<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>News about Cybersecurity</title>
	<atom:link href="https://cyber.kiminox.net/feed/" rel="self" type="application/rss+xml" />
	<link>https://cyber.kiminox.net</link>
	<description></description>
	<lastBuildDate>Fri, 05 Jun 2026 19:15:27 +0000</lastBuildDate>
	<language>fr-FR</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=7.0</generator>
	<item>
		<title>[Cybersécurité] Feds Disrupt IoT Botnets Behind Huge DDoS Attacks</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-feds-disrupt-iot-botnets-behind-huge-ddos-attacks-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-feds-disrupt-iot-botnets-behind-huge-ddos-attacks-4/</guid>

					<description><![CDATA[The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million hacked Inte]]></description>
										<content:encoded><![CDATA[<h2>Feds Disrupt IoT Botnets Behind Huge DDoS Attacks</h2>
<p><strong>Score pertinence:</strong> 90/100</p>
<p>The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million hacked Internet of Things (IoT) devices, such as routers and web cameras. The feds say the four botnets &#8212; named Aisuru, Kimwolf, JackSkid and Mossad &#8212; are responsible for a series of recent record-smashing distributed denial-of-service (DDoS) attacks capable of knocking nearly any target offline.</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://krebsonsecurity.com/2026/03/feds-disrupt-iot-botnets-behind-huge-ddos-attacks/" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] 18-year-old NGINX vulnerability allows DoS, potential RCE</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-18-year-old-nginx-vulnerability-allows-dos-potential-rce-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-18-year-old-nginx-vulnerability-allows-dos-potential-rce-4/</guid>

					<description><![CDATA[An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for denial of service and, under certain conditions, remote code execution. [.]]></description>
										<content:encoded><![CDATA[<h2>18-year-old NGINX vulnerability allows DoS, potential RCE</h2>
<p><strong>Score pertinence:</strong> 82/100</p>
<p>An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for denial of service and, under certain conditions, remote code execution. [&#8230;]</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://www.bleepingcomputer.com/news/security/18-year-old-nginx-vulnerability-allows-dos-potential-rce/" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-windows-11-and-microsoft-edge-hacked-at-pwn2own-berlin-2026-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-windows-11-and-microsoft-edge-hacked-at-pwn2own-berlin-2026-4/</guid>

					<description><![CDATA[On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. [...]]]></description>
										<content:encoded><![CDATA[<h2>Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026</h2>
<p><strong>Score pertinence:</strong> 67/100</p>
<p>On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. [&#8230;]</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://www.bleepingcomputer.com/news/security/windows-11-and-microsoft-edge-hacked-on-first-day-of-pwn2own-berlin-2026/" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-germany-doxes-unkn-head-of-ru-ransomware-gangs-revil-gandcrab-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-germany-doxes-unkn-head-of-ru-ransomware-gangs-revil-gandcrab-4/</guid>

					<description><![CDATA[An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimov]]></description>
										<content:encoded><![CDATA[<h2>Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab</h2>
<p><strong>Score pertinence:</strong> 65/100</p>
<p>An elusive hacker who went by the handle « UNKN » and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and helped carry out at least 130 acts of computer sabotage and extortion against victims across the country between 2019 and 2021.</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://krebsonsecurity.com/2026/04/germany-doxes-unkn-head-of-ru-ransomware-gangs-revil-gandcrab/" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-cisco-warns-of-new-critical-sd-wan-flaw-exploited-in-zero-day-attacks-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-cisco-warns-of-new-critical-sd-wan-flaw-exploited-in-zero-day-attacks-4/</guid>

					<description><![CDATA[Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was actively exploited in zero-day attacks that allowed attackers to gain administrat]]></description>
										<content:encoded><![CDATA[<h2>Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks</h2>
<p><strong>Score pertinence:</strong> 100/100</p>
<p>Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was actively exploited in zero-day attacks that allowed attackers to gain administrative privileges on compromised devices. [&#8230;]</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://www.bleepingcomputer.com/news/security/cisco-warns-of-new-critical-sd-wan-flaw-exploited-in-zero-day-attacks/" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-one-missed-threat-per-week-what-25m-alerts-reveal-about-low-severity-risk-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-one-missed-threat-per-week-what-25m-alerts-reveal-about-low-severity-risk-4/</guid>

					<description><![CDATA[The dark secret of enterprise security operations is that defenders have quietly institutionalized the practice of not looking. This is not just anecdotal, but rather backed by a recent report investi]]></description>
										<content:encoded><![CDATA[<h2>One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk</h2>
<p><strong>Score pertinence:</strong> 72/100</p>
<p>The dark secret of enterprise security operations is that defenders have quietly institutionalized the practice of not looking. This is not just anecdotal, but rather backed by a recent report investigating more than 25 million security alerts, including informational and low-severity, across live enterprise environments. <br />
The dataset behind these findings includes 10 million monitored</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://thehackernews.com/2026/05/one-missed-threat-per-week-what-25m.html" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New Stories</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-threatsday-bulletin-edge-plaintext-passwords-ics-0-days-patch-or-die-alerts-and-25-new-stories-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-threatsday-bulletin-edge-plaintext-passwords-ics-0-days-patch-or-die-alerts-and-25-new-stories-4/</guid>

					<description><![CDATA[Bad week.
Turns out the easiest way to get hacked in 2026 is still the same old garbage: shady packages, fake apps, forgotten DNS junk, scam ads, and stolen logins getting dumped into Discord channels]]></description>
										<content:encoded><![CDATA[<h2>ThreatsDay Bulletin: Edge Plaintext Passwords, ICS 0-Days, Patch-or-Die Alerts and 25+ New Stories</h2>
<p><strong>Score pertinence:</strong> 61/100</p>
<p>Bad week.<br />
Turns out the easiest way to get hacked in 2026 is still the same old garbage: shady packages, fake apps, forgotten DNS junk, scam ads, and stolen logins getting dumped into Discord channels like it’s normal. Some of these attack chains don’t even feel sophisticated anymore. More like some tired guy with a Telegram account and too much free time. The worst part is how often this stuff</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://thehackernews.com/2026/05/threatsday-bulletin-edge-plaintext.html" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] OpenAI confirms security breach in TanStack supply chain attack</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-openai-confirms-security-breach-in-tanstack-supply-chain-attack-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-openai-confirms-security-breach-in-tanstack-supply-chain-attack-4/</guid>

					<description><![CDATA[OpenAI says two employees' devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and PyPI packages, causing the company to rotate code-signing certificates for]]></description>
										<content:encoded><![CDATA[<h2>OpenAI confirms security breach in TanStack supply chain attack</h2>
<p><strong>Score pertinence:</strong> 100/100</p>
<p>OpenAI says two employees&rsquo; devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and PyPI packages, causing the company to rotate code-signing certificates for its applications as a precaution. [&#8230;]</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://www.bleepingcomputer.com/news/security/openai-confirms-security-breach-in-tanstack-supply-chain-attack/" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-pcpjack-credential-stealer-exploits-5-cves-to-spread-worm-like-across-cloud-systems-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-pcpjack-credential-stealer-exploits-5-cves-to-spread-worm-like-across-cloud-systems-4/</guid>

					<description><![CDATA[Cybersecurity researchers have disclosed details of a new credential theft framework dubbed PCPJack that targets exposed cloud infrastructure and ousts any artifacts linked to TeamPCP from the environ]]></description>
										<content:encoded><![CDATA[<h2>PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems</h2>
<p><strong>Score pertinence:</strong> 100/100</p>
<p>Cybersecurity researchers have disclosed details of a new credential theft framework dubbed PCPJack that targets exposed cloud infrastructure and ousts any artifacts linked to TeamPCP from the environments.<br />
« The toolset harvests credentials from cloud, container, developer, productivity, and financial services, then exfiltrates the data through attacker-controlled infrastructure while attempting</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://thehackernews.com/2026/05/pcpjack-credential-stealer-exploits-5.html" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>[Cybersécurité] Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker</title>
		<link>https://cyber.kiminox.net/2026/05/16/cybersecurite-iran-backed-hackers-claim-wiper-attack-on-medtech-firm-stryker-4/</link>
		
		<dc:creator><![CDATA[Cyber Redaction]]></dc:creator>
		<pubDate>Sat, 16 May 2026 04:34:57 +0000</pubDate>
				<category><![CDATA[Cybersecurity]]></category>
		<guid isPermaLink="false">https://cyber.kiminox.net/2026/05/16/cybersecurite-iran-backed-hackers-claim-wiper-attack-on-medtech-firm-stryker-4/</guid>

					<description><![CDATA[A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports o]]></description>
										<content:encoded><![CDATA[<h2>Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker</h2>
<p><strong>Score pertinence:</strong> 65/100</p>
<p>A hacktivist group with links to Iran&rsquo;s intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker&rsquo;s largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at Stryker&rsquo;s main U.S. headquarters says the company is currently experiencing a building emergency.</p>
<hr>
<p><em><strong>Source:</strong> <a href="https://krebsonsecurity.com/2026/03/iran-backed-hackers-claim-wiper-attack-on-medtech-firm-stryker/" target="_blank" rel="noopener">Flux RSS</a></em></p>
]]></content:encoded>
					
		
		
			</item>
	</channel>
</rss>
