[Cybersécurité] [Webinar] How Modern Attack Paths Cross Code, Pipelines, and Cloud
TL;DR: Stop chasing thousands of « toast » alerts. Join experts from Wiz to learn how hackers connect tiny flaws to build a « Lethal Chain » to your data—and how to break it. Register for the Strategic Br
[Cybersécurité] New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution
Exim has released security updates to address a severe security issue affecting certain configurations that could enable memory corruption and potential code execution.
Exim is an open-source Mail Tra
[Cybersécurité] Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
A threat actor with affiliations to China has been linked to a « multi-wave intrusion » targeting an unnamed Azerbaijani oil and gas company between late December 2025 and late February 2026, marking an
[Cybersécurité] Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine.
Active since at least 2016, Ghostwriter has been li
[Cybersécurité] Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets
Cybersecurity researchers are sounding the alarm about what has been described as « malicious activity » in newly published versions of node-ipc.
According to Socket and StepSecurity, three different ve
[Cybersécurité] CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited Vulnerabilities (KEV
[Cybersécurité] TeamPCP Hits SAP Packages With ‘Mini Shai-Hulud’ Attack
Several npm packages for SAP’s cloud application development ecosystem have been compromised as TeamPCP’s supply chain attacks broaden.
[Cybersécurité] RMM Tools Fuel Stealthy Phishing Campaign
Attackers are abusing two remote monitoring and management (RMM) tools to evade detection in a campaign that has impacted over 80 organizations so far.
[Cybersécurité] Exploit Cyber-Frenzy Threatens Millions via Critical cPanel Vulnerability
Shortly after the authentication-bypass flaw was disclosed multiple proof-of-concept exploits appeared, and one researcher claims there’s been zero-day activity for at least a month.
[Cybersécurité] Microsoft Edge Stores Passwords in Process Memory, Posing Enterprise Risk
A proof-of-concept exploit (PoC) shows how someone with admin privileges can exploit the issue to steal passwords, and thus use them to engage in further malicious activity.
![[Cybersécurité] [Webinar] How Modern Attack Paths Cross Code, Pipelines, and Cloud](https://cyber.kiminox.net/wp-content/uploads/2024/10/cybersecurity_img2-100x100.png)