[Cybersécurité] Canvas Breach Disrupts Schools & Colleges Nationwide
An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States today, af
[Cybersécurité] Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access
Ivanti is warning that a new security flaw impacting Endpoint Manager Mobile (EPMM) has been explored in limited attacks in the wild.
The high-severity vulnerability, CVE-2026-6973 (CVSS score: 7.2),
[Cybersécurité] One Click, Total Shutdown: The « Patient Zero » Webinar on Killing Stealth Breaches
The hardest part of cybersecurity isn’t the technology, it’s the people.
Every major breach you’ve read about lately usually starts the same way: one employee, one clever email, and one « Patient Zero »
[Cybersécurité] Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions
Details have emerged about a new, unpatched local privilege escalation (LPE) vulnerability impacting the Linux kernel.
Dubbed Dirty Frag, it has been described as a successor to Copy Fail (CVE-2026-31
[Cybersécurité] PAN-OS RCE Exploit Under Active Use Enabling Root Access and Espionage
Palo Alto Networks has disclosed that threat actors may have attempted to unsuccessfully exploit a recently disclosed critical security flaw as early as April 9, 2026.
The vulnerability in question is
[Cybersécurité] Popular node-ipc npm package compromised to steal credentials
Hackers have injected credential-stealing malware into newly published versions of node-ipc, a popular inter-process communication package, in a new supply chain attack targeting npm. […]
[Cybersécurité] Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike
The Belarus-aligned threat group known as Ghostwriter has been attributed to a fresh set of attacks targeting governmental organizations in Ukraine.
Active since at least 2016, Ghostwriter has been li
[Cybersécurité] Patch Tuesday, May 2026 Edition
Artificial intelligence platforms may be just as susceptible to social engineering as human beings, but they are proving remarkably good at finding security vulnerabilities in human-made computer code
[Cybersécurité] cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor
A threat actor named Mr_Rot13 has been attributed to the exploitation of a recently disclosed critical cPanel flaw to deploy a backdoor codenamed Filemanager on compromised environments.
The attack ex
[Cybersécurité] On-Prem Microsoft Exchange Server CVE-2026-42897 Exploited via Crafted Email
Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild.
The vulnerability, tracked as CVE-202
![[Cybersécurité] Canvas Breach Disrupts Schools & Colleges Nationwide](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4198-1781519183-100x100.png)
![[Cybersécurité] Ivanti EPMM CVE-2026-6973 RCE Under Active Exploitation Grants Admin-Level Access](https://cyber.kiminox.net/wp-content/uploads/2024/10/cybersecurity_img2-100x100.png)
![[Cybersécurité] Popular node-ipc npm package compromised to steal credentials](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4193-1781507736-100x100.png)