Catégorie : Cybersecurity
[Cybersécurité] Funnel Builder WordPress plugin bug exploited to steal credit cards
A critical vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject malicious JavaScript snippets into WooCommerce checkout pages. […]
[Cybersécurité] Feds Disrupt IoT Botnets Behind Huge DDoS Attacks
The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million hacked Inte
[Cybersécurité] Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation
Google on Monday disclosed that it identified an unknown threat actor using a zero-day exploit that it said was likely developed with an artificial intelligence (AI) system, marking the first time the
[Cybersécurité] Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst Statistics to obtain admin-level access to websites. […]
[Cybersécurité] Patch Tuesday, April 2026 Edition
Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly di
[Cybersécurité] Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own
During the second day of Pwn2Own Berlin 2026, competitors collected $385,750 in cash awards after exploiting 15 unique zero-day vulnerabilities in multiple products, including Windows 11, Microsoft E
[Cybersécurité] Microsoft warns of Exchange zero-day flaw exploited in attacks
On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow threat actors to execute arbitrary code via cross-site scripting (XSS) while
[Cybersécurité] Anti-DDoS Firm Heaped Attacks on Brazilian ISPs
A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks
[Cybersécurité] Popular node-ipc npm package compromised to steal credentials
Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, in a new supply chain attack targeting npm. […]
[Cybersécurité] Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker
A hacktivist group with links to Iran’s intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports o
![[Cybersécurité] Funnel Builder WordPress plugin bug exploited to steal credit cards](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4202-1780738583-100x100.png)
![[Cybersécurité] Feds Disrupt IoT Botnets Behind Huge DDoS Attacks](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4218-1780643303-100x100.png)
![[Cybersécurité] Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4203-1780687716-100x100.png)
![[Cybersécurité] Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4204-1780687598-100x100.png)
![[Cybersécurité] Patch Tuesday, April 2026 Edition](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4205-1780687503-100x100.png)
![[Cybersécurité] Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4206-1780679315-100x100.png)
![[Cybersécurité] Microsoft warns of Exchange zero-day flaw exploited in attacks](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4207-1780642622-100x100.png)
![[Cybersécurité] Anti-DDoS Firm Heaped Attacks on Brazilian ISPs](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4208-1780679089-100x100.png)
![[Cybersécurité] Popular node-ipc npm package compromised to steal credentials](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4193-1781507736-100x100.png)
![[Cybersécurité] Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4209-1780678855-100x100.png)