<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>Cyber Redaction &#8211; News about Cybersecurity</title>
	<atom:link href="https://cyber.kiminox.net/author/redacteur-cyber/feed/" rel="self" type="application/rss+xml" />
	<link>https://cyber.kiminox.net</link>
	<description></description>
	<lastBuildDate>Mon, 15 Jun 2026 08:05:32 +0000</lastBuildDate>
	<language>fr-FR</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=7.0</generator>
	<item>
		<title>[Cybersécurité] One Click, Total Shutdown: The « Patient Zero » Webinar on Killing Stealth Breaches</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-one-click-total-shutdown-the-patient-zero-webinar-on-killing-stealth-breaches-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-one-click-total-shutdown-the-patient-zero-webinar-on-killing-stealth-breaches-4/</guid>

					<description><![CDATA[The hardest part of cybersecurity isn't the technology, it’s the people.
Every major breach you’ve read about lately usually starts the same way: one employee, one clever email, and one "Patient Zero"]]></description>
										<content:encoded><![CDATA[<h2>One Click, Total Shutdown: The « Patient Zero » Webinar on Killing Stealth Breaches</h2>
<p><strong>Score pertinence:</strong> 100/100</p>
<p>The hardest part of cybersecurity isn&rsquo;t the technology, it’s the people.<br />
Every major breach you’ve read about lately usually starts the same way: one employee, one clever email, and one « Patient Zero » infection.<br />
In 2026, hackers are using AI to make these « first clicks » nearly impossible to spot. If a single laptop gets compromised on your watch, do you have a plan to stop it from taking down</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://thehackernews.com/2026/05/one-click-total-shutdown-patient-zero.html" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-windows-zero-days-expose-bitlocker-bypasses-and-ctfmon-privilege-escalation-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-windows-zero-days-expose-bitlocker-bypasses-and-ctfmon-privilege-escalation-4/</guid>

					<description><![CDATA[An anonymous cybersecurity researcher who disclosed three Microsoft Defender vulnerabilities has returned with two more zero-days involving a BitLocker bypass and a privilege escalation impacting Wind]]></description>
										<content:encoded><![CDATA[<h2>Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation</h2>
<p><strong>Score pertinence:</strong> 94/100</p>
<p>An anonymous cybersecurity researcher who disclosed three Microsoft Defender vulnerabilities has returned with two more zero-days involving a BitLocker bypass and a privilege escalation impacting Windows Collaborative Translation Framework (CTFMON).<br />
The security defects have been codenamed YellowKey and GreenPlasma, respectively, by the researcher, who goes by the online aliases Chaotic Eclipse</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://thehackernews.com/2026/05/windows-zero-days-expose-bitlocker.html" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] Feds Disrupt IoT Botnets Behind Huge DDoS Attacks</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-feds-disrupt-iot-botnets-behind-huge-ddos-attacks-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-feds-disrupt-iot-botnets-behind-huge-ddos-attacks-4/</guid>

					<description><![CDATA[The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million hacked Inte]]></description>
										<content:encoded><![CDATA[<h2>Feds Disrupt IoT Botnets Behind Huge DDoS Attacks</h2>
<p><strong>Score pertinence:</strong> 90/100</p>
<p>The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million hacked Internet of Things (IoT) devices, such as routers and web cameras. The feds say the four botnets &#8212; named Aisuru, Kimwolf, JackSkid and Mossad &#8212; are responsible for a series of recent record-smashing distributed denial-of-service (DDoS) attacks capable of knocking nearly any target offline.</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://krebsonsecurity.com/2026/03/feds-disrupt-iot-botnets-behind-huge-ddos-attacks/" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] Popular node-ipc npm package compromised to steal credentials</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-popular-node-ipc-npm-package-compromised-to-steal-credentials-2/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-popular-node-ipc-npm-package-compromised-to-steal-credentials-2/</guid>

					<description><![CDATA[Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, in a new supply chain attack targeting npm. [...]]]></description>
										<content:encoded><![CDATA[<h2>Popular node-ipc npm package compromised to steal credentials</h2>
<p><strong>Score pertinence:</strong> 100/100</p>
<p>Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, in a new supply chain attack targeting npm. [&#8230;]</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://www.bleepingcomputer.com/news/security/popular-node-ipc-npm-package-compromised-to-steal-credentials/" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] Funnel Builder WordPress plugin bug exploited to steal credit cards</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-funnel-builder-wordpress-plugin-bug-exploited-to-steal-credit-cards/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-funnel-builder-wordpress-plugin-bug-exploited-to-steal-credit-cards/</guid>

					<description><![CDATA[A critical vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject malicious JavaScript snippets into WooCommerce checkout pages. [...]]]></description>
										<content:encoded><![CDATA[<h2>Funnel Builder WordPress plugin bug exploited to steal credit cards</h2>
<p><strong>Score pertinence:</strong> 100/100</p>
<p>A critical vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject malicious JavaScript snippets into WooCommerce checkout pages. [&#8230;]</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://www.bleepingcomputer.com/news/security/funnel-builder-wordpress-plugin-bug-exploited-to-steal-credit-cards/" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-linux-kernel-dirty-frag-lpe-exploit-enables-root-access-across-major-distributions-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-linux-kernel-dirty-frag-lpe-exploit-enables-root-access-across-major-distributions-4/</guid>

					<description><![CDATA[Details have emerged about a new, unpatched local privilege escalation (LPE) vulnerability impacting the Linux kernel.
Dubbed Dirty Frag, it has been described as a successor to Copy Fail (CVE-2026-31]]></description>
										<content:encoded><![CDATA[<h2>Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions</h2>
<p><strong>Score pertinence:</strong> 100/100</p>
<p>Details have emerged about a new, unpatched local privilege escalation (LPE) vulnerability impacting the Linux kernel.<br />
Dubbed Dirty Frag, it has been described as a successor to Copy Fail (CVE-2026-31431, CVSS score: 7.8), a recently disclosed LPE flaw impacting the Linux kernel that has since come under active exploitation in the wild. The vulnerability was reported to Linux kernel maintainers</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://thehackernews.com/2026/05/linux-kernel-dirty-frag-lpe-exploit.html" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-ivanti-epmm-cve-2026-6973-rce-under-active-exploitation-grants-admin-level-access-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-ivanti-epmm-cve-2026-6973-rce-under-active-exploitation-grants-admin-level-access-4/</guid>

					<description><![CDATA[Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been explored in limited attacks in the wild.
The high-severity vulnerability, CVE-2026-6973 (CVSS score: 7.2), ]]></description>
										<content:encoded><![CDATA[<h2>Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access</h2>
<p><strong>Score pertinence:</strong> 100/100</p>
<p>Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been explored in limited attacks in the wild.<br />
The high-severity vulnerability, CVE-2026-6973 (CVSS score: 7.2), is a case of improper input validation affecting EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1.<br />
It allows « a remotely authenticated user with administrative access to achieve remote code</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://thehackernews.com/2026/05/ivanti-epmm-cve-2026-6973-rce-under.html" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-openai-launches-daybreak-for-ai-powered-vulnerability-detection-and-patch-validation-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-openai-launches-daybreak-for-ai-powered-vulnerability-detection-and-patch-validation-4/</guid>

					<description><![CDATA[OpenAI has launched Daybreak, a new cybersecurity initiative that brings together frontier artificial intelligence (AI) model capabilities and Codex Security to help organizations identify and patch v]]></description>
										<content:encoded><![CDATA[<h2>OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation</h2>
<p><strong>Score pertinence:</strong> 100/100</p>
<p>OpenAI has launched Daybreak, a new cybersecurity initiative that brings together frontier artificial intelligence (AI) model capabilities and Codex Security to help organizations identify and patch vulnerabilities before attackers find a way in using the same issues.<br />
« Daybreak combines the intelligence of OpenAI models, the extensibility of Codex as an agentic harness, and our partners across</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://thehackernews.com/2026/05/openai-launches-daybreak-for-ai-powered.html" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-praisonai-cve-2026-44338-auth-bypass-targeted-within-hours-of-disclosure-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-praisonai-cve-2026-44338-auth-bypass-targeted-within-hours-of-disclosure-4/</guid>

					<description><![CDATA[Threat actors have been observed attempting to exploit a recently disclosed security vulnerability in PraisonAI, an open-source multi-agent orchestration framework, within four hours of its public dis]]></description>
										<content:encoded><![CDATA[<h2>PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure</h2>
<p><strong>Score pertinence:</strong> 100/100</p>
<p>Threat actors have been observed attempting to exploit a recently disclosed security vulnerability in PraisonAI, an open-source multi-agent orchestration framework, within four hours of its public disclosure.<br />
The vulnerability in question is CVE-2026-44338 (CVSS score: 7.3), a case of missing authentication that exposes sensitive endpoints to anyone, potentially allowing an attacker to invoke</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://thehackernews.com/2026/05/praisonai-cve-2026-44338-auth-bypass.html" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-pan-os-rce-exploit-under-active-use-enabling-root-access-and-espionage-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-pan-os-rce-exploit-under-active-use-enabling-root-access-and-espionage-4/</guid>

					<description><![CDATA[Palo Alto Networks has disclosed that threat actors may have attempted to unsuccessfully exploit a recently disclosed critical security flaw as early as April 9, 2026.
The vulnerability in question is]]></description>
										<content:encoded><![CDATA[<h2>PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage</h2>
<p><strong>Score pertinence:</strong> 100/100</p>
<p>Palo Alto Networks has disclosed that threat actors may have attempted to unsuccessfully exploit a recently disclosed critical security flaw as early as April 9, 2026.<br />
The vulnerability in question is CVE-2026-0300 (CVSS score: 9.3/8.7), a buffer overflow vulnerability in the User-ID Authentication Portal service of Palo Alto Networks PAN-OS software that could allow an unauthenticated attacker</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://thehackernews.com/2026/05/pan-os-rce-exploit-under-active-use.html" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
	</channel>
</rss>
