This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T15:13:24+00:00 www.secnews.physaphae.fr Bleeping Computer - Magazine Américain The Play ransomware gang has exploited a high-severity Windows Common Log File System flaw in zero-day attacks to gain SYSTEM privileges and deploy malware on compromised systems. [...]]]> 2025-05-07T10:45:19+00:00 https://www.bleepingcomputer.com/news/security/play-ransomware-exploited-windows-logging-flaw-in-zero-day-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8672809 False Ransomware,Malware,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers are exploiting an unauthenticated remote code execution (RCE) vulnerability in the Samsung MagicINFO 9 Server to hijack devices and deploy malware. [...]]]> 2025-05-06T13:10:23+00:00 https://www.bleepingcomputer.com/news/security/samsung-magicinfo-9-server-rce-flaw-now-exploited-in-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8672397 False Malware,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has tagged a Langflow remote code execution vulnerability as actively exploited, urging organizations to apply security updates and mitigations as soon as possible. [...]]]> 2025-05-06T12:05:10+00:00 https://www.bleepingcomputer.com/news/security/critical-langflow-rce-flaw-exploited-to-hack-ai-app-servers/ www.secnews.physaphae.fr/article.php?IdArticle=8672356 False Hack,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Google has released the May 2025 security updates for Android with fixes for 45 security flaws, including an actively exploited zero-click FreeType 2 code execution vulnerability. [...]]]> 2025-05-06T09:33:38+00:00 https://www.bleepingcomputer.com/news/security/google-fixes-actively-exploited-freetype-flaw-on-android/ www.secnews.physaphae.fr/article.php?IdArticle=8672310 False Vulnerability,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Google\'s Threat Intelligence Group (GTIG) says attackers exploited 75 zero-day vulnerabilities in the wild last year, over 50% of which were linked to spyware attacks. [...]]]> 2025-04-29T06:00:00+00:00 https://www.bleepingcomputer.com/news/security/google-97-zero-days-exploited-in-2024-over-50-percent-in-spyware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8669519 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Two vulnerabilities impacting Craft CMS were chained together in zero-day attacks to breach servers and steal data, with exploitation ongoing, according to CERT Orange Cyberdefense. [...]]]> 2025-04-25T15:44:35+00:00 https://www.bleepingcomputer.com/news/security/craft-cms-rce-exploit-chain-used-in-zero-day-attacks-to-steal-data/ www.secnews.physaphae.fr/article.php?IdArticle=8667814 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Microsoft announced an increase in bug bounty payouts to $30,000 for AI vulnerabilities found in Dynamics 365 and Power Platform services and products. [...]]]> 2025-04-24T11:06:59+00:00 https://www.bleepingcomputer.com/news/microsoft/Microsoft now pays up to $30,000 for some AI vulnerabilities/ www.secnews.physaphae.fr/article.php?IdArticle=8667210 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft announced an increase in bug bounty payouts to $30,000 for AI vulnerabilities found in Dynamics 365 and Power Platform services and products. [...]]]> 2025-04-24T11:06:59+00:00 https://www.bleepingcomputer.com/news/microsoft/microsoft-now-pays-up-to-30-000-for-some-ai-vulnerabilities/ www.secnews.physaphae.fr/article.php?IdArticle=8667240 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Phishing attacks now evade email filters, proxies, and MFA - making every attack feel like a zero-day. This article from Push Security breaks down why detection is failing and how real-time, in-browser analysis can help turn the tide. [...]]]> 2025-04-23T10:02:12+00:00 https://www.bleepingcomputer.com/news/security/phishing-detection-is-broken-why-most-attacks-feel-like-a-zero-day/ www.secnews.physaphae.fr/article.php?IdArticle=8666689 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain A Windows vulnerability that exposes NTLM hashes using .library-ms files is now actively exploited by hackers in phishing campaigns targeting government entities and private companies. [...]]]> 2025-04-17T15:20:39+00:00 https://www.bleepingcomputer.com/news/security/windows-ntlm-hash-leak-flaw-exploited-in-phishing-attacks-on-governments/ www.secnews.physaphae.fr/article.php?IdArticle=8664194 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Car rental giant Hertz Corporation warns it suffered a data breach after customer data for its Hertz, Thrifty, and Dollar brands was stolen in the Cleo zero-day data theft attacks. [...]]]> 2025-04-14T19:16:03+00:00 https://www.bleepingcomputer.com/news/security/hertz-confirms-customer-info-drivers-licenses-stolen-in-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8662867 False Data Breach,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Security shouldn\'t wait until the end of development. Wazuh brings real-time threat detection, compliance, and vulnerability scanning into your DevOps pipeline-powering a stronger DevSecOps strategy from day one. Learn more about how Wazuh can help secure your development cycle. [...]]]> 2025-04-14T10:01:11+00:00 https://www.bleepingcomputer.com/news/security/enhancing-your-devsecops-with-wazuh-the-open-source-xdr-platform/ www.secnews.physaphae.fr/article.php?IdArticle=8662721 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers exploited a vulnerability in Gladinet CentreStack\'s secure file-sharing software as a zero-day since March to breach storage servers [...]]]> 2025-04-09T11:38:30+00:00 https://www.bleepingcomputer.com/news/security/centrestack-rce-exploited-as-zero-day-to-breach-file-sharing-servers/ www.secnews.physaphae.fr/article.php?IdArticle=8661172 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Google has released patches for 62 vulnerabilities in Android\'s April 2025 security update, including two zero-days exploited in targeted attacks. [...]]]> 2025-04-07T13:55:51+00:00 https://www.bleepingcomputer.com/news/security/google-fixes-android-zero-days-exploited-in-attacks-60-other-flaws/ www.secnews.physaphae.fr/article.php?IdArticle=8660788 False Vulnerability,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Ivanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a China-linked espionage actor to deploy malware since at least mid-March 2025. [...]]]> 2025-04-03T13:43:34+00:00 https://www.bleepingcomputer.com/news/security/ivanti-patches-connect-secure-zero-day-exploited-since-mid-march/ www.secnews.physaphae.fr/article.php?IdArticle=8660092 False Malware,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Artificial intelligence company OpenAI has announced a fivefold increase in the maximum bug bounty rewards for "exceptional and differentiated" critical security vulnerabilities from $20,000 to $100,000. [...]]]> 2025-03-28T13:54:48+00:00 https://www.bleepingcomputer.com/news/security/openai-now-pays-researchers-100-000-for-critical-vulnerabilities/ www.secnews.physaphae.fr/article.php?IdArticle=8658925 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Dozens of vulnerabilities in products from three leading makers of solar inverters, Sungrow, Growatt, and SMA, could be exploited to control devices or execute code remotely on the vendor\'s cloud platform. [...]]]> 2025-03-27T08:00:05+00:00 https://www.bleepingcomputer.com/news/security/dozens-of-solar-inverter-flaws-could-be-exploited-to-attack-power-grids/ www.secnews.physaphae.fr/article.php?IdArticle=8658551 False Vulnerability,Cloud None 4.0000000000000000 Bleeping Computer - Magazine Américain ​Google has fixed a high-severity Chrome zero-day vulnerability exploited to escape the browser\'s sandbox and deploy malware in espionage attacks targeting Russian organizations. [...]]]> 2025-03-26T02:42:48+00:00 https://www.bleepingcomputer.com/news/security/google-fixes-chrome-zero-day-exploited-in-espionage-campaign/ www.secnews.physaphae.fr/article.php?IdArticle=8658255 False Malware,Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025-23120 in its Backup & Replication software that impacts domain-joined installations. [...]]]> 2025-03-20T19:30:38+00:00 https://www.bleepingcomputer.com/news/security/veeam-rce-bug-lets-domain-users-hack-backup-servers-patch-now/ www.secnews.physaphae.fr/article.php?IdArticle=8657064 False Hack,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain WhatsApp has patched a zero-click, zero-day vulnerability used to install Paragon\'s Graphite spyware following reports from security researchers at the University of Toronto\'s Citizen Lab. [...]]]> 2025-03-19T12:02:20+00:00 https://www.bleepingcomputer.com/news/security/whatsapp-patched-zero-day-flaw-used-in-paragon-spyware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8656719 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain At least 11 state-backed hacking groups from North Korea, Iran, Russia, and China have been exploiting a new Windows vulnerability in data theft and cyber espionage zero-day attacks since 2017. [...]]]> 2025-03-18T13:11:24+00:00 https://www.bleepingcomputer.com/news/security/new-windows-zero-day-exploited-by-11-state-hacking-groups-since-2017/ www.secnews.physaphae.fr/article.php?IdArticle=8656512 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Google paid almost $12 million in bug bounty rewards to 660 security researchers who reported security bugs through the company\'s Vulnerability Reward Program (VRP) in 2024. [...]]]> 2025-03-10T11:36:01+00:00 https://www.bleepingcomputer.com/news/security/google-paid-12-million-in-bug-bounties-last-year-to-security-researchers/ www.secnews.physaphae.fr/article.php?IdArticle=8654893 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain A critical command injection vulnerability impacting the Edimax IC-7100 IP camera is currently being exploited by botnet malware to compromise devices. [...]]]> 2025-03-07T13:36:48+00:00 https://www.bleepingcomputer.com/news/security/unpatched-edimax-ip-camera-flaw-actively-exploited-in-botnet-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8654574 False Malware,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Google has released patches for 43 vulnerabilities in Android\'s March 2025 security update, including two zero-days. Serbian authorities have used one of the zero-days to unlock confiscated devices. [...]]]> 2025-03-04T06:38:22+00:00 https://www.bleepingcomputer.com/news/security/google-fixes-android-zero-days-exploited-in-targeted-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8653383 False Vulnerability,Threat,Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain Serbian authorities have reportedly used an Android zero-day exploit chain developed by Cellebrite to unlock the device of a student activist in the country and attempt to install spyware. [...]]]> 2025-02-28T11:27:18+00:00 https://www.bleepingcomputer.com/news/security/serbian-police-used-cellebrite-zero-day-hack-to-unlock-android-phones/ www.secnews.physaphae.fr/article.php?IdArticle=8652025 False Hack,Vulnerability,Threat,Legislation,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Palo Alto Networks warns that hackers are actively exploiting a critical authentication bypass flaw (CVE-2025-0108) in PAN-OS firewalls, chaining it with two other vulnerabilities to breach devices in active attacks. [...]]]> 2025-02-19T10:38:29+00:00 https://www.bleepingcomputer.com/news/security/palo-alto-networks-tags-new-firewall-bug-as-exploited-in-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8649017 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain OpenSSH has released security updates addressing two vulnerabilities, a machine-in-the-middle (MitM) and a denial of service flaw, with one of the flaws introduced over a decade ago. [...]]]> 2025-02-18T12:07:56+00:00 https://www.bleepingcomputer.com/news/security/new-openssh-flaws-expose-ssh-servers-to-mitm-and-dos-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8648887 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain ​Rapid7\'s vulnerability research team says attackers exploited a PostgreSQL security flaw as a zero-day to breach the network of privileged access management company BeyondTrust in December. [...]]]> 2025-02-14T09:15:47+00:00 https://www.bleepingcomputer.com/news/security/postgresql-flaw-exploited-as-zero-day-in-beyondtrust-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8648500 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Google has fixed two vulnerabilities that, when chained together, could expose the email addresses of YouTube accounts, causing a massive privacy breach for those using the site anonymously. [...]]]> 2025-02-12T06:00:00+00:00 https://www.bleepingcomputer.com/news/security/google-fixes-flaw-that-could-unmask-youtube-users-email-addresses/ www.secnews.physaphae.fr/article.php?IdArticle=8648236 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Fortinet warned today that attackers are exploiting another authentication bypass zero-day bug in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks. [...]]]> 2025-02-11T13:56:13+00:00 https://www.bleepingcomputer.com/news/security/fortinet-warns-of-new-zero-day-exploited-to-hijack-firewalls/ www.secnews.physaphae.fr/article.php?IdArticle=8648107 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain ​Microsoft announced over the weekend that it has expanded its Microsoft Copilot (AI) bug bounty program and increased payouts for moderate severity vulnerabilities. [...]]]> 2025-02-10T10:00:34+00:00 https://www.bleepingcomputer.com/news/microsoft/microsoft-raises-rewards-for-copilot-ai-bug-bounty-program/ www.secnews.physaphae.fr/article.php?IdArticle=8647869 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Software vendor Trimble is warning that hackers are exploiting a Cityworks deserialization vulnerability to remotely execute commands on IIS servers and deploy Cobalt Strike beacons for initial network access. [...]]]> 2025-02-07T13:42:44+00:00 https://www.bleepingcomputer.com/news/security/hackers-exploit-cityworks-rce-bug-to-breach-microsoft-iis-servers/ www.secnews.physaphae.fr/article.php?IdArticle=8647472 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain The February 2025 Android security updates patch 48 vulnerabilities, including a zero-day kernel vulnerability that has been exploited in the wild. [...]]]> 2025-02-03T15:10:22+00:00 https://www.bleepingcomputer.com/news/security/google-fixes-android-kernel-zero-day-exploited-in-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8646654 False Vulnerability,Threat,Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain A new variant of the Mirai-based botnet malware Aquabot has been observed actively exploiting CVE-2024-41710, a command injection vulnerability in Mitel SIP phones. [...]]]> 2025-01-29T19:55:06+00:00 https://www.bleepingcomputer.com/news/security/new-aquabotv3-botnet-malware-targets-mitel-command-injection-flaw/ www.secnews.physaphae.fr/article.php?IdArticle=8644524 False Malware,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers are believed to be exploiting recently fixed SimpleHelp Remote Monitoring and Management (RMM) software vulnerabilities to gain initial access to target networks. [...]]]> 2025-01-28T16:49:41+00:00 https://www.bleepingcomputer.com/news/security/hackers-exploiting-flaws-in-simplehelp-rmm-to-breach-networks/ www.secnews.physaphae.fr/article.php?IdArticle=8644007 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain ​Attackers are exploiting a new authentication bypass zero-day vulnerability in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks. [...]]]> 2025-01-14T10:24:27+00:00 https://www.bleepingcomputer.com/news/security/fortinet-warns-of-auth-bypass-zero-day-exploited-to-hijack-firewalls/ www.secnews.physaphae.fr/article.php?IdArticle=8637200 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Nominet, the official .UK domain registry and one of the largest country code registries, has confirmed that its network was breached two weeks ago using an Ivanti VPN zero-day vulnerability. [...]]]> 2025-01-13T11:50:12+00:00 https://www.bleepingcomputer.com/news/security/uk-domain-registry-nominet-confirms-breach-via-ivanti-zero-day-vulnerability/ www.secnews.physaphae.fr/article.php?IdArticle=8636780 False Vulnerability,Threat None 4.0000000000000000 Bleeping Computer - Magazine Américain Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN appliances new malware called \'Dryhook\' and \'Phasejam\' that is not currently associated with any threat group. [...]]]> 2025-01-09T11:11:20+00:00 https://www.bleepingcomputer.com/news/security/google-chinese-hackers-likely-behind-ivanti-vpn-zero-day-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8635336 False Malware,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Ivanti is warning that a new Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 was exploited in zero-day attacks to install malware on appliances. [...]]]> 2025-01-08T15:43:34+00:00 https://www.bleepingcomputer.com/news/security/ivanti-warns-of-new-connect-secure-flaw-used-in-zero-day-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8635045 False Malware,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Palo Alto Networks is warning that hackers are exploiting the CVE-2024-3393 denial of service vulnerability to disable firewall protections by forcing it to reboot. [...]]]> 2024-12-27T11:33:21+00:00 https://www.bleepingcomputer.com/news/security/hackers-exploit-dos-flaw-to-disable-palo-alto-networks-firewalls/ www.secnews.physaphae.fr/article.php?IdArticle=8630648 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A new Mirai-based malware campaign is actively exploiting unpatched vulnerabilities in Internet of Things (IoT) devices, including DigiEver DS-2105 Pro DVRs. [...]]]> 2024-12-24T15:04:03+00:00 https://www.bleepingcomputer.com/news/security/new-botnet-exploits-vulnerabilities-in-nvrs-tp-link-routers/ www.secnews.physaphae.fr/article.php?IdArticle=8629612 False Malware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain The Serbian government exploited Qualcomm zero-days to unlock and infect Android devices with a new spyware named \'NoviSpy,\' used to spy on activists, journalists, and protestors. [...]]]> 2024-12-16T10:06:16+00:00 https://www.bleepingcomputer.com/news/security/new-android-novispy-spyware-linked-to-qualcomm-zero-day-bugs/ www.secnews.physaphae.fr/article.php?IdArticle=8626085 False Vulnerability,Threat,Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain The Clop ransomware gang has confirmed to BleepingComputer that they are behind the recent Cleo data-theft attacks, utilizing zero-day exploits to breach corporate networks and steal data. [...]]]> 2024-12-15T15:15:00+00:00 https://www.bleepingcomputer.com/news/security/clop-ransomware-claims-responsibility-for-cleo-data-theft-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8625694 False Ransomware,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain US Bitcoin ATM operator Byte Federal has disclosed a data breach that exposed the data of 58,000 customers after its systems were breached using a GitLab vulnerability. [...]]]> 2024-12-12T11:02:37+00:00 https://www.bleepingcomputer.com/news/security/bitcoin-atm-firm-byte-federal-hacked-via-gitlab-flaw-58k-users-exposed/ www.secnews.physaphae.fr/article.php?IdArticle=8624098 False Data Breach,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers are actively exploiting a zero-day vulnerability in Cleo managed file transfer software to breach corporate networks and conduct data theft attacks. [...]]]> 2024-12-10T10:09:52+00:00 https://www.bleepingcomputer.com/news/security/new-cleo-zero-day-rce-flaw-exploited-in-data-theft-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8622919 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A set of vulnerabilities dubbed "NachoVPN" allows rogue VPN servers to install malicious updates when unpatched Palo Alto and SonicWall SSL-VPN clients connect to them. [...]]]> 2024-11-26T17:30:00+00:00 https://www.bleepingcomputer.com/news/security/new-nachovpn-attack-uses-rogue-vpn-servers-to-install-malicious-updates/ www.secnews.physaphae.fr/article.php?IdArticle=8617949 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain America\'s Cyber Defense Agency has received evidence of hackers actively exploiting a remote code execution vulnerability in SSL VPN products Array Networks AG and vxAG ArrayOS. [...]]]> 2024-11-26T08:26:33+00:00 https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-bug-in-array-networks-ssl-vpn-products/ www.secnews.physaphae.fr/article.php?IdArticle=8617877 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers have already compromised thousands of Palo Alto Networks firewalls in attacks exploiting two recently patched zero-day vulnerability vulnerabilities. [...]]]> 2024-11-21T14:46:48+00:00 https://www.bleepingcomputer.com/news/security/over-2-000-palo-alto-firewalls-hacked-using-recently-patched-bugs/ www.secnews.physaphae.fr/article.php?IdArticle=8615616 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain The new \'Helldown\' ransomware operation is believed to target vulnerabilities in Zyxel firewalls to breach corporate networks, allowing them to steal data and encrypt devices. [...]]]> 2024-11-19T12:00:32+00:00 https://www.bleepingcomputer.com/news/security/helldown-ransomware-exploits-zyxel-vpn-flaw-to-breach-networks/ www.secnews.physaphae.fr/article.php?IdArticle=8614187 False Ransomware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Israeli surveillance firm NSO Group reportedly used multiple zero-day exploits, including an unknown one named "Erised," that leveraged WhatsApp vulnerabilities to deploy Pegasus spyware in zero-click attacks, even after getting sued. [...]]]> 2024-11-15T17:04:18+00:00 https://www.bleepingcomputer.com/news/security/nso-group-used-another-whatsapp-zero-day-after-being-sued-court-docs-say/ www.secnews.physaphae.fr/article.php?IdArticle=8611942 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomining attacks. [...]]]> 2024-11-15T14:39:01+00:00 https://www.bleepingcomputer.com/news/security/botnet-exploits-geovision-zero-day-to-install-mirai-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8611890 False Malware,Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Attackers could exploit several vulnerabilities in the Mazda Connect infotainment unit, present in multiple car models including Mazda 3 (2014-2021), to execute arbitrary code with root permission. [...]]]> 2024-11-08T12:48:19+00:00 https://www.bleepingcomputer.com/news/security/unpatched-mazda-connect-bugs-let-hackers-install-persistent-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8608212 False Malware,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Google fixed two actively exploited Android zero-day flaws as part of its November security updates, addressing a total of 51 vulnerabilities. [...]]]> 2024-11-05T09:30:58+00:00 https://www.bleepingcomputer.com/news/security/google-fixes-two-android-zero-days-used-in-targeted-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8606468 False Vulnerability,Threat,Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain A recently disclosed Microsoft SharePoint remote code execution (RCE) vulnerability tracked as CVE-2024-38094 is being exploited to gain initial access to corporate networks. [...]]]> 2024-11-02T11:19:30+00:00 https://www.bleepingcomputer.com/news/security/microsoft-sharepoint-rce-bug-exploited-to-breach-corporate-network/ www.secnews.physaphae.fr/article.php?IdArticle=8605274 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Over 22,000 CyberPanel instances exposed online to a critical remote code execution (RCE) vulnerability were mass-targeted in a PSAUX ransomware attack that took almost all instances offline. [...]]]> 2024-10-29T15:15:05+00:00 https://www.bleepingcomputer.com/news/security/massive-psaux-ransomware-attack-targets-22-000-cyberpanel-instances/ www.secnews.physaphae.fr/article.php?IdArticle=8603413 False Ransomware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain QNAP has fixed a critical zero-day vulnerability exploited by security researchers on Thursday to hack a TS-464 NAS device during the Pwn2Own Ireland 2024 competition. [...]]]> 2024-10-29T13:35:13+00:00 https://www.bleepingcomputer.com/news/security/qnap-fixes-nas-backup-software-zero-day-exploited-at-pwn2own/ www.secnews.physaphae.fr/article.php?IdArticle=8603375 False Hack,Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain The North Korean hacking group ScarCruft launched a large-scale attack in May that leveraged an Internet Explorer zero-day flaw to infect targets with the RokRAT malware and exfiltrate data. [...]]]> 2024-10-16T09:59:12+00:00 https://www.bleepingcomputer.com/news/security/malicious-ads-exploited-internet-explorer-zero-day-to-drop-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8598745 False Malware,Vulnerability,Threat APT 37 2.0000000000000000 Bleeping Computer - Magazine Américain The Browser Company has introduced an Arc Bug Bounty Program to encourage security researchers to report vulnerabilities to the project and receive rewards. [...]]]> 2024-10-01T18:33:38+00:00 https://www.bleepingcomputer.com/news/security/arc-browser-launches-bug-bounty-program-after-fixing-rce-bug/ www.secnews.physaphae.fr/article.php?IdArticle=8589980 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Cloud hosting provider Rackspace suffered a data breach exposing "limited" customer monitoring data after threat actors exploited a zero-day vulnerability in a third-party tool used by the ScienceLogic SL1 platform. [...]]]> 2024-10-01T15:30:04+00:00 https://www.bleepingcomputer.com/news/security/rackspace-monitoring-data-stolen-in-sciencelogic-zero-day-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8589882 False Data Breach,Tool,Vulnerability,Threat,Cloud None 2.0000000000000000 Bleeping Computer - Magazine Américain The percentage of Android vulnerabilities caused by memory safety issues has dropped from 76% in 2019 to only 24% in 2024, representing a massive decrease of over 68% in five years. [...]]]> 2024-09-25T13:00:00+00:00 https://www.bleepingcomputer.com/news/security/google-sees-68-percent-drop-in-android-memory-safety-flaws-over-5-years/ www.secnews.physaphae.fr/article.php?IdArticle=8585016 False Vulnerability,Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain A clever threat campaign is abusing GitHub repositories to distribute malware targeting users who frequent an open source project repository or are subscribed to email notifications from it. A malicious GitHub user opens a new "issue" on an open source repository falsely claiming that the project contains a "security vulnerability." [...]]]> 2024-09-19T07:07:38+00:00 https://www.bleepingcomputer.com/news/security/clever-github-scanner-campaign-abusing-repos-to-push-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8579545 False Malware,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Learn about the top 4 security automation use cases that can streamline your cybersecurity efforts. This guide covers reducing enriching indicators of compromise (IoCs), monitoring external attack surface(s), scanning for web application vulnerabilities and monitoring for leaked user credentials - specifically email addresses. [...]]]> 2024-09-18T10:01:11+00:00 https://www.bleepingcomputer.com/news/security/4-top-security-automation-use-cases-a-detailed-guide/ www.secnews.physaphae.fr/article.php?IdArticle=8579199 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain ​CISA has ordered U.S. federal agencies to secure their systems against a recently patched Windows MSHTML spoofing zero-day bug exploited by the Void Banshee APT hacking group. [...]]]> 2024-09-16T15:53:34+00:00 https://www.bleepingcomputer.com/news/security/cisa-warns-of-windows-flaw-used-in-infostealer-malware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8577921 False Malware,Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain D-Link has fixed critical vulnerabilities in three popular wireless router models that allow remote attackers to execute arbitrary code or access the devices using hardcoded credentials. [...]]]> 2024-09-16T10:24:54+00:00 https://www.bleepingcomputer.com/news/security/d-link-fixes-critical-rce-hardcoded-password-flaws-in-wifi-6-routers/ www.secnews.physaphae.fr/article.php?IdArticle=8577773 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Ransomware affiliates exploit a critical security vulnerability in SonicWall SonicOS firewall devices to breach victims\' networks. [...]]]> 2024-09-09T17:50:13+00:00 https://www.bleepingcomputer.com/news/security/critical-sonicwall-sslvpn-bug-exploited-in-ransomware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8573460 False Ransomware,Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Google has released the September 2024 Android security updates to fix 34 vulnerabilities, including CVE-2024-32896, an actively exploited elevation of privilege flaw that was previously fixed on Pixel devices. [...]]]> 2024-09-04T11:16:22+00:00 https://www.bleepingcomputer.com/news/security/google-backports-fix-for-pixel-eop-flaw-to-other-android-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8569780 False Vulnerability,Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain The Corona Mirai-based malware botnet is spreading through a 5-year-old remote code execution (RCE) zero-day in AVTECH IP cameras, which have been discontinued for years and will not receive a patch. [...]]]> 2024-08-29T11:46:45+00:00 https://www.bleepingcomputer.com/news/security/malware-exploits-5-year-old-zero-day-to-infect-end-of-life-ip-cameras/ www.secnews.physaphae.fr/article.php?IdArticle=8566272 False Malware,Vulnerability,Threat None 4.0000000000000000 Bleeping Computer - Magazine Américain The South Korea-aligned cyberespionage group APT-C-60 has been leveraging a zero-day code execution vulnerability in the Windows version of WPS Office to install the SpyGlace backdoor on East Asian targets. [...]]]> 2024-08-28T18:50:15+00:00 https://www.bleepingcomputer.com/news/security/apt-c-60-hackers-exploited-wps-office-zero-day-to-deploy-spyglace-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8565722 False Malware,Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Google has more than doubled payouts for Google Chrome security flaws reported through its Vulnerability Reward Program, with the maximum possible reward for a single bug now exceeding $250,000. [...]]]> 2024-08-28T13:00:00+00:00 https://www.bleepingcomputer.com/news/google/google-increases-chrome-bug-bounty-rewards-up-to-250-000/ www.secnews.physaphae.fr/article.php?IdArticle=8565562 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain The Chinese state-backed hacking group Volt Typhoon is behind attacks that exploited a zero-day flaw in Versa Director to upload a custom webshell to steal credentials and breach corporate networks. [...]]]> 2024-08-27T10:00:00+00:00 https://www.bleepingcomputer.com/news/security/chinese-volt-typhoon-hackers-exploited-versa-zero-day-to-breach-isps-msps/ www.secnews.physaphae.fr/article.php?IdArticle=8564715 False Vulnerability,Threat Guam 3.0000000000000000 Bleeping Computer - Magazine Américain Unknown attackers have deployed a newly discovered backdoor dubbed Msupedge on a university\'s Windows systems in Taiwan, likely by exploiting a recently patched PHP remote code execution vulnerability (CVE-2024-4577). [...]]]> 2024-08-20T13:49:02+00:00 https://www.bleepingcomputer.com/news/security/hackers-use-php-exploit-to-backdoor-windows-systems-with-new-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8560955 False Malware,Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain AMD is warning about a high-severity CPU vulnerability named SinkClose that impacts multiple generations of its EPYC, Ryzen, and Threadripper processors. The vulnerability allows attackers with Kernel-level (Ring 0) privileges to gain Ring -2 privileges and install malware that becomes nearly undetectable. [...]]]> 2024-08-09T12:56:15+00:00 https://www.bleepingcomputer.com/news/security/new-amd-sinkclose-flaw-helps-install-nearly-undetectable-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8554789 False Malware,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Cisco warns that exploit code is now available for a maximum severity vulnerability that lets attackers change any user password on unpatched Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers. [...]]]> 2024-08-08T15:01:30+00:00 https://www.bleepingcomputer.com/news/security/exploit-released-for-cisco-ssm-bug-allowing-admin-password-changes/ www.secnews.physaphae.fr/article.php?IdArticle=8554239 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain SafeBreach security researcher Alon Leviev discovered a Windows Update downgrade attack that can "unpatch" fully-updated Windows 10, Windows 11, and Windows Server systems to reintroduce old vulnerabilities [...]]]> 2024-08-07T16:24:33+00:00 https://www.bleepingcomputer.com/news/microsoft/windows-update-downgrade-attack-unpatches-fully-updated-systems/ www.secnews.physaphae.fr/article.php?IdArticle=8553636 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Android security updates this month patch 46 vulnerabilities, including a high-severity remote code execution (RCE) exploited in targeted attacks. [...]]]> 2024-08-05T18:40:48+00:00 https://www.bleepingcomputer.com/news/security/google-fixes-android-kernel-zero-day-exploited-in-targeted-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8552382 False Vulnerability,Threat,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain A novel Linux Kernel cross-cache attack named SLUBStick has a 99% success in converting a limited heap vulnerability into an arbitrary memory read-and-write capability, letting the researchers elevate privileges or escape containers. [...]]]> 2024-08-03T11:17:28+00:00 https://www.bleepingcomputer.com/news/security/linux-kernel-impacted-by-new-slubstick-cross-cache-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8550825 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain The United Kingdom\'s Information Commissioner\'s Office (ICO) revealed today that the Electoral Commission was breached in August 2021 because it failed to patch its on-premise Microsoft Exchange Server against ProxyShell vulnerabilities. [...]]]> 2024-07-30T08:00:06+00:00 https://www.bleepingcomputer.com/news/security/uk-govt-links-2021-electoral-commission-breach-to-exchange-server/ www.secnews.physaphae.fr/article.php?IdArticle=8547235 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain A Telegram for Android zero-day vulnerability dubbed \'EvilVideo\' allowed attackers to send malicious Android APK payloads disguised as video files. [...]]]> 2024-07-22T10:41:55+00:00 https://www.bleepingcomputer.com/news/security/telegram-zero-day-allowed-sending-malicious-android-apks-as-videos/ www.secnews.physaphae.fr/article.php?IdArticle=8542080 False Vulnerability,Threat,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Cisco has fixed a maximum severity vulnerability that allows attackers to change any user\'s password on vulnerable Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers, including administrators. [...]]]> 2024-07-17T13:31:09+00:00 https://www.bleepingcomputer.com/news/security/cisco-ssm-on-prem-bug-lets-hackers-change-any-users-password/ www.secnews.physaphae.fr/article.php?IdArticle=8539014 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Google has announced a fivefold increase in payouts for bugs found in its systems and applications reported through its Vulnerability Reward Program, with a new maximum bounty of $151,515 for a single security flaw. [...]]]> 2024-07-11T14:17:56+00:00 https://www.bleepingcomputer.com/news/security/google-increases-bug-bounty-rewards-five-times-up-to-151k/ www.secnews.physaphae.fr/article.php?IdArticle=8535179 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Microsoft fixed a Windows zero-day vulnerability that has been actively exploited in attacks for eighteen months to launch malicious scripts while bypassing built-in security features. [...]]]> 2024-07-10T12:04:16+00:00 https://www.bleepingcomputer.com/news/security/windows-mshtml-zero-day-used-in-malware-attacks-for-over-a-year/ www.secnews.physaphae.fr/article.php?IdArticle=8534359 False Malware,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Cisco has patched an NX-OS zero-day exploited in April attacks to install previously unknown malware as root on vulnerable switches. [...]]]> 2024-07-01T13:46:56+00:00 https://www.bleepingcomputer.com/news/security/cisco-warns-of-nx-os-zero-day-exploited-to-deploy-custom-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8529302 False Malware,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Modern Intel processors, including chips from the Raptor Lake and the Alder Lake generations are susceptible to a new type of a high-precision Branch Target Injection (BTI) attack dubbed \'Indirector,\' which could be used to steal sensitive information from the CPU. [...]]]> 2024-07-01T10:24:12+00:00 https://www.bleepingcomputer.com/news/security/latest-intel-cpus-impacted-by-new-indirector-side-channel-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8529303 False Vulnerability None 4.0000000000000000 Bleeping Computer - Magazine Américain Google has released patches for 50 security vulnerabilities impacting its Pixel devices and warned that one of them had already been exploited in targeted attacks as a zero-day. [...]]]> 2024-06-12T15:06:16+00:00 https://www.bleepingcomputer.com/news/security/google-patches-exploited-android-zero-day-on-pixel-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8517339 False Vulnerability,Threat,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Check Point has released hotfixes for a VPN zero-day vulnerability exploited in attacks to gain remote access to firewalls and attempt to breach corporate networks. [...]]]> 2024-05-29T09:31:37+00:00 https://www.bleepingcomputer.com/news/security/check-point-releases-emergency-fix-for-vpn-zero-day-exploited-in-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8509314 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain The Norwegian National Cyber Security Centre (NCSC) recommends replacing SSLVPN/WebVPN solutions with alternatives due to the repeated exploitation of related vulnerabilities in edge network devices to breach corporate networks. [...]]]> 2024-05-16T15:07:45+00:00 https://www.bleepingcomputer.com/news/security/norway-recommends-replacing-ssl-vpn-to-prevent-breaches/ www.secnews.physaphae.fr/article.php?IdArticle=8501129 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain ​Microsoft has fixed a zero-day vulnerability exploited in attacks to deliver QakBot and other malware payloads on vulnerable Windows systems. [...]]]> 2024-05-14T14:18:05+00:00 https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-zero-day-exploited-in-qakbot-malware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8499741 False Malware,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain ​CISA warned today that attackers are actively exploiting a maximum-severity GitLab vulnerability that allows them to take over accounts via password resets. [...]]]> 2024-05-01T12:29:36+00:00 https://www.bleepingcomputer.com/news/security/cisa-says-gitlab-account-takeover-bug-is-actively-exploited-in-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8491933 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Google has increased rewards for reporting remote code execution vulnerabilities within select Android apps by ten times, from $30,000 to $300,000, with the maximum reward reaching $450,000 for exceptional quality reports. [...]]]> 2024-04-30T14:33:51+00:00 https://www.bleepingcomputer.com/news/security/google-now-pays-up-to-450-000-for-rce-bugs-in-some-android-apps/ www.secnews.physaphae.fr/article.php?IdArticle=8491419 False Vulnerability,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain ​Cisco warned today that a state-backed hacking group has been exploiting two zero-day vulnerabilities in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls since November 2023 to breach government networks worldwide. [...]]]> 2024-04-24T13:07:51+00:00 https://www.bleepingcomputer.com/news/security/arcanedoor-hackers-exploit-cisco-zero-days-to-breach-govt-networks/ www.secnews.physaphae.fr/article.php?IdArticle=8488121 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Ivanti has released security updates to fix 27 vulnerabilities in its Avalanche mobile device management (MDM) solution, two of them critical heap overflows that can be exploited for remote command execution. [...]]]> 2024-04-16T15:52:14+00:00 https://www.bleepingcomputer.com/news/security/ivanti-warns-of-critical-flaws-in-its-avalanche-mdm-solution/ www.secnews.physaphae.fr/article.php?IdArticle=8483648 False Vulnerability,Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain Suspected state-sponsored hackers have been exploiting a zero-day vulnerability in Palo Alto Networks firewalls tracked as CVE-2024-3400 since March 26, using the compromised devices to breach internal networks, steal data and credentials. [...]]]> 2024-04-13T08:35:15+00:00 https://www.bleepingcomputer.com/news/security/palo-alto-networks-zero-day-exploited-since-march-to-backdoor-firewalls/ www.secnews.physaphae.fr/article.php?IdArticle=8481394 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Microsoft has fixed two actively exploited zero-day vulnerabilities during the April 2024 Patch Tuesday, although the company failed to initially tag them as such. [...]]]> 2024-04-09T18:06:06+00:00 https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-two-windows-zero-days-exploited-in-malware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8478933 False Malware,Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain A Romanian botnet group named \'RUBYCARP\' is leveraging known vulnerabilities and performing brute force attacks to breach corporate networks and compromise servers for financial gain. [...]]]> 2024-04-09T11:30:06+00:00 https://www.bleepingcomputer.com/news/security/rubycarp-hackers-linked-to-10-year-old-cryptomining-botnet/ www.secnews.physaphae.fr/article.php?IdArticle=8478768 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Newly discovered HTTP/2 protocol vulnerabilities called "CONTINUATION Flood" can lead to denial of service (DoS) attacks, crashing web servers with a single TCP connection in some implementations. [...]]]> 2024-04-04T11:28:55+00:00 https://www.bleepingcomputer.com/news/security/new-http-2-dos-attack-can-crash-web-servers-with-a-single-connection/ www.secnews.physaphae.fr/article.php?IdArticle=8475966 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain IT security software company Ivanti has released patches to fix multiple security vulnerabilities impacting its Connect Secure and Policy Secure gateways. [...]]]> 2024-04-03T13:29:32+00:00 https://www.bleepingcomputer.com/news/security/ivanti-fixes-vpn-gateway-vulnerability-allowing-rce-dos-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8475367 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain Data belonging to more than 1.3 million customers of the PandaBuy online shopping platform has been leaked, allegedly after two threat actors exploited multiple vulnerabilities to breach systems. [...]]]> 2024-04-01T11:00:28+00:00 https://www.bleepingcomputer.com/news/security/shopping-platform-pandabuy-data-leak-impacts-13-million-users/ www.secnews.physaphae.fr/article.php?IdArticle=8474071 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Google\'s Threat Analysis Group (TAG) and Google subsidiary Mandiant said they\'ve observed a significant increase in the number of zero-day vulnerabilities exploited in attacks in 2023, many of them linked to spyware vendors and their clients. [...]]]> 2024-03-27T09:00:00+00:00 https://www.bleepingcomputer.com/news/security/google-spyware-vendors-behind-50-percent-of-zero-days-exploited-in-2023/ www.secnews.physaphae.fr/article.php?IdArticle=8471385 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A new hacking campaign dubbed "ShadowRay" targets an unpatched vulnerability in Ray, a popular open-source AI framework, to hijack computing power and leak sensitive data from thousands of companies. [...]]]> 2024-03-26T14:51:32+00:00 https://www.bleepingcomputer.com/news/security/hackers-exploit-ray-framework-flaw-to-breach-servers-hijack-resources/ www.secnews.physaphae.fr/article.php?IdArticle=8470917 False Vulnerability,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Ivanti warned customers to immediately patch a critical severity Standalone Sentry vulnerability reported by NATO Cyber Security Centre researchers. [...]]]> 2024-03-20T13:08:58+00:00 https://www.bleepingcomputer.com/news/security/ivanti-fixes-critical-standalone-sentry-bug-reported-by-nato/ www.secnews.physaphae.fr/article.php?IdArticle=8467447 False Vulnerability None 3.0000000000000000