Catégorie : Cybersecurity
[Cybersécurité] Funnel Builder WordPress plugin bug exploited to steal credit cards
A critical vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject malicious JavaScript snippets into WooCommerce checkout pages. […]
[Cybersécurité] Feds Disrupt IoT Botnets Behind Huge DDoS Attacks
The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million hacked Inte
[Cybersécurité] Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation
Google on Monday disclosed that it identified an unknown threat actor using a zero-day exploit that it said was likely developed with an artificial intelligence (AI) system, marking the first time the
[Cybersécurité] Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst Statistics to obtain admin-level access to websites. […]
[Cybersécurité] Patch Tuesday, April 2026 Edition
Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly di
[Cybersécurité] Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own
During the second day of Pwn2Own Berlin 2026, competitors collected $385,750 in cash awards after exploiting 15 unique zero-day vulnerabilities in multiple products, including Windows 11, Microsoft E
[Cybersécurité] Trellix Source Code Breach Highlights Growing Supply Chain Threats
Info is scant, but such breaches can reveal where a security product’s controls are located and how detections are designed, giving attackers a leg up.
[Cybersécurité] Patch Tuesday, May 2026 Edition
Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code
[Cybersécurité] Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access
The Russian state-sponsored hacking group known as
Turla
has transformed its custom backdoor Kazuar into a modular peer-to-peer (P2P) botnet that’s engineered for stealth and persistent ac
[Cybersécurité] Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine.
Active since at least 2016, Ghostwriter has been li
![[Cybersécurité] Funnel Builder WordPress plugin bug exploited to steal credit cards](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4202-1780738583-100x100.png)
![[Cybersécurité] Feds Disrupt IoT Botnets Behind Huge DDoS Attacks](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4218-1780643303-100x100.png)
![[Cybersécurité] Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4203-1780687716-100x100.png)
![[Cybersécurité] Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4204-1780687598-100x100.png)
![[Cybersécurité] Patch Tuesday, April 2026 Edition](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4205-1780687503-100x100.png)
![[Cybersécurité] Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4206-1780679315-100x100.png)
![[Cybersécurité] Trellix Source Code Breach Highlights Growing Supply Chain Threats](https://cyber.kiminox.net/wp-content/uploads/2024/10/cybersecurity_img2-100x100.png)