FACTUALRISK Cyber Intelligence
Mise à jour : 14 Jul 2026 · 18:04
← Accueil
🗞 Briefing
💥 Menaces
🛡 Vulnérabilités
📋 Conformité
📚 Guides
← Retour FactualRisk
📰 Actualités Cyber — 40 articles · 7 derniers jours Collecte automatique
LastPass, Bitwarden users targeted with fake security alerts
BleepingComputer
14 Jul 2026 · 15:31
LastPass is warning users about an ongoing phishing campaign that is using fake security notices to direct them to fraudulent websites. [...]
→ Lire l'article
Frontier AI: The Genie's Out of the Bottle, But Where's the Rulebook?
Dark Reading
14 Jul 2026 · 14:02
Cutting-edge artificial intelligence models are deploying with more independence and less human oversight. Several state governments are trying to legislate transparency in their use.
→ Lire l'article
You Don't Have to Run an Exploit to Know If You're Vulnerable
BleepingComputer
14 Jul 2026 · 14:00
Many vulnerabilities cannot be safely validated with live exploits, either because no exploit exists or the affected systems are too critical to test. Picus explains how TTP chaining helps organizations determine exploitability by validating the attack techniques an exploit depends on, without launching the exploit itself. [...]
→ Lire l'article
7 Severe Vulnerabilities Patched in VMware Avi Load Balancer
SecurityWeek
14 Jul 2026 · 13:55
The flaws can be exploited for authentication bypass, remote code execution, privilege escalation, and directory traversal. The post 7 Severe Vulnerabilities Patched in VMware Avi Load Balancer appeared first on SecurityWeek .
→ Lire l'article
RabbitMQ Flaws Could Leak OAuth Secrets and Expose Cross-Tenant Queue Metadata
The Hacker News
14 Jul 2026 · 13:48
Cybersecurity researchers have disclosed details of two access control-related flaws impacting the RabbitMQ message broker service that could allow attackers to leak OAuth client secrets, expose enterprise messaging infrastructure to takeover risks, and bypass tenant boundaries. Miggo's security team, which discovered and reported the flaws, said one "leaks the broker's confidential OAuth
→ Lire l'article
Unpatched Claude for Chrome Flaw Lets Extensions Read Gmail, Calendar
SecurityWeek
14 Jul 2026 · 13:00
A ClaudeBleed-linked vulnerability reportedly persists across eight patches, exposing potentially sensitive data to other extensions.  The post Unpatched Claude for Chrome Flaw Lets Extensions Read Gmail, Calendar appeared first on SecurityWeek .
→ Lire l'article
Microsoft Entra ID gets passkeys default authentication starting September
BleepingComputer
14 Jul 2026 · 12:49
Microsoft has announced that passkeys will become the default authentication method for the Entra ID enterprise identity service starting September 2026. [...]
→ Lire l'article
New phishing kits target Microsoft 365 accounts, evade MFA
BleepingComputer
14 Jul 2026 · 12:49
Two new phishing kits, Jalisco and OmegaLord, have been discovered in attacks targeting Microsoft 365 accounts, using techniques that defeat multi-factor authentication (MFA). [...]
→ Lire l'article
11 Old Microsoft-Signed Linux UEFI Shims Could Let Attackers Bypass Secure Boot
The Hacker News
14 Jul 2026 · 12:46
Cybersecurity researchers have discovered 11 old, Microsoft-signed, Unified Extensible Firmware Interface (UEFI) applications that could be abused to bypass Secure Boot on most systems using the modern firmware standard. "An attacker exploiting one of these vulnerable applications can execute untrusted code during system boot, enabling deployment of malicious UEFI bootkits or other malware,"
→ Lire l'article
Study of 85 Crypto Wallet Extensions Finds Address Leaks and Cross-Site Tracking Risks
The Hacker News
14 Jul 2026 · 11:55
Researchers at KU Leuven tested 85 of the most popular crypto wallets that run as browser extensions and found that the wallets themselves leak enough to link and track the people using them. The way these wallets talk to websites and blockchain servers can tie a person's separate addresses together and let outsiders follow them from site to site. And on a site that already holds a name or
→ Lire l'article
SAP warns of critical flaws in NetWeaver and Commerce Cloud
BleepingComputer
14 Jul 2026 · 11:42
SAP has addressed 16 vulnerabilities across multiple products as part of its July 2026 security updates, including three critical flaws in NetWeaver, Commerce Cloud, and AppRouter. [...]
→ Lire l'article
How Pentera Turns AI Security Workflows into Validation Engines
The Hacker News
14 Jul 2026 · 11:30
AI security agents are starting to influence real security decisions. They summarize findings, prioritize remediation, recommend next steps, and help teams move faster. But most still rely on fragmented risk signals: scanner output, severity scores, threat intelligence, configuration findings, and exposure data. That fragmentation matters because attackers do not move through environments one
→ Lire l'article
OAuth Client ID Spoofing Lets Attackers Validate Stolen Microsoft Entra Credentials
The Hacker News
14 Jul 2026 · 11:21
At least two distinct threat actors are weaponizing a novel evasion technique called OAuth client ID spoofing in cloud campaigns, while slipping past telemetry. The activity allows users to enumerate user accounts and validate stolen credentials in Microsoft Entra ID environments, without ever generating a successful sign-in event that would otherwise alert defenders. And bad actors have begun
→ Lire l'article
SAP Patches Critical Vulnerabilities in NetWeaver, Approuter, Commerce Cloud
SecurityWeek
14 Jul 2026 · 11:17
The flaws could allow attackers to access and modify data, and cause system unavailability and request-response desynchronization. The post SAP Patches Critical Vulnerabilities in NetWeaver, Approuter, Commerce Cloud appeared first on SecurityWeek .
→ Lire l'article
Cursor IDE Auto-Executes Malicious Code in Poisoned Repos
Dark Reading
14 Jul 2026 · 11:00
Researchers reported the vulnerability to Cursor in December, but it still remains in the popular AI coding platform and can be exploited in poisoned repository attacks.
→ Lire l'article
US, Allies Warn of Russian Cyberattacks Targeting Critical Infrastructure Routers
SecurityWeek
14 Jul 2026 · 10:51
Multiple state-sponsored APTs are compromising poorly secured devices across critical infrastructure sector networks. The post US, Allies Warn of Russian Cyberattacks Targeting Critical Infrastructure Routers appeared first on SecurityWeek .
→ Lire l'article
Microsoft starts testing cleaner Windows Search without ads
BleepingComputer
14 Jul 2026 · 10:47
Microsoft is now testing a cleaner and faster version of Windows Search that should prioritize relevant results over ads and promotional content. [...]
→ Lire l'article
US sanctions VPN, malware providers for enabling ransomware attacks
BleepingComputer
14 Jul 2026 · 09:40
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned two individuals and one entity for enabling ransomware attacks against U.S. organizations. [...]
→ Lire l'article
Valarian Raises $50 Million for Sovereign Infrastructure Control Layer
SecurityWeek
14 Jul 2026 · 09:32
UK-based cybersecurity firm Valarian has raised a total of $70 million for its ACRA technology. The post Valarian Raises $50 Million for Sovereign Infrastructure Control Layer appeared first on SecurityWeek .
→ Lire l'article
Multiple Jscrambler Packages Impacted by Supply Chain Attack
SecurityWeek
14 Jul 2026 · 09:04
A threat actor poisoned several Jscrambler NPM package versions to drop a cross-platform credential stealer. The post Multiple Jscrambler Packages Impacted by Supply Chain Attack appeared first on SecurityWeek .
→ Lire l'article
Grok Build Uploaded Entire Git Repositories to xAI Storage, Not Just Files It Read
The Hacker News
14 Jul 2026 · 09:02
xAI's Grok Build coding CLI was uploading entire Git repositories, full commit history and all, to a Google Cloud Storage bucket run by xAI, not just the files a coding task needed. A researcher publishing as cereblab, testing version 0.2.93, captured one of those uploads, cloned the git bundle out of the intercepted request, and pulled back a file the agent had been told in plain terms not
→ Lire l'article
[Video] Where protection starts: Cisco Talos Intelligence Integrations
Cisco Talos
14 Jul 2026 · 08:47
Every day, defenders make high-consequence decisions with incomplete information. Learn how Cisco Talos Intelligence Integrations help reduce uncertainty by turning the latest threat intelligence into proactive protections across Cisco technologies.
→ Lire l'article
U.S. Sanctions First VPN Service and Malware Cryptor Seller Over Ransomware Support
The Hacker News
14 Jul 2026 · 08:02
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) has designated two individuals and a VPN service provider for enabling ransomware actors' and other cybercriminals' malicious activities, including ransomware attacks against Americans. The VPN, named First VPN Service (1VPNS), has been accused of offering its tools to ransomware groups, along with its 45-year-old Ukrainian
→ Lire l'article
The serpent’s tongue: Luring the Python out of its den
Cisco Talos
14 Jul 2026 · 08:00
This blog examines the full lifecycle of a Python package, from hosting on repositories such as PyPI or custom web servers, through source and wheel distribution formats, to the final installation into virtual or system-wide Python environments.
→ Lire l'article
148 npm Packages Disguised as Student Proxies Turned Browsers Into a DDoS Botnet
The Hacker News
14 Jul 2026 · 07:08
A campaign of 148 npm packages disguised as student web proxies turned visitors' browsers into a distributed denial-of-service botnet for roughly two weeks in May, according to new research from JFrog. The packages did not go after the developers who might install them. The operators used the registry as free hosting for a booby-trapped proxy site and let the students who came to dodge
→ Lire l'article
Pentagon Suspends CMMC Phase 2 as It Rethinks Contractor Cybersecurity Rules
SecurityWeek
14 Jul 2026 · 06:37
A new CMMC review and reform task force will conduct a comprehensive review of the program. The post Pentagon Suspends CMMC Phase 2 as It Rethinks Contractor Cybersecurity Rules appeared first on SecurityWeek .
→ Lire l'article
Microsoft Maps Three Salesforce Attack Paths Tied to a Year of ShinyHunters Activity
The Hacker News
14 Jul 2026 · 06:19
Attackers whose methods line up with the data-extortion group ShinyHunters have spent the past year walking into corporate Salesforce environments without exploiting a single flaw in the platform. The way in has been the trust the organization had already extended, usually through the OAuth connections that tie Salesforce to the apps and third-party vendors around it. In
→ Lire l'article
Japan's largest taxi operator shuts systems after cyberattack
BleepingComputer
13 Jul 2026 · 20:18
Japan's largest taxi operator, Nihon Kotsu, announced that its systems were compromised in a cyberattack, forcing the company to shut down part of its infrastructure. [...]
→ Lire l'article
Hackers backdoor Jscrambler npm package with infostealer malware
BleepingComputer
13 Jul 2026 · 19:44
The Jscrambler client-side web security company disclosed that a threat actor published a malicious version of its npm package that has been downloaded almost 1,500 times. [...]
→ Lire l'article
Weak Security Continues to Fuel Russian Cyberattacks
Dark Reading
13 Jul 2026 · 19:24
In a first, the UK and the EU jointly imposed sanctions on Russian individuals and entities for cyberattacks and disinformation campaigns in the region.
→ Lire l'article
New CrashStealer malware poses as Apple crash reporting tool
BleepingComputer
13 Jul 2026 · 19:04
A new macOS information-stealing malware called CrashStealer pretends to be Apple's crash-reporting tool to steal credentials, keychain data, and crypto wallets. [...]
→ Lire l'article
CrashStealer macOS Malware Uses Notarized Dropper to Pass Gatekeeper Checks
The Hacker News
13 Jul 2026 · 17:36
Cybersecurity researchers have flagged a new macOS information stealer called CrashStealer that's capable of harvesting sensitive data from compromised systems. Unlike other information stealers that are built on AppleScript droppers or Objective-C-based wrappers, CrashStealer is implemented in native C++, according to Jamf Threat Labs. "It validates the victim's login password locally before
→ Lire l'article
Google and Microsoft Pull ModHeader With 1.6 Million Installs After Dormant Collector Found
The Hacker News
13 Jul 2026 · 17:17
Google and Microsoft have pulled ModHeader, a popular header-editing extension with roughly 1.6 million installs across Chrome and Edge, after researchers found a hidden browsing-history collector built into its official store version. The collector was dormant. An empty allow-list kept it switched off, and no proof has emerged that it ever gathered or sent a single browsing domain. The
→ Lire l'article
'Yellow Teams' Are Defining the Future of AI Security
Dark Reading
13 Jul 2026 · 16:18
In some companies, engineers are building defense and attack tools to test the potential of artificial intelligence for cybersecurity — and its threat.
→ Lire l'article
CISA warns of actively exploited RCE flaws in Joomla extensions
BleepingComputer
13 Jul 2026 · 15:20
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that attackers are exploiting vulnerabilities in the iCagenda and Balbooa Forms extensions for Joomla to achieve remote code execution through arbitrary file uploads. [...]
→ Lire l'article
⚡ Weekly Recap: ShareFile Threat, Citrix Bleed 2 Ransomware, AI Coding Attacks, and More
The Hacker News
13 Jul 2026 · 15:05
Somewhere right now, a security tool is quietly finding bugs faster than any human can fix them. That's supposed to be the good news. The catch is that the attackers have the same tools, pointed the other way, and they don't file tickets. That's the shape of this week. Trusted code turns on the people who installed it. Old bugs from last year are still landing because the fix sat in a queue too
→ Lire l'article
Lessons Learned from CISA’s Recent GitHub Leak
Krebs on Security
13 Jul 2026 · 15:03
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a postmortem on a data leak in which a contractor published dozens of internal CISA credentials -- including AWS Govcloud keys -- in a public GitHub repository for almost six months before being notified by KrebsOnSecurity. Experts say the gaps identified in the agency's initial response provide important lessons that all secur
→ Lire l'article
GigaWiper Lets Threat Actors Choose Their Own Destructive Attack
Dark Reading
13 Jul 2026 · 14:50
A modular implant borrows from various malware families to combine both backdoor and wiper activities to maximize impact and minimize operational output.
→ Lire l'article
Hacker Conversations: Jesse McGraw (GhostExodus), From Blackhat Hacker to Redemption
SecurityWeek
13 Jul 2026 · 14:30
Once a notorious blackhat hacker, McGraw shares his journey from high school hacking and prison to redemption as a cybersecurity advocate. The post Hacker Conversations: Jesse McGraw (GhostExodus), From Blackhat Hacker to Redemption appeared first on SecurityWeek .
→ Lire l'article
Lidl discloses online shop breach after service provider hack
BleepingComputer
13 Jul 2026 · 14:19
German discount supermarket chain Lidl notified customers in Germany, Belgium, and the Netherlands that attackers stole their personal information in a breach at a service provider. [...]
→ Lire l'article
Sources surveillées
BleepingComputerThe Hacker NewsKrebs on SecurityCERT-FRCisco TalosSecurityWeekDark Reading

L'écosystème

Digimoove ESN Paris — Cyber · Cloud · Automatisation IA · Observabilité NAIvigate Veille & formation IA FactualRisk est une marque de l'écosystème Digimoove