnect remote access tool. [...]]]> 2023-11-10T14:57:04+00:00 https://www.bleepingcomputer.com/news/security/hackers-breach-healthcare-orgs-via-screenconnect-remote-access/ www.secnews.physaphae.fr/article.php?IdArticle=8409273 False Tool,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain The State of Maine has announced that its systems were breached after threat actors exploited a vulnerability in the MOVEit file transfer tool and accessed personal information of about 1.3 million, which is close to the state\'s entire population. [...]]]> 2023-11-10T11:21:23+00:00 https://www.bleepingcomputer.com/news/security/maine-govt-notifies-13-million-people-of-moveit-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8409199 False Data Breach,Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Password reuse is a difficult vulnerability for IT teams to get full visibility over. Learn more from Specops Software on how to mitigate the risk of compromised credentials. [...]]]> 2023-11-02T10:01:02+00:00 https://www.bleepingcomputer.com/news/security/your-end-users-are-reusing-passwords-thats-a-big-problem/ www.secnews.physaphae.fr/article.php?IdArticle=8404727 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Public exploit code is now available for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198 that was leveraged as a zero-day to hack tens of thousands of devices. [...]]]> 2023-10-30T23:09:43+00:00 https://www.bleepingcomputer.com/news/security/exploit-released-for-critical-cisco-ios-xe-flaw-many-hosts-still-hacked/ www.secnews.physaphae.fr/article.php?IdArticle=8403268 False Hack,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain HackerOne has announced that its bug bounty programs have awarded over $300 million in rewards to ethical hackers and vulnerability researchers since the platform\'s inception. [...]]]> 2023-10-28T11:17:34+00:00 https://www.bleepingcomputer.com/news/security/hackerone-paid-ethical-hackers-over-300-million-in-bug-bounties/ www.secnews.physaphae.fr/article.php?IdArticle=8402024 False Vulnerability,Studies None 4.0000000000000000 Bleeping Computer - Magazine Américain Cisco has addressed the two vulnerabilities (CVE-2023-20198 and CVE-2023-20273) that hackers exploited to compromise tens of thousands of IOS XE devices over the past week. [...]]]> 2023-10-23T10:08:05+00:00 https://www.bleepingcomputer.com/news/security/cisco-patches-ios-xe-zero-days-used-to-hack-over-50-000-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8399320 False Hack,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain More than 40,000 Cisco devices running the IOS XE operating system have been compromised after hackers exploited a recently disclosed maximum severity vulnerability tracked as CVE-2023-20198. [...]]]> 2023-10-19T21:08:47+00:00 https://www.bleepingcomputer.com/news/security/over-40-000-cisco-ios-xe-devices-infected-with-backdoor-using-zero-day/ www.secnews.physaphae.fr/article.php?IdArticle=8397991 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Microsoft says that the North Korean Lazarus and Andariel hacking groups are exploiting the CVE-2023-42793 flaw in TeamCity servers to deploy backdoor malware, likely to conduct software supply chain attacks. [...]]]> 2023-10-18T18:33:02+00:00 https://www.bleepingcomputer.com/news/security/north-korean-hackers-exploit-critical-teamcity-flaw-to-breach-networks/ www.secnews.physaphae.fr/article.php?IdArticle=8397455 False Vulnerability APT 38 3.0000000000000000 Bleeping Computer - Magazine Américain The popular D-Link DAP-X1860 WiFi 6 range extender is susceptible to a vulnerability allowing DoS (denial of service) attacks and remote command injection. [...]]]> 2023-10-09T17:53:34+00:00 https://www.bleepingcomputer.com/news/security/d-link-wifi-range-extender-vulnerable-to-command-injection-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8393385 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Google has released the October 2023 security updates for Android, addressing 54 unique vulnerabilities, including two known to be actively exploited. [...]]]> 2023-10-03T14:12:57+00:00 https://www.bleepingcomputer.com/news/security/android-october-security-update-fixes-zero-days-exploited-in-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8391100 False Vulnerability,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain A flaw related to the PKCS #1 v1.5 padding in SSL servers discovered in 1998 and believed to have been resolved still impacts several widely-used projects today. [...]]]> 2023-10-01T10:16:08+00:00 https://www.bleepingcomputer.com/news/security/new-marvin-attack-revives-25-year-old-decryption-flaw-in-rsa/ www.secnews.physaphae.fr/article.php?IdArticle=8390192 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Researchers from four American universities have developed a new GPU side-channel attack that leverages data compression to leak sensitive visual data from modern graphics cards when visiting web pages. [...]]]> 2023-09-27T10:06:58+00:00 https://www.bleepingcomputer.com/news/security/modern-gpus-vulnerable-to-new-gpuzip-side-channel-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8388411 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain A hacker is spreading a fake proof-of-concept (PoC) exploit for a recently fixed WinRAR vulnerability on GitHub, attempting to infect downloaders with the VenomRAT malware. [...]]]> 2023-09-20T10:49:34+00:00 https://www.bleepingcomputer.com/news/security/fake-winrar-proof-of-concept-exploit-drops-venomrat-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8385859 False Malware,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered federal agencies today to patch security vulnerabilities abused as part of a zero-click iMessage exploit chain to infect iPhones with NSO Group\'s Pegasus spyware. [...]]]> 2023-09-11T12:21:57+00:00 https://www.bleepingcomputer.com/news/security/cisa-warns-govt-agencies-to-secure-iphones-against-spyware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8381417 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers are exploiting two recent MinIO vulnerabilities to breach object storage systems and access private information, execute arbitrary code, and potentially take over servers. [...]]]> 2023-09-04T12:45:19+00:00 https://www.bleepingcomputer.com/news/security/hackers-exploit-minio-storage-system-to-breach-corporate-networks/ www.secnews.physaphae.fr/article.php?IdArticle=8378835 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain A new version of the DreamBus botnet malware exploits a critical-severity remote code execution vulnerability in RocketMQ servers to infect devices. [...]]]> 2023-08-29T15:17:34+00:00 https://www.bleepingcomputer.com/news/security/dreambus-malware-exploits-rocketmq-flaw-to-infect-servers/ www.secnews.physaphae.fr/article.php?IdArticle=8376419 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain The North Korean state-backed hacker group tracked as Lazarus has been exploiting a critical vulnerability (CVE-2022-47966) in Zoho\'s ManageEngine ServiceDesk to compromise an internet backbone infrastructure provider and healthcare organizations. [...]]]> 2023-08-24T08:31:20+00:00 https://www.bleepingcomputer.com/news/security/hackers-use-public-manageengine-exploit-to-breach-internet-org/ www.secnews.physaphae.fr/article.php?IdArticle=8374056 False Vulnerability APT 38 2.0000000000000000 Bleeping Computer - Magazine Américain A WinRar zero-day vulnerability tracked as CVE-2023-38831 was actively exploited to install malware when clicking on harmless files in an archive, allowing the hackers to breach online cryptocurrency trading accounts. [...]]]> 2023-08-23T09:53:26+00:00 https://www.bleepingcomputer.com/news/security/winrar-zero-day-exploited-since-april-to-hack-trading-accounts/ www.secnews.physaphae.fr/article.php?IdArticle=8373658 False Malware,Hack,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Researchers from Italy and the UK have discovered four vulnerabilities in the TP-Link Tapo L530E smart bulb and TP-Link\'s Tapo app, which could allow attackers to steal their target\'s WiFi password. [...]]]> 2023-08-21T15:55:29+00:00 https://www.bleepingcomputer.com/news/security/tp-link-smart-bulbs-can-let-hackers-steal-your-wifi-password/ www.secnews.physaphae.fr/article.php?IdArticle=8372855 False Vulnerability None 4.0000000000000000 Bleeping Computer - Magazine Américain Fortinet has issued an alert warning that the Gafgyt botnet malware is actively trying to exploit a vulnerability in the end-of-life Zyxel P660HN-T1A router in thousands of daily attacks. [...]]]> 2023-08-10T16:35:04+00:00 https://www.bleepingcomputer.com/news/security/gafgyt-malware-exploits-five-years-old-flaw-in-eol-zyxel-router/ www.secnews.physaphae.fr/article.php?IdArticle=8368560 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft today released a defense-in-depth update for Microsoft Office that prevents exploitation of a remote code execution (RCE) vulnerability tracked as CVE-2023-36884 that threat actors have already leveraged in attacks. [...]]]> 2023-08-08T16:15:31+00:00 https://www.bleepingcomputer.com/news/security/microsoft-office-update-breaks-actively-exploited-rce-attack-chain/ www.secnews.physaphae.fr/article.php?IdArticle=8367470 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers exploited a zero-day vulnerability in Salesforce\'s email services and SMTP servers to launch a sophisticated phishing campaign targeting valuable Facebook accounts. [...]]]> 2023-08-02T09:52:47+00:00 https://www.bleepingcomputer.com/news/security/hackers-exploited-salesforce-zero-day-in-facebook-phishing-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8364752 False Vulnerability None 1.00000000000000000000 Bleeping Computer - Magazine Américain Google has published its annual 0-day vulnerability report, presenting in-the-wild exploitation stats from 2022 and highlighting a long-standing problem in the Android platform that elevates the value and use of disclosed flaws for extended periods. [...]]]> 2023-07-30T10:16:08+00:00 https://www.bleepingcomputer.com/news/security/google-android-patch-gap-makes-n-days-as-dangerous-as-zero-days/ www.secnews.physaphae.fr/article.php?IdArticle=8363570 False Vulnerability None 4.0000000000000000 Bleeping Computer - Magazine Américain Ivanti has fixed another vulnerability in the Endpoint Manager Mobile software (formerly MobileIron Core), exploited as a zero-day to breach the IT systems of a dozen ministries in Norway. [...]]]> 2023-07-28T15:38:41+00:00 https://www.bleepingcomputer.com/news/security/ivanti-patches-new-zero-day-exploited-in-norwegian-govt-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8362900 False Vulnerability None 1.00000000000000000000 Bleeping Computer - Magazine Américain CISA warned today of the significant breach risks linked to insecure direct object reference (IDOR) vulnerabilities impacting web applications in a joint advisory with the Australian Cyber Security Centre (ACSC) and U.S. National Security Agency (NSA). [...]]]> 2023-07-28T12:10:51+00:00 https://www.bleepingcomputer.com/news/security/cisa-warns-of-breach-risks-from-idor-web-app-vulnerabilities/ www.secnews.physaphae.fr/article.php?IdArticle=8362840 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain The Norwegian National Security Authority (NSM) has confirmed that attackers used a zero-day vulnerability in Ivanti\'s Endpoint Manager Mobile (EPMM) solution to breach a software platform used by 12 ministries in the country. [...]]]> 2023-07-25T02:42:54+00:00 https://www.bleepingcomputer.com/news/security/norway-says-ivanti-zero-day-was-used-to-hack-govt-it-systems/ www.secnews.physaphae.fr/article.php?IdArticle=8361085 False Hack,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Google\'s security researcher Tavis Ormandy discovered a new vulnerability impacting AMD Zen2 CPUs that could allow a malicious actor to steal sensitive data, such as passwords and encryption keys, at a rate of 30KB/sec from each CPU core. [...]]]> 2023-07-24T17:28:38+00:00 https://www.bleepingcomputer.com/news/security/zenbleed-attack-leaks-sensitive-data-from-amd-zen2-processors/ www.secnews.physaphae.fr/article.php?IdArticle=8360939 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain The US government is warning that threat actors breached the network of a U.S. organization in the critical infrastructure sector after exploiting a zero-day RCE vulnerability currently identified as CVE-2023-3519, a critical-severity issue in NetScaler ADC and Gateway that Citrix patched this week. [...]]]> 2023-07-21T08:51:36+00:00 https://www.bleepingcomputer.com/news/security/netscaler-adc-bug-exploited-to-breach-us-critical-infrastructure-org/ www.secnews.physaphae.fr/article.php?IdArticle=8359803 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Shutterfly, an online retail and photography manufacturing platform, is among the latest victims hit by Clop ransomware. Over the last few months, Clop ransomware gang has been exploiting a vulnerability in the MOVEit File Transfer utility to breach hundreds of companies to steal their data and attempt extortion against them. [...]]]> 2023-07-14T04:09:40+00:00 https://www.bleepingcomputer.com/news/security/shutterfly-says-clop-ransomware-attack-did-not-impact-customer-data/ www.secnews.physaphae.fr/article.php?IdArticle=8356447 False Ransomware,Data Breach,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain ​Cybersecurity researchers and threat actors are targeted by a fake proof of concept (PoC) CVE-2023-35829 exploit that installs a Linux password-stealing malware. [...]]]> 2023-07-13T14:28:48+00:00 https://www.bleepingcomputer.com/news/security/fake-linux-vulnerability-exploit-drops-data-stealing-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8356143 False Malware,Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain CISA and the FBI warned today of new Truebot malware variants deployed on networks compromised using a critical remote code execution (RCE) vulnerability in the Netwrix Auditor software in attacks targeting organizations across the United States and Canada. [...]]]> 2023-07-06T12:57:17+00:00 https://www.bleepingcomputer.com/news/security/cisa-netwrix-auditor-rce-bug-exploited-in-truebot-malware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8352977 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Siemens Energy has confirmed that data was stolen during the recent Clop ransomware data-theft attacks using a zero-day vulnerability in the MOVEit Transfer platform. [...]]]> 2023-06-27T14:11:47+00:00 https://www.bleepingcomputer.com/news/security/siemens-energy-confirms-data-breach-after-moveit-data-theft-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8349845 False Ransomware,Data Breach,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain A new DDoS-as-a-Service botnet called "Condi" emerged in May 2023, exploiting a vulnerability in TP-Link Archer AX21 (AX1800) Wi-Fi routers to build an army of bots to conduct attacks. [...]]]> 2023-06-20T17:06:17+00:00 https://www.bleepingcomputer.com/news/security/new-condi-malware-builds-ddos-botnet-out-of-tp-link-ax21-routers/ www.secnews.physaphae.fr/article.php?IdArticle=8347473 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain The Clop ransomware gang has told BleepingComputer they are behind the MOVEit Transfer data-theft attacks, where a zero-day vulnerability was exploited to breach multiple companies\' servers and steal data. [...]]]> 2023-06-05T17:27:12+00:00 https://www.bleepingcomputer.com/news/security/clop-ransomware-claims-responsibility-for-moveit-extortion-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8342301 False Ransomware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain KeePass has released version 2.54, fixing the CVE-2023-3278 vulnerability that allows the extraction of the cleartext master password from the application\'s memory. [...]]]> 2023-06-05T10:15:30+00:00 https://www.bleepingcomputer.com/news/security/keepass-v254-fixes-bug-that-leaked-cleartext-master-password/ www.secnews.physaphae.fr/article.php?IdArticle=8342200 False Vulnerability None 1.00000000000000000000 Bleeping Computer - Magazine Américain Russian cybersecurity firm Kaspersky says some iPhones on its network were hacked using an iOS vulnerability that installed malware via iMessage zero-click exploits. Russia blames these attacks on US intelligence agencies. [...]]]> 2023-06-01T12:11:28+00:00 https://www.bleepingcomputer.com/news/security/russia-says-us-hacked-thousands-of-iphones-in-ios-zero-click-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8341261 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Network and email security firm Barracuda today revealed that a recently patched zero-day vulnerability had been exploited for at least seven months to backdoor customers\' Email Security Gateway (ESG) appliances with custom malware and steal data. [...]]]> 2023-05-30T16:25:22+00:00 https://www.bleepingcomputer.com/news/security/barracuda-zero-day-abused-since-2022-to-drop-new-malware-steal-data/ www.secnews.physaphae.fr/article.php?IdArticle=8340632 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Apple has recently addressed a vulnerability that lets attackers with root privileges bypass System Integrity Protection (SIP) to install "undeletable" malware and access the victim\'s private data by circumventing Transparency, Consent, and Control (TCC) security checks. [...]]]> 2023-05-30T15:20:41+00:00 https://www.bleepingcomputer.com/news/security/microsoft-finds-macos-bug-that-lets-hackers-bypass-sip-root-restrictions/ www.secnews.physaphae.fr/article.php?IdArticle=8340614 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain CISA warned of a recently patched zero-day vulnerability exploited last week to hack into Barracuda Email Security Gateway (ESG) appliances. [...]]]> 2023-05-27T12:14:25+00:00 https://www.bleepingcomputer.com/news/security/cisa-warns-govt-agencies-of-recently-patched-barracuda-zero-day/ www.secnews.physaphae.fr/article.php?IdArticle=8339903 False Hack,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Emby says it remotely shut down an undisclosed number of user-hosted media server instances that were recently hacked by exploiting a previously known vulnerability and an insecure admin account configuration. [...]]]> 2023-05-26T10:56:41+00:00 https://www.bleepingcomputer.com/news/security/emby-shuts-down-user-media-servers-hacked-in-recent-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8339613 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Google has launched the Mobile Vulnerability Rewards Program (Mobile VRP), a new bug bounty program that will pay security researchers for flaws found in the company\'s Android applications. [...]]]> 2023-05-22T17:18:38+00:00 https://www.bleepingcomputer.com/news/google/google-launches-bug-bounty-program-for-its-android-applications/ www.secnews.physaphae.fr/article.php?IdArticle=8338534 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain CISA warned today of a security vulnerability affecting Samsung devices used in attacks to bypass Android address space layout randomization (ASLR) protection. [...]]]> 2023-05-19T15:07:51+00:00 https://www.bleepingcomputer.com/news/security/cisa-warns-of-samsung-aslr-bypass-flaw-exploited-in-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8337965 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft has released security updates to address a Secure Boot zero-day vulnerability exploited by BlackLotus UEFI malware to infect fully patched Windows systems. [...]]]> 2023-05-09T14:45:48+00:00 https://www.bleepingcomputer.com/news/microsoft/microsoft-issues-optional-fix-for-secure-boot-zero-day-used-by-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8335008 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Android security updates released this month patch a high-severity vulnerability exploited as a zero-day to install commercial spyware on compromised devices. [...]]]> 2023-05-05T13:45:15+00:00 https://www.bleepingcomputer.com/news/security/new-android-updates-fix-kernel-bug-exploited-in-spyware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8333840 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Pediatric mental health provider Brightline is warning patients that it suffered a data breach impacting 783,606 people after a ransomware gang stole data using a zero-day vulnerability in its Fortra GoAnywhere MFT secure file-sharing platform. [...]]]> 2023-05-03T10:33:29+00:00 https://www.bleepingcomputer.com/news/security/brightline-data-breach-impacts-783k-pediatric-mental-health-patients/ www.secnews.physaphae.fr/article.php?IdArticle=8333169 False Ransomware,Data Breach,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain The Mirai malware botnet is actively exploiting a TP-Link Archer A21 (AX1800) WiFi router vulnerability tracked as CVE-2023-1389 to incorporate devices into DDoS (distributed denial of service) swarms. [...]]]> 2023-04-25T07:45:00+00:00 https://www.bleepingcomputer.com/news/security/tp-link-archer-wifi-router-flaw-exploited-by-mirai-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8330897 False Malware,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today of a high-severity Android vulnerability believed to have been exploited by a Chinese e-commerce app Pinduoduo as a zero-day to spy on its users. [...]]]> 2023-04-16T10:08:23+00:00 https://www.bleepingcomputer.com/news/security/cisa-warns-of-android-bug-exploited-by-chinese-app-to-spy-on-users/ www.secnews.physaphae.fr/article.php?IdArticle=8328422 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain A 10-year-old Windows vulnerability is still being exploited in attacks to make it appear that executables are legitimately signed, with the fix from Microsoft still "opt-in" after all these years. Even worse, the fix is removed after upgrading to Windows 11. [...]]]> 2023-03-31T10:38:23+00:00 https://www.bleepingcomputer.com/news/microsoft/10-year-old-windows-bug-with-opt-in-fix-exploited-in-3cx-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8323780 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain A digitally signed and trojanized version of the 3CX Voice Over Internet Protocol (VOIP) desktop client is reportedly being used to target the company\'s customers in an ongoing supply chain attack. [...]]]> 2023-03-29T18:46:47+00:00 https://www.bleepingcomputer.com/news/security/hackers-compromise-3cx-desktop-app-in-a-supply-chain-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8323303 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain 2023-03-14T16:43:43+00:00 https://www.bleepingcomputer.com/news/security/rubrik-confirms-data-theft-in-goanywhere-zero-day-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8318623 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain 2023-03-11T11:28:14+00:00 https://www.bleepingcomputer.com/news/security/cisa-warns-of-actively-exploited-plex-bug-after-lastpass-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8317619 False Vulnerability LastPass,LastPass 3.0000000000000000 Bleeping Computer - Magazine Américain 2023-03-08T13:13:30+00:00 https://www.bleepingcomputer.com/news/security/veeam-fixes-bug-that-lets-hackers-breach-backup-infrastructure/ www.secnews.physaphae.fr/article.php?IdArticle=8316748 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain 2023-02-22T16:17:06+00:00 https://www.bleepingcomputer.com/news/security/google-paid-12-million-in-bug-bounties-to-security-researchers/ www.secnews.physaphae.fr/article.php?IdArticle=8312589 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain 2023-02-14T11:26:54+00:00 https://www.bleepingcomputer.com/news/security/healthcare-giant-chs-reports-first-data-breach-in-goanywhere-hacks/ www.secnews.physaphae.fr/article.php?IdArticle=8310113 False Data Breach,Vulnerability None 2.0000000000000000