Auteur/autrice : Cyber Redaction
[Cybersécurité] Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
A threat actor with affiliations to China has been linked to a « multi-wave intrusion » targeting an unnamed Azerbaijani oil and gas company between late December 2025 and late February 2026, marking an
[Cybersécurité] Microsoft Edge Stores Passwords in Process Memory, Posing Enterprise Risk
A proof-of-concept exploit (PoC) shows how someone with admin privileges can exploit the issue to steal passwords, and thus use them to engage in further malicious activity.
[Cybersécurité] Maximum Severity Cisco SD-WAN Bug Exploited in the Wild
This is the second time this year a threat actor has leveraged a CVSS 10.0 vulnerability in Cisco’s network control system.
[Cybersécurité] Patch Tuesday, April 2026 Edition
Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly di
[Cybersécurité] KongTuke hackers now use Microsoft Teams for corporate breaches
Initial access broker KongTuke has moved to Microsoft Teams for social engineering attacks, taking as little as five minutes to gain persistent access to corporate networks. […]
[Cybersécurité] New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution
Exim has released security updates to address a severe security issue affecting certain configurations that could enable memory corruption and potential code execution.
Exim is an open-source Mail Tra
[Cybersécurité] 18-year-old NGINX vulnerability allows DoS, potential RCE
An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for denial of service and, under certain conditions, remote code execution. [.
[Cybersécurité] Patch Tuesday, May 2026 Edition
Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code
[Cybersécurité] Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. […]
[Cybersécurité] Webinar: What the Riskiest SOC Alerts Go Unanswered – and How Radiant Security Can Help
Why do the Riskiest SOC Alerts Go Unanswered?
Security operations teams are drowning in alerts. But the real problem isn’t always alert volume; it’s the blind spots. The most dangerous alerts are the
![[Cybersécurité] Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation](https://cyber.kiminox.net/wp-content/uploads/2024/10/cybersecurity_img2-100x100.png)