Année : 2025

Vulnérabilité dans Microsoft Edge (14 avril 2025)

1 min read

• Actus

Vulnérabilité dans Microsoft Edge (14 avril 2025)

Une vulnérabilité a été découverte dans Microsoft Edge. Elle permet à un attaquant de provoquer une exécution...

Read More

Vulnérabilité dans Microsoft Visual Studio Code (14 avril 2025)

1 min read

• Actus

Vulnérabilité dans Microsoft Visual Studio Code (14 avril 2025)

Une vulnérabilité a été découverte dans Microsoft Visual Studio Code. Elle permet à un attaquant de provoquer...

Read More

Bulletin d’actualité CERTFR-2025-ACT-015 (14 avril 2025)

1 min read

• Actus

Bulletin d’actualité CERTFR-2025-ACT-015 (14 avril 2025)

Ce bulletin d’actualité du CERT-FR revient sur les vulnérabilités significatives de la semaine passée pour souligner leurs...

Read More

Microsoft Entra account lockouts caused by user token logging mishap

1 min read

• Actus

Microsoft Entra account lockouts caused by user token logging mishap

Microsoft confirms that the weekend Entra account lockouts were caused by the invalidation of short-lived user refresh tokens that...

Read More

State-sponsored hackers embrace ClickFix social engineering tactic

1 min read

• Actus

State-sponsored hackers embrace ClickFix social engineering tactic

ClickFix attacks are being increasingly adopted by threat actors of all levels, with researchers now seeing multiple...

Read More

Phishers abuse Google OAuth to spoof Google in DKIM replay attack

1 min read

• Actus

Phishers abuse Google OAuth to spoof Google in DKIM replay attack

In a rather clever attack, hackers leveraged a weakness that allowed them to send a fake email...

Read More

WordPress ad-fraud plugins generated 1.4 billion ad requests per day

1 min read

• Actus

WordPress ad-fraud plugins generated 1.4 billion ad requests per day

A large-scale ad fraud operation called ‘Scallywag’ is monetizing pirating and URL shortening sites through specially crafted...

Read More

Widespread Microsoft Entra lockouts tied to new security feature rollout

1 min read

• Actus

Widespread Microsoft Entra lockouts tied to new security feature rollout

Windows administrators from numerous organizations report widespread account lockouts triggered by false positives in the rollout of...

Read More

Critical Erlang/OTP SSH RCE bug now has public exploits, patch now

1 min read

• Actus

Critical Erlang/OTP SSH RCE bug now has public exploits, patch now

Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing unauthenticated attackers...

Read More

New Android malware steals your credit cards for NFC relay attacks

1 min read

• Actus

New Android malware steals your credit cards for NFC relay attacks

A new malware-as-a-service (MaaS) platform named ‘SuperCard X’ has emerged, targeting Android devices via NFC relay attacks...

Read More