FACTUALRISK Cyber Intelligence
Mise à jour : 15 Jul 2026 · 00:03
← Accueil
🗞 Briefing
💥 Menaces
🛡 Vulnérabilités
📋 Conformité
📚 Guides
← Retour FactualRisk
Total incidents
40
Critique
7
Élevé
2
APT actifs
2
Domaine
Catégorie
Sévérité
Visible : 40
🟢 il y a 22h BleepingComputer
SonicWall warns that threat actors have been exploiting two SMA1000 vulnerabilities, tracked as CVE-2026-15409 and CVE-2026-15410, in zero-day attacks and urges…
🔗 CVEs liés : CVE-2026-15409 CVE-2026-15410
🟢 il y a 22h TheHackerNews
Microsoft shipped its largest Patch Tuesday on record today, and two of the fixes close holes that attackers are already exploiting. The release covers 622 of M…
🟢 il y a 22h BleepingComputer
The Spanish Police dismantled a cybercrime and money-laundering organization that made €140 million ($160 million) from investment fraud and business email comp…
🟢 il y a 22h KrebsOnSecurity
Microsoft Corp. today released software updates to plug at least 570 security holes in its Windows operating systems and other software, almost triple the numbe…
🟢 il y a 22h BleepingComputer
A threat actor has published hundreds of fake GitHub repositories impersonating legitimate software and security projects to distribute infostealer malware. [..…
🟢 il y a 22h SecurityWeek
Two flaws in Active Directory and SharePoint Server have been exploited as zero-days, and a BitLocker bug was publicly disclosed. The post Microsoft Patches …
🟢 il y a 22h BleepingComputer
Microsoft has released the Windows 10 KB5099539 extended security update, which includes the July 2026 Patch Tuesday security updates for 570 vulnerabilities, a…
🟢 il y a 22h SecurityWeek
The D1R cybercrime group claimed to have stolen valuable data from Synopsys and Bosch, threatening to leak it unless a ransom is paid.  The post Synopsys Fin…
🟢 il y a 22h TheHackerNews
SAP has rolled out updates to address multiple vulnerabilities as part of its July 2026 security updates, including a critical flaw in SAP NetWeaver Application…
🔗 CVEs liés : CVE-2026-44747
🟢 il y a 22h BleepingComputer
Today is Microsoft's July 2026 Patch Tuesday, and with it comes security updates for a record-breaking 570 flaws, including two zero-day vulnerabilities exploit…
🟢 il y a 22h DarkReading
Automated Frequency Coordination systems by default trust client-side data, which could lead to location spoofing and other attacks that disrupt traffic.
🟢 il y a 22h BleepingComputer
Microsoft has released Windows 11 KB5101650 and KB5099414 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new …
🟢 il y a 22h RecordedFuture
The Russians face multiple charges for allegedly providing cybercriminals with infrastructure and tech support through the St. Petersburg-based business Media L…
🟢 il y a 22h SecurityWeek
The ColdFusion security defects could allow attackers to execute arbitrary code or elevate their privileges. The post Adobe Patches Critical ColdFusion Vulne…
🟢 il y a 22h TheHackerNews
Cybersecurity researchers have flagged a previously undocumented Rust-based remote access trojan (RAT) codenamed LabubaRAT that masquerades as NVIDIA software t…
🟢 il y a 22h BleepingComputer
Progress Software has confirmed that a high-severity zero-day vulnerability is behind the emergency shutdown of ShareFile Storage Zone Controllers last week and…
🟢 il y a 22h BleepingComputer
LastPass is warning users about an ongoing phishing campaign that is using fake security notices to direct them to fraudulent websites. [...]
🟢 il y a 22h RecordedFuture
The defendant's lawyer told Finnish media that he does not know where his client is but believes Kivimäki is outside Finland.
🟢 il y a 22h BleepingComputer
Many vulnerabilities cannot be safely validated with live exploits, either because no exploit exists or the affected systems are too critical to test. Picus exp…
🟢 il y a 22h SecurityWeek
The flaws can be exploited for authentication bypass, remote code execution, privilege escalation, and directory traversal. The post 7 Severe Vulnerabilities…
🟢 il y a 22h DarkReading
The attack vector is available for rent at scale, and evades AV and EDR, leaving YARA analysis as the best detection option.
🟢 il y a 22h TheHackerNews
Cybersecurity researchers have disclosed details of two access control-related flaws impacting the RabbitMQ message broker service that could allow attackers to…
🟢 il y a 22h SecurityWeek
A ClaudeBleed-linked vulnerability reportedly persists across eight patches, exposing potentially sensitive data to other extensions.  The post Unpatched Cla…
🟢 il y a 22h BleepingComputer
Two new phishing kits, Jalisco and OmegaLord, have been discovered in attacks targeting Microsoft 365 accounts, using techniques that defeat multi-factor authen…
🟢 il y a 22h TheHackerNews
Cybersecurity researchers have discovered 11 old, Microsoft-signed, Unified Extensible Firmware Interface (UEFI) applications that could be abused to bypass Sec…
🟢 il y a 22h RecordedFuture
Dutch intelligence officials report that at least one Russian agency is compromising internet-connected cameras across Europe to spy on military logistics and U…
🟢 il y a 22h BleepingComputer
SAP has addressed 16 vulnerabilities across multiple products as part of its July 2026 security updates, including three critical flaws in NetWeaver, Commerce C…
🟢 il y a 22h TheHackerNews
AI security agents are starting to influence real security decisions. They summarize findings, prioritize remediation, recommend next steps, and help teams move…
🟢 il y a 22h TheHackerNews
At least two distinct threat actors are weaponizing a novel evasion technique called OAuth client ID spoofing in cloud campaigns, while slipping past telemetry.…
🟢 il y a 22h SecurityWeek
The flaws could allow attackers to access and modify data, and cause system unavailability and request-response desynchronization. The post SAP Patches Criti…
🟢 il y a 22h DarkReading
Researchers reported the vulnerability to Cursor in December, but it still remains in the popular AI coding platform and can be exploited in poisoned repository…
🟢 il y a 22h SecurityWeek
Multiple state-sponsored APTs are compromising poorly secured devices across critical infrastructure sector networks. The post US, Allies Warn of Russian Cyb…
🟢 il y a 22h BleepingComputer
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned two individuals and one entity for enabling ransomware attacks against U.S. or…
🟢 il y a 22h SecurityWeek
UK-based cybersecurity firm Valarian has raised a total of $70 million for its ACRA technology. The post Valarian Raises $50 Million for Sovereign Infrastruc…
🟢 il y a 22h SecurityWeek
A threat actor poisoned several Jscrambler NPM package versions to drop a cross-platform credential stealer. The post Multiple Jscrambler Packages Impacted b…
🟢 il y a 22h TheHackerNews
xAI's Grok Build coding CLI was uploading entire Git repositories, full commit history and all, to a Google Cloud Storage bucket run by xAI, not just the files …
🟢 il y a 22h TheHackerNews
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) has designated two individuals and a VPN service provider for enabling ransomware actors'…
🟢 il y a 22h SecurityWeek
A new CMMC review and reform task force will conduct a comprehensive review of the program. The post Pentagon Suspends CMMC Phase 2 as It Rethinks Contractor…
🟢 il y a 22h TheHackerNews
Attackers whose methods line up with the data-extortion group ShinyHunters have spent the past year walking into corporate Salesforce environments without explo…
🟡 hier RecordedFuture
The retailer said the incident did not affect its online shopping platform itself but involved a separately stored customer database maintained by a third-party…

L'écosystème

Digimoove ESN Paris — Cyber · Cloud · Automatisation IA · Observabilité NAIvigate Veille & formation IA FactualRisk est une marque de l'écosystème Digimoove