<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>Cybersecurity &#8211; News about Cybersecurity</title>
	<atom:link href="https://cyber.kiminox.net/category/cybersecurity/feed/" rel="self" type="application/rss+xml" />
	<link>https://cyber.kiminox.net</link>
	<description></description>
	<lastBuildDate>Mon, 15 Jun 2026 08:05:32 +0000</lastBuildDate>
	<language>fr-FR</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=7.0</generator>
	<item>
		<title>[Cybersécurité] Anti-DDoS Firm Heaped Attacks on Brazilian ISPs</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-anti-ddos-firm-heaped-attacks-on-brazilian-isps-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-anti-ddos-firm-heaped-attacks-on-brazilian-isps-4/</guid>

					<description><![CDATA[A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks ]]></description>
										<content:encoded><![CDATA[<h2>Anti-DDoS Firm Heaped Attacks on Brazilian ISPs</h2>
<p><strong>Score pertinence:</strong> 100/100</p>
<p>A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm&rsquo;s chief executive says the malicious activity resulted from a security breach and was likely the work of a competitor trying to tarnish his company&rsquo;s public image.</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://krebsonsecurity.com/2026/04/anti-ddos-firm-heaped-attacks-on-brazilian-isps/" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] Popular node-ipc npm package compromised to steal credentials</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-popular-node-ipc-npm-package-compromised-to-steal-credentials-2/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-popular-node-ipc-npm-package-compromised-to-steal-credentials-2/</guid>

					<description><![CDATA[Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, in a new supply chain attack targeting npm. [...]]]></description>
										<content:encoded><![CDATA[<h2>Popular node-ipc npm package compromised to steal credentials</h2>
<p><strong>Score pertinence:</strong> 100/100</p>
<p>Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, in a new supply chain attack targeting npm. [&#8230;]</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://www.bleepingcomputer.com/news/security/popular-node-ipc-npm-package-compromised-to-steal-credentials/" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-iran-backed-hackers-claim-wiper-attack-on-medtech-firm-stryker-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-iran-backed-hackers-claim-wiper-attack-on-medtech-firm-stryker-4/</guid>

					<description><![CDATA[A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports o]]></description>
										<content:encoded><![CDATA[<h2>Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker</h2>
<p><strong>Score pertinence:</strong> 65/100</p>
<p>A hacktivist group with links to Iran&rsquo;s intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker&rsquo;s largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at Stryker&rsquo;s main U.S. headquarters says the company is currently experiencing a building emergency.</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://krebsonsecurity.com/2026/03/iran-backed-hackers-claim-wiper-attack-on-medtech-firm-stryker/" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-pan-os-rce-exploit-under-active-use-enabling-root-access-and-espionage-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-pan-os-rce-exploit-under-active-use-enabling-root-access-and-espionage-4/</guid>

					<description><![CDATA[Palo Alto Networks has disclosed that threat actors may have attempted to unsuccessfully exploit a recently disclosed critical security flaw as early as April 9, 2026.
The vulnerability in question is]]></description>
										<content:encoded><![CDATA[<h2>PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage</h2>
<p><strong>Score pertinence:</strong> 100/100</p>
<p>Palo Alto Networks has disclosed that threat actors may have attempted to unsuccessfully exploit a recently disclosed critical security flaw as early as April 9, 2026.<br />
The vulnerability in question is CVE-2026-0300 (CVSS score: 9.3/8.7), a buffer overflow vulnerability in the User-ID Authentication Portal service of Palo Alto Networks PAN-OS software that could allow an unauthenticated attacker</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://thehackernews.com/2026/05/pan-os-rce-exploit-under-active-use.html" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-pcpjack-credential-stealer-exploits-5-cves-to-spread-worm-like-across-cloud-systems-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-pcpjack-credential-stealer-exploits-5-cves-to-spread-worm-like-across-cloud-systems-4/</guid>

					<description><![CDATA[Cybersecurity researchers have disclosed details of a new credential theft framework dubbed PCPJack that targets exposed cloud infrastructure and ousts any artifacts linked to TeamPCP from the environ]]></description>
										<content:encoded><![CDATA[<h2>PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems</h2>
<p><strong>Score pertinence:</strong> 100/100</p>
<p>Cybersecurity researchers have disclosed details of a new credential theft framework dubbed PCPJack that targets exposed cloud infrastructure and ousts any artifacts linked to TeamPCP from the environments.<br />
« The toolset harvests credentials from cloud, container, developer, productivity, and financial services, then exfiltrates the data through attacker-controlled infrastructure while attempting</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://thehackernews.com/2026/05/pcpjack-credential-stealer-exploits-5.html" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-linux-kernel-dirty-frag-lpe-exploit-enables-root-access-across-major-distributions-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-linux-kernel-dirty-frag-lpe-exploit-enables-root-access-across-major-distributions-4/</guid>

					<description><![CDATA[Details have emerged about a new, unpatched local privilege escalation (LPE) vulnerability impacting the Linux kernel.
Dubbed Dirty Frag, it has been described as a successor to Copy Fail (CVE-2026-31]]></description>
										<content:encoded><![CDATA[<h2>Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions</h2>
<p><strong>Score pertinence:</strong> 100/100</p>
<p>Details have emerged about a new, unpatched local privilege escalation (LPE) vulnerability impacting the Linux kernel.<br />
Dubbed Dirty Frag, it has been described as a successor to Copy Fail (CVE-2026-31431, CVSS score: 7.8), a recently disclosed LPE flaw impacting the Linux kernel that has since come under active exploitation in the wild. The vulnerability was reported to Linux kernel maintainers</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://thehackernews.com/2026/05/linux-kernel-dirty-frag-lpe-exploit.html" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] OpenAI confirms security breach in TanStack supply chain attack</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-openai-confirms-security-breach-in-tanstack-supply-chain-attack-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-openai-confirms-security-breach-in-tanstack-supply-chain-attack-4/</guid>

					<description><![CDATA[OpenAI says two employees' devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and PyPI packages, causing the company to rotate code-signing certificates for]]></description>
										<content:encoded><![CDATA[<h2>OpenAI confirms security breach in TanStack supply chain attack</h2>
<p><strong>Score pertinence:</strong> 100/100</p>
<p>OpenAI says two employees&rsquo; devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and PyPI packages, causing the company to rotate code-signing certificates for its applications as a precaution. [&#8230;]</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://www.bleepingcomputer.com/news/security/openai-confirms-security-breach-in-tanstack-supply-chain-attack/" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] One Click, Total Shutdown: The « Patient Zero » Webinar on Killing Stealth Breaches</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-one-click-total-shutdown-the-patient-zero-webinar-on-killing-stealth-breaches-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-one-click-total-shutdown-the-patient-zero-webinar-on-killing-stealth-breaches-4/</guid>

					<description><![CDATA[The hardest part of cybersecurity isn't the technology, it’s the people.
Every major breach you’ve read about lately usually starts the same way: one employee, one clever email, and one "Patient Zero"]]></description>
										<content:encoded><![CDATA[<h2>One Click, Total Shutdown: The « Patient Zero » Webinar on Killing Stealth Breaches</h2>
<p><strong>Score pertinence:</strong> 100/100</p>
<p>The hardest part of cybersecurity isn&rsquo;t the technology, it’s the people.<br />
Every major breach you’ve read about lately usually starts the same way: one employee, one clever email, and one « Patient Zero » infection.<br />
In 2026, hackers are using AI to make these « first clicks » nearly impossible to spot. If a single laptop gets compromised on your watch, do you have a plan to stop it from taking down</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://thehackernews.com/2026/05/one-click-total-shutdown-patient-zero.html" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New Stories</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-threatsday-bulletin-edge-plaintext-passwords-ics-0-days-patch-or-die-alerts-and-25-new-stories-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-threatsday-bulletin-edge-plaintext-passwords-ics-0-days-patch-or-die-alerts-and-25-new-stories-4/</guid>

					<description><![CDATA[Bad week.
Turns out the easiest way to get hacked in 2026 is still the same old garbage: shady packages, fake apps, forgotten DNS junk, scam ads, and stolen logins getting dumped into Discord channels]]></description>
										<content:encoded><![CDATA[<h2>ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New Stories</h2>
<p><strong>Score pertinence:</strong> 61/100</p>
<p>Bad week.<br />
Turns out the easiest way to get hacked in 2026 is still the same old garbage: shady packages, fake apps, forgotten DNS junk, scam ads, and stolen logins getting dumped into Discord channels like it’s normal. Some of these attack chains don’t even feel sophisticated anymore. More like some tired guy with a Telegram account and too much free time. The worst part is how often this stuff</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://thehackernews.com/2026/05/threatsday-bulletin-edge-plaintext.html" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-ivanti-epmm-cve-2026-6973-rce-under-active-exploitation-grants-admin-level-access-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-ivanti-epmm-cve-2026-6973-rce-under-active-exploitation-grants-admin-level-access-4/</guid>

					<description><![CDATA[Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been explored in limited attacks in the wild.
The high-severity vulnerability, CVE-2026-6973 (CVSS score: 7.2), ]]></description>
										<content:encoded><![CDATA[<h2>Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access</h2>
<p><strong>Score pertinence:</strong> 100/100</p>
<p>Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been explored in limited attacks in the wild.<br />
The high-severity vulnerability, CVE-2026-6973 (CVSS score: 7.2), is a case of improper input validation affecting EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1.<br />
It allows « a remotely authenticated user with administrative access to achieve remote code</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://thehackernews.com/2026/05/ivanti-epmm-cve-2026-6973-rce-under.html" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
	</channel>
</rss>
