Catégorie : Cybersecurity
[Cybersécurité] Patch Tuesday, April 2026 Edition
Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly di
[Cybersécurité] Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own
During the second day of Pwn2Own Berlin 2026, competitors collected $385,750 in cash awards after exploiting 15 unique zero-day vulnerabilities in multiple products, including Windows 11, Microsoft E
[Cybersécurité] Microsoft warns of Exchange zero-day flaw exploited in attacks
On Thursday, Microsoft shared mitigations for a high-severity Exchange Server vulnerability exploited in attacks that allow threat actors to execute arbitrary code via cross-site scripting (XSS) while
[Cybersécurité] Anti-DDoS Firm Heaped Attacks on Brazilian ISPs
A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks
[Cybersécurité] Popular node-ipc npm package compromised to steal credentials
Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, in a new supply chain attack targeting npm. […]
[Cybersécurité] Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker
A hacktivist group with links to Iran’s intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports o
[Cybersécurité] PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage
Palo Alto Networks has disclosed that threat actors may have attempted to unsuccessfully exploit a recently disclosed critical security flaw as early as April 9, 2026.
The vulnerability in question is
[Cybersécurité] PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems
Cybersecurity researchers have disclosed details of a new credential theft framework dubbed PCPJack that targets exposed cloud infrastructure and ousts any artifacts linked to TeamPCP from the environ
[Cybersécurité] Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions
Details have emerged about a new, unpatched local privilege escalation (LPE) vulnerability impacting the Linux kernel.
Dubbed Dirty Frag, it has been described as a successor to Copy Fail (CVE-2026-31
[Cybersécurité] OpenAI confirms security breach in TanStack supply chain attack
OpenAI says two employees’ devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and PyPI packages, causing the company to rotate code-signing certificates for
![[Cybersécurité] Patch Tuesday, April 2026 Edition](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4205-1780687503-100x100.png)
![[Cybersécurité] Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4206-1780679315-100x100.png)
![[Cybersécurité] Microsoft warns of Exchange zero-day flaw exploited in attacks](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4207-1780642622-100x100.png)
![[Cybersécurité] Anti-DDoS Firm Heaped Attacks on Brazilian ISPs](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4208-1780679089-100x100.png)
![[Cybersécurité] Popular node-ipc npm package compromised to steal credentials](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4193-1781507736-100x100.png)
![[Cybersécurité] Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4209-1780678855-100x100.png)
![[Cybersécurité] PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage](https://cyber.kiminox.net/wp-content/uploads/2024/10/cybersecurity_img2-100x100.png)
![[Cybersécurité] PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4210-1780674439-100x100.png)
![[Cybersécurité] OpenAI confirms security breach in TanStack supply chain attack](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4211-1780669092-100x100.png)