⚠️Alertes de Sécurité Importantes (CVSS > 7.5)⚠️
💥 Nouvelle vulnérabilité critique dans Windows Server 2025 (CVE-2025-4632) exploitée par le botnet Mirai ! 💥
Table des Matières
- Hackers Use Fake VPN and Browser NSIS Installers to Deliver Winos 4.0 Malware
- Hackers Use TikTok Videos to Distribute Vidar and StealC Malware via ClickFix Technique
- ViciousTrap Uses Cisco Flaw to Build Global Honeypot from 5,300 Compromised Devices
- 300 Servers and €3.5M Seized as Europol Strikes Ransomware Networks Worldwide
- SafeLine WAF: Open Source Web Application Firewall with Zero-Day Detection and Bot Protection
- U.S. Dismantles DanaBot Malware Network, Charges 16 in $50M Global Cybercrime Operation
- CISA Warns of Suspected Broader SaaS Attacks Exploiting App Secrets and Cloud Misconfigs
- GitLab Duo Vulnerability Enabled Attackers to Hijack AI Responses with Hidden Prompts
- Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks
- Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise
- Chinese Hackers Exploit Ivanti EPMM Bugs in Global Enterprise Network Attacks
- Webinar: Learn How to Build a Reasonable and Legally Defensible Cybersecurity Program
- Identity Security Has an Automation Problem—And It’s Bigger Than You Think
- Critical Versa Concerto Flaws Let Attackers Escape Docker and Compromise Hosts
- FBI and Europol Disrupt Lumma Stealer Malware Network Linked to 10 Million Infections
- Russian Hackers Exploit Email and VPN Vulnerabilities to Spy on Ukraine Aid Logistics
- PureRAT Malware Spikes 4x in 2025, Deploying PureLogs to Target Russian Firms
- Fake Kling AI Facebook Ads Deliver RAT Malware to Over 22 Million Potential Victims
- Securing CI/CD workflows with Wazuh
- How to Detect Phishing Attacks Faster: Tycoon2FA Example
- Researchers Expose PWA JavaScript Attack That Redirects Users to Adult Scam Apps
- Google Chrome’s Built-in Manager Lets Users Update Breached Passwords with One Click
- Hazy Hawk Exploits DNS Records to Hijack CDC, Corporate Domains for Malware Delivery
- 100+ Fake Chrome Extensions Found Hijacking Sessions, Stealing Credentials, Injecting Ads
- AWS Default IAM Roles Found to Enable Lateral Movement and Cross-Service Exploitation
- The Crowded Battle: Key Insights from the 2025 State of Pentesting Report
- South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware
- Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization
- Go-Based Malware Deploys XMRig Miner on Linux Hosts via Redis Configuration Abuse
- Malicious npm Package Leverages Unicode Steganography, Google Calendar as C2 Dropper
- Samsung Patches CVE-2025-4632 Used to Deploy Mirai Botnet via MagicINFO 9 Exploit
- BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan
- Xinbi Telegram Market Tied to $8.4B in Crypto Crime, Romance Scams, North Korea Laundering
⚠️Alertes de Sécurité Importantes (CVSS > 7.5)⚠️
💥 CVE-2025-4632 : Vulnérabilité Critique dans Windows Server 2025 Exploitee par le Botnet Mirai! 💥 Cette vulnérabilité permet l’exécution de code à distance et pourrait entraîner une propagation massive du botnet Mirai. Des mises à jour sont disponibles. 🛡️
- CVE-2025-4632
- CVSS Score: 9.8 (Critical)