🔓 Hacking & Pentest

Dernière mise à jour : 06/04/2026 à 07:54 UTC · 156 articles · 20 derniers par source

← Retour Veille 🛡 Sécurité 📰 Presse 🖥 Presse IT 📱 Numérique

🎯 Pentest

Null Byte (WonderHowTo) (20 articles)

How Hackers Can Control Anything Remotely Using LoRa Modules
08/03/2025 06:38
LoRa (long-range) technology is widely used in IoT applications because it can transmit data over long distances without requiring internet access. Because of its long range and low power consumption, LoRa can be used to remotely control devices — even from miles away. Hackers and security resear...
Hacking the Skies: How a $20 Device Can Spoof Drone IDs and Create Ghost Swarms
21/02/2025 17:00
As drone technology continues to evolve, so do the systems designed to track and regulate them. One such system is Open Drone ID, an FAA-recognized remote identification protocol that allows drones to broadcast telemetry and identification data, similar to ADS-B for airplanes. While this was impl...
Create Your Own Ethical Hacking Kit with a Raspberry Pi 5
07/02/2025 17:36
If you started your ethical hacking journey with our recommended Raspberry Pi 3 B+ setup, it's time to consider upgrading your beginner's ethical hacking kit to the Raspberry Pi 5 for even better performance and capabilities. After a nearly four-year hiatus, Kody Kinzie returns as the host of Nul...
How to Get Unlimited Free Trials Using a "Real" Fake Credit Card Number
12/01/2024 19:10
When I see the words "free trial," I know I'm probably going to have to whip out my credit card and enter in the number to "not get charged." Then I end up forgetting about the trial and want to kick myself in the ass when I see my statement at the end of the month. In order to avoid that rigmaro...
How to Discover & Attack Raspberry Pis Using Default Credentials with Rpi-hunter
11/09/2023 17:33
When setting up a Raspberry Pi, it's easy to overlook changing the default password. Like many IoT devices, the Raspberry Pi's default Raspbian operating system installs with a widely-known default password, leaving the device vulnerable to remote access. Using a tool called rpi-hunter, hackers c...
How to Set Up a Wi-Fi Spy Camera with an ESP32-CAM
22/06/2021 14:33
The ESP32-CAM is a convenient little camera module with a lot of built-in power, and you can turn one into an inconspicuous spy camera to hide in any room. There's only one issue: it does omit a USB port. That makes it a little harder to program, but with an ESP32-based board, FTDI programmer, an...
These High-Quality Courses Are Only $49.99
08/06/2021 16:56
Project managers — and those hoping to become one — should rejoice at this killer deal. The Project Manager's Essential Certification Bundle Ft. Scrum, Agile & PMP usually runs for $1,990 but is only $49.99 for a limited time. The bundle features training on all the essential tools highly efficie...
How to Perform Advanced Man-in-the-Middle Attacks with Xerosploit
08/06/2021 16:44
A man-in-the-middle attack, or MitM attack, is when a hacker gets on a network and forces all nearby devices to connect to their machine directly. This lets them spy on traffic and even modify certain things. Bettercap is one tool that can be used for these types of MitM attacks, but Xerosploit c...
Unlock Facial Detection & Recognition on the Inexpensive ESP32-Based Wi-Fi Spy Camera
28/05/2021 23:11
If you've recently built a Wi-Fi spy camera out of an ESP32-CAM, you can use it for a variety of things. A baby monitor at night, a security camera for catching package thieves, a hidden video streamer to catch someone going somewhere they shouldn't be — you could use it for pretty much anything....
The Best-Selling VPN Is Now on Sale
28/05/2021 23:09
The ability to browse the web in coffee shops, libraries, airports, and practically anywhere else you can imagine is more than convenient, but convenience has risks. Using public Wi-Fi allows others to spy on you easily. Even your own internet service provider can see every website you've ever vi...
Null Byte's Hacker Guide to Buying an ESP32 Camera Module That's Right for Your Project
24/05/2021 17:51
An ESP32-based microcontroller with a camera is an amazing platform for video, but not all modules are created equal. We'll go over the pros and cons of some of the popular low-cost camera modules you can use with ESP32-based development boards, as well as what features they support. The ESP32-ba...
Hack Networks & Devices Right from Your Wrist with the Wi-Fi Deauther Watch
14/05/2021 22:53
The Deauther Watch by Travis Lin is the physical manifestation of the Wi-Fi Deauther project by Spacehuhn, and it's designed to let you operate the Deauther project right from your wrist without needing a computer. That's pretty cool if you want to do all the interesting things that the Wi-Fi Dea...
Fingerprint Web Apps & Servers for Better Recon & More Successful Hacks
07/05/2021 22:14
Web applications are ubiquitous in the modern online world, and knowing how to attack them is an increasingly valuable skill. But the key to a successful attack is good recon since it's easier to be focused and efficient with the more information you have. There are many fingerprinting tools avai...
How to Write Your Own Subdomain Enumeration Script for Better Recon
29/04/2021 21:00
There are tons of tools out there that do all kinds of recon, but it can be hard to narrow down what to use. A great way to be more efficient is by taking advantage of scripting. This doesn't have to mean writing everything from scratch — it can simply mean integrating existing tools into a singl...
How to Get Started with Kali Linux in 2020
23/04/2021 23:35
Kali Linux has come a long way since its BackTrack days, and it's still widely considered the ultimate Linux distribution for penetration testing. The system has undergone quite the transformation since its old days and includes an updated look, improved performance, and some significant changes ...
How to Install Kali Linux as a Portable Live USB for Pen-Testing & Hacking on Any Computer
23/04/2021 23:31
Kali Linux is the go-to Linux distribution for penetration testing and ethical hacking. Still, it's not recommended for day-to-day use, such as responding to emails, playing games, or checking Facebook. That's why it's better to run your Kali Linux system from a bootable USB drive. The hacker-fri...
Clear the Logs & Bash History on Hacked Linux Systems to Cover Your Tracks & Remain Undetected
16/04/2021 20:45
As a hacker, the final stage of exploitation is covering their tracks, which involves wiping all activity and logs so that they can avoid being detected. It's especially crucial for persistence if the target will be accessed again in the future by the attacker. To show you the basics of covering ...
Play Wi-Fi Hacking Games Using Microcontrollers to Practice Wi-Fi Attacks Legally
27/03/2021 01:17
ESP8266-based microcontrollers can be used to create exciting and legal Wi-Fi hacking games to test your or your friends' Wi-Fi hacking skills. When you first start learning how to hack Wi-Fi, it can be tempting to use your powers on Wi-Fi networks you don't have permission to use. Needless to sa...
How to Use a Raspberry Pi as a Dead Drop for Anonymous Offline Communication
18/03/2021 16:53
A PirateBox creates a network that allows users to communicate wirelessly, connecting smartphones and laptops even when surrounding infrastructure has been disabled on purpose or destroyed in a disaster. Using a Raspberry Pi, we will make a wireless offline server that hosts files and a chat room...
This Python Bundle Can Teach You Everything You Need to Know
13/03/2021 02:23
Python is one of the most commonly used programming languages in the world. From data science to game design, Python appears in almost every industry that requires coding of some kind. If you're looking to get into or get promoted to a higher level in one of those industries, then your next step ...

OffSec Blog (16 articles)

Shadow AI: How Unsanctioned Tools Create Invisible Risk
01/04/2026 13:17
Over 80% of workers use unapproved AI tools. Learn how shadow AI creates hidden attack surface and what security teams can do to detect and address it. The post Shadow AI: How Unsanctioned Tools Create Invisible Risk appeared first on OffSec.
OffSec and Deloitte Portugal Announces Strategic Partnership
30/03/2026 11:27
Announcing a strategic partnership with Deloitte Portugal to help organizations strengthen the technical capabilities of their security teams. The post OffSec and Deloitte Portugal Announces Strategic Partnership appeared first on OffSec.
8 Ways to Stay Motivated During Exam Prep
16/03/2026 17:14
Preparing for an OffSec certification exam is a technical and psychological journey. Here are some expert strategies to help during your OffSec exam prep! The post 8 Ways to Stay Motivated During Exam Prep appeared first on OffSec.
OSCP to OSAI: How Offensive Security Practitioners Can Pivot Into AI Security
13/03/2026 18:16
OSCP holders already have the adversarial mindset AI red teaming demands. Learn what transfers, what's new, and how to close the gap from OSCP to OSAI efficiently. The post OSCP to OSAI: How Offensive Security Practitioners Can Pivot Into AI Security appeared first on OffSec.
The AI Security Skills Gap: What It Is, Where It Exists, and How to Close It
10/03/2026 21:31
The AI security skills gap threatens enterprise AI investments. Learn where skills gaps exist across security teams and how hands-on training closes them. The post The AI Security Skills Gap: What It Is, Where It Exists, and How to Close It appeared first on OffSec.
Careers in Offensive AI Security: Roles, Skills, and Pathways
27/02/2026 13:52
At OffSec, we are building OSAI, our offensive AI security certification, to help practitioners extend adversary-driven methodology into AI-enabled environments already entering production. That initiative reflects a broader shift happening across the industry. As AI-enabled features move into pr...
Building an AI-Ready Cybersecurity Team
17/02/2026 18:14
A practical framework for security leaders to build AI-ready teams. Learn to assess capabilities, prioritize training, and balance AI with foundational skills. The post Building an AI-Ready Cybersecurity Team appeared first on OffSec.
The Skills That Will Matter for Offensive AI Security in 2026
13/02/2026 13:00
Before tools, before frameworks, before hype, offensive security has always been about one thing: Thinking like an attacker. That foundation now defines the offensive AI security skills practitioners will need as AI reshapes the attack surface. AI systems introduce new behaviors and new failure m...
Defending Against AI-Powered Cyber Attacks: Why Your Blue Team Needs New Skills
04/02/2026 16:00
AI-powered cyber attacks are outpacing traditional defenses. Learn the four key threat categories and the new skills blue teams need to defend against them. The post Defending Against AI-Powered Cyber Attacks: Why Your Blue Team Needs New Skills appeared first on OffSec.
CVE-2026-24061 – GNU InetUtils telnetd Authentication Bypass Vulnerability
30/01/2026 16:15
CVE-2026-24061 enables unauthenticated attackers to exploit GNU telnetd and gain immediate root shells over the network. The post CVE-2026-24061 – GNU InetUtils telnetd Authentication Bypass Vulnerability appeared first on OffSec.
Thinking Like an Attacker: How Attackers Target AI Systems
14/01/2026 14:04
In September 2025, security researchers at Anthropic uncovered something unprecedented: an AI-orchestrated espionage campaign where attackers used Claude to perform 80–90% of a sophisticated hacking operation. The AI handled everything from reconnaissance to payload development, demonstrating tha...
Offensive Security in the Age of AI: Red Teaming LLM
09/01/2026 17:09
LLMs change how red teams test applications. Explore OffSec’s LLM Red Teaming Learning Path and build practical AI testing skills. The post Offensive Security in the Age of AI: Red Teaming LLM appeared first on OffSec.
How OffSec Maps Cybersecurity Training to Industry Frameworks
09/01/2026 16:46
How MITRE ATT&CK, D3FEND, and NICE/NIST frameworks help connect hands-on cybersecurity training to real-world work. The post How OffSec Maps Cybersecurity Training to Industry Frameworks appeared first on OffSec.
Closing Out 2025 with Gratitude (and Momentum)
19/12/2025 11:21
To the OffSec community, As 2025 comes to a close, we want to pause and say thank you. Whether you trained with us, earned a certification, hired through our platform, or cheered others on from the sidelines, you helped make this year one of our most meaningful yet. This year, we focused on one g...
6 Benefits of a Fully Certified Cybersecurity Team
16/12/2025 15:40
Discover 6 key benefits of a fully certified cybersecurity team, from faster onboarding to confident hiring. Learn how unified training drives performance. The post 6 Benefits of a Fully Certified Cybersecurity Team appeared first on OffSec.
Blue Team vs Red Team: Should Defenders Learn Offensive Skills?
16/12/2025 15:34
Discover why blue team defenders benefit from red team skills. Learn how offensive knowledge improves detection, incident response, and career growth. The post Blue Team vs Red Team: Should Defenders Learn Offensive Skills? appeared first on OffSec.

💣 Exploits

Exploit-DB (20 articles)

[webapps] WordPress Backup Migration 1.3.7 - Remote Command Execution
03/03/2026 00:00
WordPress Backup Migration 1.3.7 - Remote Command Execution
[webapps] mailcow 2025-01a - Host Header Password Reset Poisoning
03/03/2026 00:00
mailcow 2025-01a - Host Header Password Reset Poisoning
[webapps] Easy File Sharing Web Server v7.2 - Buffer Overflow
03/03/2026 00:00
Easy File Sharing Web Server v7.2 - Buffer Overflow
[webapps] WeGIA 3.5.0 - SQL Injection
03/03/2026 00:00
WeGIA 3.5.0 - SQL Injection
[webapps] Boss Mini v1.4.0 - Local File Inclusion (LFI)
03/03/2026 00:00
Boss Mini v1.4.0 - Local File Inclusion (LFI)
[webapps] motionEye 0.43.1b4 - RCE
11/02/2026 00:00
motionEye 0.43.1b4 - RCE
[remote] Windows 10.0.17763.7009 - spoofing vulnerability
11/02/2026 00:00
Windows 10.0.17763.7009 - spoofing vulnerability
[local] glibc 2.38 - Buffer Overflow
11/02/2026 00:00
glibc 2.38 - Buffer Overflow
[remote] windows 10/11 - NTLM Hash Disclosure Spoofing
04/02/2026 00:00
windows 10/11 - NTLM Hash Disclosure Spoofing
[remote] Redis 8.0.2 - RCE
04/02/2026 00:00
Redis 8.0.2 - RCE
[webapps] OctoPrint 1.11.2 - File Upload
04/02/2026 00:00
OctoPrint 1.11.2 - File Upload
[remote] Ingress-NGINX Admission Controller v1.11.1 - FD Injection to RCE
04/02/2026 00:00
Ingress-NGINX Admission Controller v1.11.1 - FD Injection to RCE
[webapps] aiohttp 3.9.1 - directory traversal PoC
04/02/2026 00:00
aiohttp 3.9.1 - directory traversal PoC
[webapps] FortiWeb Fabric Connector 7.6.x - SQL Injection to Remote Code Execution
04/02/2026 00:00
FortiWeb Fabric Connector 7.6.x - SQL Injection to Remote Code Execution
[local] Docker Desktop 4.44.3 - Unauthenticated API Exposure
04/02/2026 00:00
Docker Desktop 4.44.3 - Unauthenticated API Exposure
[webapps] Piranha CMS 12.0 - Stored XSS in Text Block
02/02/2026 00:00
Piranha CMS 12.0 - Stored XSS in Text Block
[webapps] RPi-Jukebox-RFID 2.8.0 - Stored Cross-Site Scripting (XSS)
02/02/2026 00:00
RPi-Jukebox-RFID 2.8.0 - Stored Cross-Site Scripting (XSS)
[hardware] D-Link DIR-825 Rev.B 2.10 - Stack Buffer Overflow (DoS)
02/02/2026 00:00
D-Link DIR-825 Rev.B 2.10 - Stack Buffer Overflow (DoS)
[webapps] RPi-Jukebox-RFID 2.8.0 - Remote Command Execution
17/01/2026 00:00
RPi-Jukebox-RFID 2.8.0 - Remote Command Execution
[webapps] Siklu EtherHaul Series EH-8010 - Arbitrary File Upload
17/01/2026 00:00
Siklu EtherHaul Series EH-8010 - Arbitrary File Upload

Full Disclosure (15 articles)

SEC Consult SA-20260401-0 :: Broken Access Control in Open WebUI
03/04/2026 03:55
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 02SEC Consult Vulnerability Lab Security Advisory < 20260401-0 > ======================================================================= title: Broken Access Control             product: Open WebUI  vulnerabl...
SEC Consult SA-20260326-0 :: Local Privilege Escalation in Vienna Assistant (MacOS) - Vienna Symphonic Library
03/04/2026 03:55
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 02SEC Consult Vulnerability Lab Security Advisory < 20260326-0 > ======================================================================= title: Local Privilege Escalation product: Vienna Assistant ...
Apple OHTTP Relay: 14 Third-Party Endpoints, 6 Countries, Zero User Visibility
03/04/2026 03:54
Posted by Joseph Goydish II via Fulldisclosure on Apr 02SUMMARY Apple's Oblivious HTTP relay for Live Caller ID Lookup (iOS 18+) routes traffic through 14 third-party endpoints across six countries. These include an anonymous Delaware LLC sharing data with OpenAI, a Russian endpoint (Yandex...
[KIS-2026-06] MetInfo CMS <= 8.1 (weixinreply.class.php) PHP Code Injection Vulnerability
03/04/2026 03:53
Posted by Egidio Romano on Apr 02--------------------------------------------------------------------------- MetInfo CMS &lt;= 8.1 (weixinreply.class.php) PHP Code Injection Vulnerability --------------------------------------------------------------------------- [-] Software Link: https://www....
[CVE-2026-33691] OWASP CRS whitespace padding bypass vulnerability
03/04/2026 03:52
Posted by cyber security on Apr 02A vulnerability was identified in OWASP CRS where whitespace padding in filenames can bypass file upload extension checks, allowing uploads of dangerous files such as .php, .phar, .jsp, and .jspx. This issue has been assigned CVE‑2026‑33691. Impact: Attackers ma...
APPLE-SA-03-24-2026-10 Xcode 26.4
29/03/2026 03:11
Posted by Apple Product Security via Fulldisclosure on Mar 28APPLE-SA-03-24-2026-10 Xcode 26.4 Xcode 26.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/126801. Apple maintains a Security Releases page at https://support.app...
APPLE-SA-03-24-2026-9 Safari 26.4
29/03/2026 03:11
Posted by Apple Product Security via Fulldisclosure on Mar 28APPLE-SA-03-24-2026-9 Safari 26.4 Safari 26.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/126800. Apple maintains a Security Releases page at https://support.ap...
APPLE-SA-03-24-2026-8 visionOS 26.4
29/03/2026 03:11
Posted by Apple Product Security via Fulldisclosure on Mar 28APPLE-SA-03-24-2026-8 visionOS 26.4 visionOS 26.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/126799. Apple maintains a Security Releases page at https://suppor...
APPLE-SA-03-24-2026-7 watchOS 26.4
29/03/2026 03:11
Posted by Apple Product Security via Fulldisclosure on Mar 28APPLE-SA-03-24-2026-7 watchOS 26.4 watchOS 26.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/126798. Apple maintains a Security Releases page at https://support....
APPLE-SA-03-24-2026-6 tvOS 26.4
29/03/2026 03:11
Posted by Apple Product Security via Fulldisclosure on Mar 28APPLE-SA-03-24-2026-6 tvOS 26.4 tvOS 26.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/126797. Apple maintains a Security Releases page at https://support.apple....
APPLE-SA-03-24-2026-5 macOS Sonoma 14.8.5
29/03/2026 03:11
Posted by Apple Product Security via Fulldisclosure on Mar 28APPLE-SA-03-24-2026-5 macOS Sonoma 14.8.5 macOS Sonoma 14.8.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/126796. Apple maintains a Security Releases page at ht...
APPLE-SA-03-24-2026-4 macOS Sequoia 15.7.5
29/03/2026 03:10
Posted by Apple Product Security via Fulldisclosure on Mar 28APPLE-SA-03-24-2026-4 macOS Sequoia 15.7.5 macOS Sequoia 15.7.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/126795. Apple maintains a Security Releases page at ...
APPLE-SA-03-24-2026-3 macOS Tahoe 26.4
29/03/2026 03:10
Posted by Apple Product Security via Fulldisclosure on Mar 28APPLE-SA-03-24-2026-3 macOS Tahoe 26.4 macOS Tahoe 26.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/126794. Apple maintains a Security Releases page at https://...
APPLE-SA-03-24-2026-2 iOS 18.7.7 and iPadOS 18.7.7
29/03/2026 03:10
Posted by Apple Product Security via Fulldisclosure on Mar 28APPLE-SA-03-24-2026-2 iOS 18.7.7 and iPadOS 18.7.7 iOS 18.7.7 and iPadOS 18.7.7 addresses the following issues. Information about the security content is also available at https://support.apple.com/126793. Apple maintains a Security R...
APPLE-SA-03-24-2026-1 iOS 26.4 and iPadOS 26.4
29/03/2026 03:10
Posted by Apple Product Security via Fulldisclosure on Mar 28APPLE-SA-03-24-2026-1 iOS 26.4 and iPadOS 26.4 iOS 26.4 and iPadOS 26.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/126792. Apple maintains a Security Releases ...

SANS ISC (10 articles)

TeamPCP Supply Chain Campaign: Update 006 - CERT-EU Confirms European Commission Cloud Breach, Sportradar Details Emerge, and Mandiant Quantifies Campaign at 1,000&#x2b; SaaS Environments, (Fri, Apr 3rd)
03/04/2026 13:18
This is the sixth update to the TeamPCP supply chain campaign threat intelligence report,&&#x23&#x3b;x26&#x3b;&#x23&#x3b;xc2&#x3b;&&#x23&#x3b;x26&#x3b;&#x23&#x3b;xa0&#x3b;"When the Security Scanner Became the Weapon"&&#x23&#x3b;x26&#x3b;&#x23&#x3b;xc2&#x3b;&&#x23&#x3b;x26&#x3b;&#x23&#x3b;xa0&#x3b...
Attempts to Exploit Exposed "Vite" Installs (CVE-2025-30208), (Thu, Apr 2nd)
02/04/2026 14:49
From its GitHub repo: "Vite (French word for "quick", pronounced /vi&#x3f;t/, like "veet") is a new breed of frontend build tooling that significantly improves the frontend development experience" &#x5b;https://github.com/vitejs/vite&#x5d;.&#xd;
Malicious Script That Gets Rid of ADS, (Wed, Apr 1st)
01/04/2026 20:09
Today, most malware are called &#xe2;&#x20ac;&#x153;fileless&#xe2;&#x20ac;&#x9d; because they try to reduce their footprint on the infected computer filesystem to the bare minimum. But they need to write something&#xe2;&#x20ac;&#xa6; think about persistence. They can use the registry as an altern...
TeamPCP Supply Chain Campaign: Update 005 - First Confirmed Victim Disclosure, Post-Compromise Cloud Enumeration Documented, and Axios Attribution Narrows, (Wed, Apr 1st)
01/04/2026 13:08
This is the fifth update to the TeamPCP supply chain campaign threat intelligence report, "When the Security Scanner Became the Weapon" (v3.0, March 25, 2026). Update 004 covered developments through March 30, including the Databricks investigation, dual ransomware operations, and AstraZeneca dat...
Application Control Bypass for Data Exfiltration, (Tue, Mar 31st)
31/03/2026 07:31
In case of a cyber incident, most organizations fear more of data loss (via exfiltration) than regular data encryption because they have a good backup policy in place. If exfiltration happened, it means a total loss of control of the stolen data with all the consequences (PII, CC numbers, &#xe2;&...

🇫🇷 FR

ZATAZ (10 articles)

Cyber actualités ZATAZ de la semaine du 30 mars au 4 avril 2026
04/04/2026 12:55
Cette semaine, la pression s’est accentuée sur les écosystèmes criminels, les plateformes et les États.
L’identité est le nouveau périmètre : surmonter les points faibles d’Active Directory
04/04/2026 12:29
Un quart de siècle après son apparition, Windows Active Directory (AD) définit toujours les réseaux sur site. Mais il faut l&#8217;admettre : AD est un système d&#8217;identité vieillissant. Il a été conçu pour une époque plus simple, où la sécurité ne signifiait qu&#8217;une chose : un réseau in...
Un pirate menace une femme enceinte par téléphone : certains pirates français sont-ils devenus des enfoirés ?
04/04/2026 11:38
Valentine, future maman, menacée par des escrocs, révèle comment les données volées servent à terroriser et extorquer.
VoIP : des avantages très concrets pour les PME et les ETI
03/04/2026 11:50
Longtemps réservée aux grandes organisations ou perçue comme un simple sujet technique, la VoIP s’est imposée comme un outil de communication central pour les entreprises. Plus souple, plus simple à piloter et souvent mieux adaptée aux usages modernes, elle répond aux besoins très concrets des PM...
Opération Alice, le dark web sous pression
31/03/2026 16:59
Opération Alice : 373 000 sites onion fermés, 440 clients identifiés et un vaste réseau cybercriminel exposé.
Le faux live GTA qui a mené à la prison à vie !
31/03/2026 16:28
Faux live GTA, vidéosurveillance, effacement des traces : comment un alibi numérique a conduit un youtubeur à la perpétuité.
Le pirate était une influenceuse
31/03/2026 16:14
Adva Lavie, alias Mia Ventura, accusée d’avoir utilisé la confiance en ligne pour voler des victimes.
Application Maison Blanche, les risques concrets
31/03/2026 15:57
Application Maison Blanche : GPS, profilage, scripts tiers, les risques concrets pour vos données et votre vie privée.
Kali Linux 2026.1 muscle l’arsenal offensif
31/03/2026 15:48
Kali Linux 2026.1 modernise le pentest avec nouveaux outils, refonte visuelle et avancées NetHunter.
HackerOne touché par la fuite chez Navia
31/03/2026 15:16
Fuite chez Navia : 287 salariés de HackerOne exposés, avec un risque élevé de phishing ciblé et d’ingénierie sociale.

UnderNews (20 articles)

Une faille de sécurité sur iPhone pourrait transformer votre appareil en outil d’espionnage
03/04/2026 13:13
Un outil de piratage dangereux pour iPhone, connu sous le nom de DarkSword , a fuité sur GitHub, ce qui engendre de nouveaux risques pour les utilisateurs d&#8217;anciens appareils Apple. Tribune &#8211; Un puissant outil de piratage pour iPhone, lié à des campagnes de logiciels espions actives, ...
Kaspersky et AFRIPOL organisent une formation conjointe en cybersécurité à destination des forces de l’ordre africaines
03/04/2026 13:10
Dans le cadre d’une initiative conjointe avec AFRIPOL, Kaspersky a dispensé des formations en cybersécurité à des représentants des forces de l’ordre issus de 23 pays africains, portant sur les fondamentaux des activités des centres d’opérations de sécurité (SOC) ainsi que sur les techniques avan...
Fuite de code chez Claude Code : les commentaires de Melissa Bischoping de Tanium
03/04/2026 12:28
Suite à la fuite du code de Claude Code d’Anthropic, voici les commentaires et l’analyse de Melissa Bischoping, Senior Director, Security and Product Design Research chez Tanium, en matière de cybersécurité. « Les fuites de code source suscitent souvent la crainte de voir des informations proprié...
Forum INCYBER 2026 : Le réseau des Campus Cyber dévoile sa feuille de route stratégique commune
02/04/2026 07:43
Pour la première fois depuis leur création, les Campus Cyber1  se dotent d’une feuille de route stratégique commune. Par-delà les spécificités régionales, les Campus décident de miser sur le collectif et sur la force du réseau. Tribune &#8211; Ils entendent répondre à une attente forte de la part...
Kaspersky découvre CrystalX RAT, un cheval de Troie qui dérobe les données et nargue ses victimes !
01/04/2026 14:10
Ce nouveau cheval de Troie d&#8217;accès à distance (remote access trojan ou RAT) ne se contente pas d’espionner ses victimes et de voler leurs informations, il va jusqu’à se moquer d&#8217;elles ! Et ce n&#8217;est pas un poisson d&#8217;avril&#8230; Tribune &#8211; Le Global Research and Analys...
Le GTIG attribue la compromission de la chaîne d’approvisionnement d’Axios à un acteur nord-coréen (UNC1069)
01/04/2026 14:08
Pour vous tenir informé des derniers développements concernant la récente compromission de la chaîne d’approvisionnement de la bibliothèque axios distribuée via NPM, le Google Threat Intelligence Group (GTIG) indique avoir attribué l’incident à un acteur malveillant soupçonné d’être lié à la Coré...
Extensions IA : le cheval de Troie dans votre navigateur
01/04/2026 14:06
Le navigateur web est devenu l’interface centrale du travail numérique. Messagerie, collaboration, applications SaaS : une grande partie de l’activité professionnelle passe désormais par cet environnement. L’intelligence artificielle y fait aujourd’hui une entrée rapide, notamment sous la forme d...
89 % des dirigeants informatiques ont peur de perdre leurs données à la suite d’une cyberattaque alimentée par l’IA
01/04/2026 14:04
Les dispositifs de défense évoluent peu, sachant que seules 58 % des entreprises protègent leurs données à l’aide d’une solution de stockage immuable. Tribune &#8211; Object First, éditeur de solution de stockage sur site invulnérable aux ransomwares, publie les conclusions d’une nouvelle enquête...
Attaque supply chain ciblant Axios – Analyse JFrog
01/04/2026 14:01
L’équipe de recherche en sécurité de JFrog a analysé une attaque sophistiquée de la chaîne d’approvisionnement visant les utilisateurs de la bibliothèque Axios. Largement adoptée, cette bibliothèque cliente HTTP compte près de 300 millions de téléchargements hebdomadaires, ce qui confère à cette ...
Kaspersky identifie le kit d’exploitation Coruna comme une évolution majeure d’Opération Triangulation
31/03/2026 08:56
L&#8217;équipe du GReAT (Global Research and Analysis Team) de Kaspersky a mené une analyse approfondie du code source des exploits Coruna et a déterminé avec certitude que ce kit constitue une itération directe et actualisée du framework utilisé, du moins en partie, lors de la campagne de cybere...
Cybersécurité : arrêtons de nous raconter des histoires
31/03/2026 08:52
Il y a quelque chose d&#8217;étrange dans notre secteur : plus on investit, plus on se fait attaquer !  On le sait, on en parle, et on continue à peu près comme avant. Ce n&#8217;est pas un manque de budget. Ce n&#8217;est pas un manque d&#8217;outils. C&#8217;est un problème de lucidité. Tribune...
Cybermenace : plus de 100 campagnes d’arnaques fiscales détectées depuis janvier 2026
30/03/2026 13:36
La période fiscale est devenue un terrain de jeu privilégié pour les cybercriminels. Les chercheurs de Proofpoint viennent de publier une analyse qui révèle l&#8217;ampleur et la sophistication croissante des attaques exploitant le thème fiscal.   Tribune &#8211; Les chiffres parlent d&#8217;eux-...
Le SDK de voix IA « Telnyx » a été compromis dans le cadre de la campagne TeamPCP
27/03/2026 14:32
JFrog Security Research vient de mettre au jour une faille majeure affectant la bibliothèque PyPI de telnyx, un SDK essentiel utilisé par les développeurs pour intégrer des agents vocaux IA et des services de messagerie dans leurs applications. Tribune &#8211; Avec plus de 3,8 millions de télécha...
Une étude met en lumière les fuites de données qui ont fait le plus de dégâts en 2025
27/03/2026 13:41
En 2025, des milliers de fuites et de violations de données ont été recensées, mais quelques incidents très médiatisés ont été à l’origine d’une majorité des préjudices. Le gestionnaire de mots de passe NordPass, en collaboration avec la plateforme de surveillance du dark web NordStellar, a ident...
Zimperium publie de nouveaux indicateurs de compromission liés au malware bancaire Android TaxiSpy
26/03/2026 10:41
De nouvelles recherches menées par l’équipe zLabs détaillent les menaces associées à TaxiSpy et permettent aux équipes de sécurité de détecter et neutraliser les campagnes de malware bancaire Android. Tribune &#8211; zLabs, la division de recherche de Zimperium, leader mondial de la sécurité mobi...
Vos outils de sécurité sont-ils devenus vos pires ennemis ?
26/03/2026 10:23
Et si l&#8217;outil que vous utilisez pour protéger votre code était précisément celui qui ouvrait la porte aux pirates ? Une attaque d&#8217;une efficacité redoutable a récemment frappé Trivy, un scanner de vulnérabilités utilisé par des milliers de développeurs. En corrompant cet « outil de con...
Les téléchargements de VPN diminuent dans le monde en 2025 mais leur adoption globale se poursuit
26/03/2026 10:20
Les téléchargements de VPN dans le monde ont atteint un pic en 2022 et ne s&#8217;en sont pas remis, mais leur adoption est en hausse dans certaines régions d&#8217;Europe et du Golfe. Le nombre de téléchargements de VPN dans le monde a culminé à 487 millions en 2022, avant de chuter progressivem...
Les incidents critiques en net recul au fil des ans selon les experts Kaspersky
25/03/2026 15:14
D&#8217;après le rapport « Anatomy of a Cyber World: Global Report » (Anatomie d’un cybermonde) de Kaspersky Security Services, le pourcentage d’incidents critiques a fortement reculé ces dernières années. Alors que l&#8217;année 2021 a enregistré la proportion la plus élevée avec 14,3 %, l’année...
Cybersécurité et chaîne d’approvisionnement : un impératif stratégique de confiance
24/03/2026 09:22
Dans son article « Zero Trust dans l’industrie : un impératif, pas une option », Ramses Gallego, Chief Technologist, Cybersecurity, DXC Technology revient sur la notion du Zero Trust et ce que la méthode apporte au secteur industriel. Avec ses milliers de systèmes interconnectés, le secteur indus...
Cybersécurité et bonne gestion des données : une composante clé d’une transformation digitale réussie
24/03/2026 09:19
Dans un environnement numérique en constante évolution, les cybermenaces et incidents IT exigent une double approche : renforcer la sécurité de vos systèmes tout en garantissant leur résilience. Sécuriser ses données, anticiper les attaques et assurer une reprise rapide en cas d’incident sont des...

IT-Connect (15 articles)

De l’idée à l’application sans coder avec l’IA de Replit !
03/04/2026 11:00
Replit est une plateforme basée sur l'IA qui vous permet de transformer une simple idée en application web ou mobile. Je vous présente 5 projets que j'ai créés. Le post De l’idée à l’application sans coder avec l’IA de Replit ! a été publié sur IT-Connect.
Windows 11 va indiquer si vos certificats Secure Boot sont à jour !
03/04/2026 09:20
L'application Sécurité Windows va évoluer pour vous indiquer précisément où en est votre machine dans la mise à jour des certificats du Secure Boot. Le post Windows 11 va indiquer si vos certificats Secure Boot sont à jour ! a été publié sur IT-Connect.
External MFA dans Microsoft Entra ID est disponible : ce qu’il faut savoir !
03/04/2026 07:10
Le 24 mars 2026, Microsoft a annoncé la disponibilité de la fonctionnalité MFA externe dans Entra ID. Qu'est-ce que ça change ? Voici l'essentiel à savoir. Le post External MFA dans Microsoft Entra ID est disponible : ce qu’il faut savoir ! a été publié sur IT-Connect.
Microsoft Teams : le blocage des bots IA en réunion arrive
03/04/2026 06:59
Microsoft s'apprête à ajouter une nouvelle fonctionnalité de sécurité à Teams permettant de mieux identifier et de bloquer les bots tiers non autorisés. Le post Microsoft Teams : le blocage des bots IA en réunion arrive a été publié sur IT-Connect.
Google AI Pro : le stockage passe de 2 To à 5 To pour le même prix
03/04/2026 04:40
Vous avez un abonnement Google AI Pro ? J'ai une bonne nouvelle pour vous : le stockage inclus dans votre abonnement passe de 2 To à 5 To. Le post Google AI Pro : le stockage passe de 2 To à 5 To pour le même prix a été publié sur IT-Connect.
Avec Ubuntu 26.04, la configuration minimale pour la RAM évolue !
02/04/2026 16:26
La nouvelle version d'Ubuntu, à savoir 26.04 LTS, est accompagnée par un changement au niveau de la configuration minimale : 6 Go au lieu de 4 Go. Le post Avec Ubuntu 26.04, la configuration minimale pour la RAM évolue ! a été publié sur IT-Connect.
Souveraineté : Euro-Office accusé de violer la licence d’ONLYOFFICE
02/04/2026 07:15
Nextcloud et Proton s'allient pour lancer Euro-Office afin de construire une alternative à Microsoft 365. Mais ce fork d'ONLYOFFICE risque déjà le procès. Le post Souveraineté : Euro-Office accusé de violer la licence d’ONLYOFFICE a été publié sur IT-Connect.
KB5086672 : une nouvelle mise à jour hors bande pour Windows 11
02/04/2026 04:59
La mise à jour optionnelle de fin mars 2026 est foireuse, alors Microsoft a publié une nouvelle mise à jour en urgence pour rectifier le tir : KB5086672. Le post KB5086672 : une nouvelle mise à jour hors bande pour Windows 11 a été publié sur IT-Connect.
Google corrige en urgence la 4ème faille zero-day de Chrome en 2026
02/04/2026 04:32
Une mise à jour Google Chrome corrige une faille de sécurité zero-day exploitée dans des attaques : CVE-2026-5281. La 4ème de ce type depuis début 2026. Le post Google corrige en urgence la 4ème faille zero-day de Chrome en 2026 a été publié sur IT-Connect.
Zabbix : le guide complet pour bien débuter sa supervision (Linux & Windows)
01/04/2026 13:15
Découvrez notre guide complet pour bien débuter avec Zabbix. Tutoriel étape par étape : installation sur Linux et supervision de vos hôtes Windows et Linux. Le post Zabbix : le guide complet pour bien débuter sa supervision (Linux & Windows) a été publié sur IT-Connect.
Active Directory : les dangers avec les mots de passe compromis
01/04/2026 08:00
La réutilisation des mots de passe représente une menace sérieuse pour les environnements Active Directory : découvrez pourquoi et comment s'en protéger. Le post Active Directory : les dangers avec les mots de passe compromis a été publié sur IT-Connect.
Anthropic : le code source de l’outil Claude Code fuite sur le Web !
01/04/2026 07:59
Anthropic a accidentellement publié le code source de son célèbre outil Claude Code sur la plateforme NPM. Une boulette importante qui secoue le monde de l'IA. Le post Anthropic : le code source de l’outil Claude Code fuite sur le Web ! a été publié sur IT-Connect.
L’IA Claude a identifié une faille RCE importante dans Vim (et Emacs)
01/04/2026 07:58
En analysant le code source de Vim, l'IA Claude est parvenue à identifier une faille : CVE-2026-34714. Dans la foulée, une faille dans Emacs a été identifiée. Le post L’IA Claude a identifié une faille RCE importante dans Vim (et Emacs) a été publié sur IT-Connect.
Proton Meet : la nouvelle alternative à Microsoft Teams et Google Meet
31/03/2026 14:56
Proton a officialisé le lancement de Proton Meet, sa solution de visioconférence, et de nouvelles offres complètes baptisées Proton Workspace. Le post Proton Meet : la nouvelle alternative à Microsoft Teams et Google Meet a été publié sur IT-Connect.
CVE-2026-21643 – Cette faille critique dans FortiClient EMS est exploitée !
31/03/2026 14:31
D'après Defused, les cybercriminels exploitent activement une faille de sécurité critique située dans la solution FortiClient EMS de Fortinet : CVE-2026-21643. Le post CVE-2026-21643 – Cette faille critique dans FortiClient EMS est exploitée ! a été publié sur IT-Connect.

🔬 Recherche

Google Project Zero (10 articles)

On the Effectiveness of Mutational Grammar Fuzzing
05/03/2026 08:00
Mutational grammar fuzzing is a fuzzing technique in which the fuzzer uses a predefined grammar that describes the structure of the samples. When a sample gets mutated, the mutations happen in such a way that any resulting samples still adhere to the grammar rules, thus the structure of the sampl...
A Deep Dive into the GetProcessHandleFromHwnd API
26/02/2026 08:00
In my previous blog post I mentioned the GetProcessHandleFromHwnd API. This was an API I didn’t know existed until I found a publicly disclosed UAC bypass using the Quick Assist UI Access application. This API looked interesting so I thought I should take a closer look. I typically start by readi...
Bypassing Administrator Protection by Abusing UI Access
12/02/2026 08:00
In my last blog post I introduced the new Windows feature, Administrator Protection and how it aimed to create a secure boundary for UAC where one didn’t exist. I described one of the ways I was able to bypass the feature before it was released. In total I found 9 bypasses during my research that...
Breaking the Sound Barrier, Part II: Exploiting CVE-2024-54529
30/01/2026 08:00
In the first part of this series, I detailed my journey into macOS security research, which led to the discovery of a type confusion vulnerability (CVE-2024-54529) and a double-free vulnerability (CVE-2025-31235) in the coreaudiod system daemon through a process I call knowledge-driven fuzzing. W...
Bypassing Windows Administrator Protection
26/01/2026 08:00
A headline feature introduced in the latest release of Windows 11, 25H2 is Administrator Protection. The goal of this feature is to replace User Account Control (UAC) with a more robust and importantly, securable system to allow a local user to access administrator privileges only when necessary....
A 0-click exploit chain for the Pixel 9 Part 3: Where do we go from here?
14/01/2026 18:01
While our previous two blog posts provided technical recommendations for increasing the effort required by attackers to develop 0-click exploit chains, our experience finding, reporting and exploiting these vulnerabilities highlighted some broader issues in the Android ecosystem. This post descri...
A 0-click exploit chain for the Pixel 9 Part 2: Cracking the Sandbox with a Big Wave
14/01/2026 18:00
With the advent of a potential Dolby Unified Decoder RCE exploit, it seemed prudent to see what kind of Linux kernel drivers might be accessible from the resulting userland context, the mediacodec context. As per the AOSP documentation, the mediacodec SELinux context is intended to be a constrain...
A 0-click exploit chain for the Pixel 9 Part 1: Decoding Dolby
14/01/2026 17:59
Over the past few years, several AI-powered features have been added to mobile phones that allow users to better search and understand their messages. One effect of this change is increased 0-click attack surface, as efficient analysis often requires message media to be decoded before the message...
Welcome to the new Project Zero Blog
16/12/2025 10:00
While on Project Zero, we aim for our research to be leading-edge, our blog design was … not so much. We welcome readers to our shiny new blog! For the occasion, we asked members of Project Zero to dust off old blog posts that never quite saw the light of day. And while we wish we could say the t...
Thinking Outside The Box [dusted off draft from 2017]
16/12/2025 09:00
Preface Hello from the future! This is a blogpost I originally drafted in early 2017. I wrote what I intended to be the first half of this post (about escaping from the VM to the VirtualBox host userspace process with CVE-2017-3558), but I never got around to writing the second half (going from t...

Trail of Bits (20 articles)

Simplifying MBA obfuscation with CoBRA
03/04/2026 11:00
Mixed Boolean-Arithmetic (MBA) obfuscation disguises simple operations like x + y behind tangles of arithmetic and bitwise operators. Malware authors and software protectors rely on it because no standard simplification technique covers both domains simultaneously; algebraic simplifiers don’t und...
Mutation testing for the agentic era
01/04/2026 11:00
Code coverage is one of the most dangerous quality metrics in software testing. Many developers fail to realize that code coverage lies by omission: it measures execution, not verification. Test suites with high coverage can obfuscate the fact that critical functionality is untested as software d...
How we made Trail of Bits AI-native (so far)
31/03/2026 11:00
This post is adapted from a talk I gave at [un]prompted, the AI security practitioner conference. Thanks to Gadi Evron for inviting me to speak. You can watch the recorded presentation below or download the slides. Most companies hand out ChatGPT licenses and wait for the productivity numbers to ...
Try our new dimensional analysis Claude plugin
25/03/2026 11:00
We’re releasing a new Claude plugin for developing and auditing code that implements dimensional analysis, a technique we explored in our most recent blog post. Most LLM-based security skills ask the model to find bugs. Our new dimensional-analysis plugin for Claude Code takes a different approac...
Spotting issues in DeFi with dimensional analysis
24/03/2026 11:00
Using dimensional analysis, you can categorically rule out a whole category of logic and arithmetic bugs that plague DeFi formulas. No code changes required, just better reasoning! One of the first lessons in physics is learning to think in terms of dimensions. Physicists can often spot a flawed ...
Six mistakes in ERC-4337 smart accounts
11/03/2026 11:00
Account abstraction transforms fixed “private key can do anything” models into programmable systems that enable batching, recovery and spending limits, and flexible gas payment. But that programmability introduces risks: a single bug can be as catastrophic as leaking a private key. After auditing...
mquire: Linux memory forensics without external dependencies
25/02/2026 12:00
If you’ve ever done Linux memory forensics, you know the frustration: without debug symbols that match the exact kernel version, you’re stuck. These symbols aren’t typically installed on production systems and must be sourced from external repositories, which quickly become outdated when systems ...
Using threat modeling and prompt injection to audit Comet
20/02/2026 16:00
Before launching their Comet browser, Perplexity hired us to test the security of their AI-powered browsing features. Using adversarial testing guided by our TRAIL threat model, we demonstrated how four prompt injection techniques could extract users&rsquo; private information from Gmail by explo...
Carelessness versus craftsmanship in cryptography
18/02/2026 12:00
Two popular AES libraries, aes-js and pyaes, “helpfully” provide a default IV in their AES-CTR API, leading to a large number of key/IV reuse bugs. These bugs potentially affect thousands of downstream projects. When we shared one of these bugs with an affected vendor, strongSwan, the maintainer ...
Celebrating our 2025 open-source contributions
30/01/2026 12:00
Last year, our engineers submitted over 375 pull requests that were merged into non–Trail of Bits repositories, touching more than 90 projects from cryptography libraries to the Rust compiler. This work reflects one of our driving values: &ldquo;share what others can use.&rdquo; The measure isn&r...
Building cryptographic agility into Sigstore
29/01/2026 12:00
Software signatures carry an invisible expiration date. The container image or firmware you sign today might be deployed for 20 years, but the cryptographic signature protecting it may become untrustworthy within 10 years. SHA-1 certificates become worthless, weak RSA keys are banned, and quantum...
Lack of isolation in agentic browsers resurfaces old vulnerabilities
13/01/2026 12:00
With browser-embedded AI agents, we&rsquo;re essentially starting the security journey over again. We exploited a lack of isolation mechanisms in multiple agentic browsers to perform attacks ranging from the dissemination of false information to cross-site data leaks. These attacks, which are fun...
Detect Go’s silent arithmetic bugs with go-panikint
31/12/2025 12:00
Go’s arithmetic operations on standard integer types are silent by default, meaning overflows “wrap around” without panicking. This behavior has hidden an entire class of security vulnerabilities from fuzzing campaigns. Today we’re changing that by releasing go-panikint, a modified Go compiler th...
Can chatbots craft correct code?
19/12/2025 12:00
I recently attended the AI Engineer Code Summit in New York, an invite-only gathering of AI leaders and engineers. One theme emerged repeatedly in conversations with attendees building with AI: the belief that we’re approaching a future where developers will never need to look at code again. When...
Use GWP-ASan to detect exploits in production environments
16/12/2025 12:00
Memory safety bugs like use-after-free and buffer overflows remain among the most exploited vulnerability classes in production software. While AddressSanitizer (ASan) excels at catching these bugs during development, its performance overhead (2 to 4 times) and security concerns make it unsuitabl...
Catching malicious package releases using a transparency log
12/12/2025 12:00
We’re getting Sigstore’s rekor-monitor ready for production use, making it easier for developers to detect tampering and unauthorized uses of their identities in the Rekor transparency log. This work, funded by the OpenSSF, includes support for the new Rekor v2 log, certificate validation, and in...
Introducing mrva, a terminal-first approach to CodeQL multi-repo variant analysis
11/12/2025 12:00
In 2023 GitHub introduced CodeQL multi-repository variant analysis (MRVA). This functionality lets you run queries across thousands of projects using pre-built databases and drastically reduces the time needed to find security bugs at scale. There’s just one problem: it’s largely built on VS Code...
Introducing constant-time support for LLVM to protect cryptographic code
02/12/2025 12:00
Trail of Bits has developed constant-time coding support for LLVM, providing developers with compiler-level guarantees that their cryptographic implementations remain secure against branching-related timing attacks. These changes are being reviewed and will be added in an upcoming release, LLVM 2...
We found cryptography bugs in the elliptic library using Wycheproof
18/11/2025 12:00
Trail of Bits is publicly disclosing two vulnerabilities in elliptic, a widely used JavaScript library for elliptic curve cryptography that is downloaded over 10 million times weekly and is used by close to 3,000 projects. These vulnerabilities, caused by missing modular reductions and a missing ...
Level up your Solidity LLM tooling with Slither-MCP
15/11/2025 12:00
We’re releasing Slither-MCP, a new tool that augments LLMs with Slither’s unmatched static analysis engine. Slither-MCP benefits virtually every use case for LLMs by exposing Slither’s static analysis API via tools, allowing LLMs to find critical code faster, navigate codebases more efficiently, ...