[Cybersécurité] Middle East Cyber Battle Field Broadens — Especially in UAE
As the war with Iran continues, breach attempts targeting the United Arab Emirates tripled in a few weeks — many targeting critical infrastructure.
[Cybersécurité] Instructure Breach Exposes Schools’ Vendor Dependence
ShinyHunters’ attack on Instructure, which owns the widely used Canvas learning management system (LMS), carries big questions about the trust educational institutions put into their vendors.
[Cybersécurité] 18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE
Cybersecurity researchers have disclosed multiple security vulnerabilities impacting NGINX Plus and NGINX Open, including a critical flaw that remained undetected for 18 years.
The vulnerability, disc
[Cybersécurité] CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited Vulnerabilities (KEV
[Cybersécurité] AI-Driven Cyberattack on Mexico Couldn’t Breach OT Systems
What researchers dubbed the most sophisticated AI-integrated ICS campaign to date hit a brick wall in the form of a SCADA login screen.
[Cybersécurité] RMM Tools Fuel Stealthy Phishing Campaign
Attackers are abusing two remote monitoring and management (RMM) tools to evade detection in a campaign that has impacted over 80 organizations so far.
[Cybersécurité] Microsoft Edge Stores Passwords in Process Memory, Posing Enterprise Risk
A proof-of-concept exploit (PoC) shows how someone with admin privileges can exploit the issue to steal passwords, and thus use them to engage in further malicious activity.
[Cybersécurité] Azerbaijani Energy Firm Hit by Repeated Microsoft Exchange Exploitation
A threat actor with affiliations to China has been linked to a « multi-wave intrusion » targeting an unnamed Azerbaijani oil and gas company between late December 2025 and late February 2026, marking an
[Cybersécurité] ‘Dirty Frag’ Exploit Poised to Blow Up on Enterprise Linux Distros
The privilege escalation vulnerability, which is similar to other Linux flaws like Copy Fail and Dirty Pipe, may already be under limited exploitation.
[Cybersécurité] It’s Patch Tuesday for Microsoft & Not a Zero-Day In Sight
It’s the first time in two years with no zero-days. But with 137 flaws to patch, including nine critical ones, admins still have plenty of work to do.
![[Cybersécurité] Middle East Cyber Battle Field Broadens — Especially in UAE](https://cyber.kiminox.net/wp-content/uploads/2024/10/cybersecurity_img2-100x100.png)
![[Cybersécurité] 18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE](https://cyber.kiminox.net/wp-content/uploads/2026/05/cyber-4166-1780644867-100x100.png)