𝐅𝐥𝐚𝐰𝐬 𝐢𝐧 𝐏𝐨𝐩𝐮𝐥𝐚𝐫 𝐒𝐨𝐟𝐭𝐰𝐚𝐫𝐞 𝐃𝐞𝐯𝐞𝐥𝐨𝐩𝐦𝐞𝐧𝐭 𝐀𝐩𝐩 𝐄𝐱𝐭𝐞𝐧𝐬𝐢𝐨𝐧𝐬 𝐀𝐥𝐥𝐨𝐰 𝐃𝐚𝐭𝐚 𝐄𝐱𝐟𝐢𝐥𝐭𝐫𝐚𝐭𝐢𝐨𝐧 Researchers at OX Security have detected four vulnerabilities in three of the most popular IDEs that could lead to cyber-attacks. 📰 www.infosecurity-magazine.com/news/vulnera...

La Russie a bloqué l’accès à Telegram, WhatsApp et YouTube. Le Kremlin veut pousser l’utilisation de ses propres applications alternatives comme la messagerie instantanée Max et promeut un “internet souverain”... coupecircuit.substack.com/p/spaciba-te...

VulnWatch Monday: CVE-2026-2441 🔓 Google has released a security update to patch a newly discovered zero-day in Chrome. The tech giant also confirmed that it “is aware that an exploit for CVE-2026-2441 exists in the wild.” www.infosecurity-magazine.com/news/google-...

🇺🇬 Des SMS pro-Museveni envoyés aux clients de MTN en plein blackout numérique La nouvelle édition de Courts-circuits (2-8 février 2026), c'est par-ici : coupecircuit.substack.com/p/des-sms-pr...

𝐇𝐚𝐜𝐤𝐢𝐧𝐠 𝐂𝐚𝐦𝐩𝐚𝐢𝐠𝐧 𝐄𝐱𝐩𝐥𝐨𝐢𝐭𝐬 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐖𝐢𝐧𝐝𝐨𝐰𝐬 𝐖𝐢𝐧𝐑𝐀𝐑 𝐕𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲 A hacking campaign took just days to exploit a newly disclosed security vulnerability in Microsoft Windows version of WinRAR, researchers at Check Point have said. www.infosecurity-magazine.com/news/hacking...

Comment l’Iran a coupé internet pour près de 90 millions de personnes 🇮🇷 On explore ce qu'il s'est passé, exactement, pour l'internet iranien en janvier. Chiffres, graphiques & chronologie à l'appui 📊 Iran : analyse d’une coupure internet sans précédent 1/3 coupecircuit.substack.com/p/comment-li...

𝐎𝐩𝐞𝐧𝐂𝐥𝐚𝐰 𝐚𝐧𝐝 𝐌𝐨𝐥𝐭𝐛𝐨𝐨𝐤 𝐖𝐞𝐧𝐭 𝐕𝐢𝐫𝐚𝐥 – 𝐒𝐨 𝐃𝐢𝐝 𝐓𝐡𝐞𝐢𝐫 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐒𝐡𝐨𝐫𝐭𝐜𝐨𝐦𝐢𝐧𝐠𝐬 New @6mile.githax.com findings reveal 386 fake crypto trading 'skills' linked to the viral OpenClaw AI assistant tool (aka Moltbot/Clawdbot) can lead users to install infostealers. 📰 www.infosecurity-magazine.com/news/malicio...

𝗖𝘆𝗯𝗲𝗿𝗰𝗿𝗶𝗺𝗲 𝗨𝗻𝗶𝘁 𝗼𝗳 𝗣𝗮𝗿𝗶𝘀 𝗣𝗿𝗼𝘀𝗲𝗰𝘂𝘁𝗼𝗿𝘀 𝗥𝗮𝗶𝗱 𝗘𝗹𝗼𝗻 𝗠𝘂𝘀𝗸’𝘀 𝗫 𝗢𝗳𝗳𝗶𝗰𝗲𝘀 𝗶𝗻 𝗙𝗿𝗮𝗻𝗰𝗲 🇫🇷 The cybercrime unit of the Paris Prosecutor’s Office raided X offices in Paris. Musk and Linda Yaccarino were summoned for voluntary interviews in Paris on April 20. 📰 www.infosecurity-magazine.com/news/paris-p...

Notepad++ compromised in supply chain attack from June to December 2025 by “likely Chinese state-sponsored actor”. notepad-plus-plus.org/news/hijacke...

🔓 𝗩𝘂𝗹𝗻𝗪𝗮𝘁𝗰𝗵 𝗙𝗿𝗶𝗱𝗮𝘆: 𝗖𝗩𝗘-𝟮𝟬𝟮𝟲-𝟭𝟮𝟴𝟭 Ivanti announced emergency patches for two critical vulnerabilities, tracked as CVE-2026-1281 and CVE-2026-1340, in EPMM that have been exploited in the wild as zero-days.

𝗡𝗲𝘄 𝗔𝗜-𝗗𝗲𝘃𝗲𝗹𝗼𝗽𝗲𝗱 𝗠𝗮𝗹𝘄𝗮𝗿𝗲 𝗖𝗮𝗺𝗽𝗮𝗶𝗴𝗻 𝗧𝗮𝗿𝗴𝗲𝘁𝘀 𝗜𝗿𝗮𝗻𝗶𝗮𝗻 𝗣𝗿𝗼𝘁𝗲𝘀𝘁𝘀 🇮🇷 HarfangLab has reported that a new malicious campaign is spreading malware against people in Iran, likely including NGOs and individuals involved in documenting recent human rights abuses. 📰 www.infosecurity-magazine.com/news/ai-malw...

𝗡𝗘𝗪 - 𝗙𝗿𝗮𝗻𝗰𝗲 𝗙𝗶𝗻𝗲𝘀 𝗡𝗮𝘁𝗶𝗼𝗻𝗮𝗹 𝗘𝗺𝗽𝗹𝗼𝘆𝗺𝗲𝗻𝘁 𝗔𝗴𝗲𝗻𝗰𝘆 𝗮 €𝟱𝗺 𝗢𝘃𝗲𝗿 𝟮𝟬𝟮𝟰 𝗗𝗮𝘁𝗮 𝗕𝗿𝗲𝗮𝗰𝗵 France Travail has received a €5m fine from France's data protection regulator for security failures that led to the compromise of an estimated 43 million jobseekers. 📰 www.infosecurity-magazine.com/news/france-...

𝗡𝗘𝗪 - 𝗙𝗕𝗜 𝗧𝗮𝗸𝗲𝘀 𝗗𝗼𝘄𝗻 𝗥𝗔𝗠𝗣 𝗥𝗮𝗻𝘀𝗼𝗺𝘄𝗮𝗿𝗲 𝗙𝗼𝗿𝘂𝗺 RAMP's clear and dark web sites are down and have been replaced by an FBI banner. @sophossecurity.bsky.social @curatedintel.bsky.social @ransomware.live @ransomlook.bsky.social 📰 www.infosecurity-magazine.com/news/fbi-tak...

Des signes montrent un fragile retour d'une certaine forme de connectivté depuis l'Iran 🇮🇷 Mais la réalité pourrait être plus complexe... 📰 coupecircuit.substack.com/p/retour-de-...

🔓 𝐕𝐮𝐥𝐧𝐖𝐚𝐭𝐜𝐡 𝐌𝐨𝐧𝐝𝐚𝐲: 𝐂𝐕𝐄-2024-37079 CISA added a critical vulnerability affecting VMware vCenter Server to its known exploited vulnerabilities (KEV) list despite the flaw being patched in June 2024.

🔓 𝗩𝘂𝗹𝗻𝗪𝗮𝘁𝗰𝗵 𝗙𝗿𝗶𝗱𝗮𝘆: 𝗖𝗩𝗘-𝟮𝟬𝟮𝟱-𝟯𝟰𝟬𝟮𝟲 An authentication bypass in the Versa Networks Concerto SD-WAN orchestration platform that could allow an attacker to access administrative endpoints has been added to CISA's KEV catalog, confirming of active exploitation in the wild.

🔓 VulnWatch Monday: CVE-2026-0629 TP-Link has released fixes for a major security vulnerability affecting 32 of its VIGI C and VIGI InSight professional surveillance cameras, which could allow attackers to seize full control of vulnerable devices.

🔎 VulnWatch Friday: CVE-2025-53690 🔓 China-linked hacking group UAT-8837 is exploiting CVE-2025-53690 (Sitecore vulnerability) to breach North American critical infrastructure, deploying the WeepSteel backdoor, according to @talosintelligence.com.

Ouganda : l'internet coupé deux jours avant le scrutin Le gouvernement avait pourtant promis de maintenir l’accès à internet avant l'élection présidentielle... coupe-circuit.ghost.io/ouganda-coup...

Cette information a (malheureusement) été confirmée par Netblocks et @radar.cloudflare.com... bsky.app/profile/rada...

🚨 URGENT 🇺🇬 Possible suspension de l'internet en Ouganda à venir Une source vient de me partager un document en provenance de la Uganda Communications Commission, prévoyant une suspension de l’accès à internet dans le pays à 18 heures ce 13 janvier. A croiser avec d'autres sources.

🇮🇷 L'Iran vit la plus grande coupure internet de son histoire Pour comprendre ce qu'il se passe dans le pays, c'est par ici : coupecircuit.substack.com/p/liran-vit-...

👀 VulnWatch Monday: CVE-2026-21858 🔓 aka "Ni8mare" A security researcher reported a critical vulnerability in popular AI workflow automation platform n8n that could enable adversaries to compromise enterprise secrets. 📰 www.infosecurity-magazine.com/news/maximum...

Du Rajasthan, à l'ouest, à l'Assam, à l'est, les Etats indiens ont le même réfflexe en cas de problèmes d'ordre public : couper les vannes de l'internet. open.substack.com/pub/coupecir...

Pourquoi Taïwan bloque RedNote (mais pas TikTok) Cette semaine, dans Coupe-circuit: open.substack.com/pub/coupecir...

GreatFire balance tout ! Après des mois à tenter de protéger Vultr, @greatfire.org a révélé le rôle central de l’entreprise américaine dans la censure que le géant chinois Tencent essaie de lui imposer en demandant la suppression de son site FreeWeChat. open.substack.com/pub/coupecir...

𝗣𝗢𝗗𝗖𝗔𝗦𝗧 🎧 𝗛𝗼𝘄 𝟮𝟬𝟮𝟱 𝗦𝗵𝗮𝗽𝗲𝗱 𝘁𝗵𝗲 𝗙𝘂𝘁𝘂𝗿𝗲 𝗼𝗳 𝗖𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 We sat down with Rebecca Taylor from Sophos and @bushidotoken.net from @teamcymrus2.bsky.social to discuss 2025’s highs and lows in cyber and make educated guesses on what to look for in 2026. feeds.soundcloud.com/users/soundc...

Uganda’s authorities are mulling imposing strict controls on internet use, including the possible blocking of major social media networks ahead of the general elections scheduled for mid-January 2026. Platforms affected include TikTok, YouTube, Facebook, Instagram and X.

𝗡𝗘𝗪 - 𝗨𝗞'𝘀 𝗖𝘆𝗯𝗲𝗿 𝗦𝗲𝗿𝘃𝗶𝗰𝗲 𝗳𝗼𝗿 𝗧𝗲𝗹𝗰𝗼𝘀 𝗕𝗹𝗼𝗰𝗸𝘀 𝟭 𝗕𝗶𝗹𝗹𝗶𝗼𝗻 𝗠𝗮𝗹𝗶𝗰𝗶𝗼𝘂𝘀 𝗦𝗶𝘁𝗲 𝗔𝘁𝘁𝗲𝗺𝗽𝘁𝘀 Almost one billion early-stage cyber-attacks have been prevented in the past year in the UK thanks to Share and Defend, a service run by @ncsc.gov.uk. www.infosecurity-magazine.com/news/uk-cybe...

𝗡𝗘𝗪 - 𝗨𝗞 𝗥𝗮𝗻𝘀𝗼𝗺𝘄𝗮𝗿𝗲 𝗣𝗮𝘆𝗺𝗲𝗻𝘁 𝗕𝗮𝗻 𝘁𝗼 𝗖𝗼𝗺𝗲 𝘄𝗶𝘁𝗵 𝗘𝘅𝗲𝗺𝗽𝘁𝗶𝗼𝗻𝘀 Speaking at the @financialtimes.com's Cyber Resilience Summit: Europe today, British Security Minister Dan Jarvis said the ban on ransomware payments will include "national security exemptions." www.infosecurity-magazine.com/news/uk-rans...

👀 VulnWatch Monday: CVE-2025-35028 🔓 A critical vulnerability was found by the Austin Hackers Association in HexStrike AI MCP server. takeonme.org/cves/cve-202...

🔎 VulnWatch Friday: CVE-2025-66022 🔓 A critical vulnerability was discovered in Faction, a pentesting report generation framework developed by Faction Security. 🔧 This issue has been patched in version 1.7.1. 🔎 nvd.nist.gov/vuln/detail/...

𝗡𝗘𝗪 - 𝗙𝗿𝗲𝗻𝗰𝗵 𝗙𝗼𝗼𝘁𝗯𝗮𝗹𝗹 𝗙𝗲𝗱𝗲𝗿𝗮𝘁𝗶𝗼𝗻 𝗦𝘂𝗳𝗳𝗲𝗿𝘀 𝗗𝗮𝘁𝗮 𝗕𝗿𝗲𝗮𝗰𝗵 🇫🇷 The FFF detected unauthorized access to the software platform used by all licensed football clubs in France to manage administrative tasks, incl. registering their players with the federation. 📰 www.infosecurity-magazine.com/news/french-...

🇬🇧 Cyber Security & Resilience Bill: Key Changes Revealed Shona Lester, Head of CSR Bill Team, just shared the bill's key provisions. Here’s what’s coming: ☑️ Expanded Regulatory Scope ☑️ Enhanced Incident Reporting ☑️ Strengthened Regulatory Powers 📰 www.infosecurity-magazine.com/news/key-pro...

Pour les plus friands de détails techniques mais pas forcément anglophones, j’ai aussi concocté un tableau résumant les résultats de l’analyse des chercheurs, à découvrir ici : datawrapper.dwcdn.net/Ea0qo/13/

Votre VPN est-il vulnérable à la censure numérique ? Des chercheurs de l’IIIT Delhi, en Inde, se sont demandé dans quelle mesure un gouvernement pourrait détecter du trafic VPN et ainsi (potentiellement) le bloquer. On vous explique ce qu'ils ont trouvé ⬇️ coupecircuit.substack.com/p/vpn-voici-...

🚨 𝐎𝐩. 𝐄𝐧𝐝𝐠𝐚𝐦𝐞 3.0 𝐃𝐢𝐬𝐦𝐚𝐧𝐭𝐥𝐞𝐬 𝐑𝐡𝐚𝐝𝐚𝐦𝐚𝐧𝐭𝐡𝐲𝐬, 𝐕𝐞𝐧𝐨𝐦𝐑𝐀𝐓 𝐚𝐧𝐝 𝐄𝐥𝐲𝐬𝐢𝐮𝐦 The third "season" of Operation Endgame resulted in: 🗄️ Over 1025 servers taken down or disrupted 🌐 20 domains seized 🚪 11 locations searched 👮 One arrest 📰 www.infosecurity-magazine.com/news/operati...

𝐏𝐎𝐃𝐂𝐀𝐒𝐓 - 𝐇𝐨𝐰 𝐏𝐫𝐢𝐯𝐚𝐭𝐞 𝐑𝐞𝐬𝐞𝐚𝐫𝐜𝐡𝐞𝐫𝐬 𝐀𝐫𝐞 𝐓𝐚𝐤𝐢𝐧𝐠 𝐃𝐨𝐰𝐧 𝐑𝐚𝐧𝐬𝐨𝐦𝐰𝐚𝐫𝐞 𝐎𝐩𝐞𝐫𝐚𝐭𝐢𝐨𝐧𝐬 I sat down with Matthew Maynard, a cybersecurity pro by day and a cyber ghost-buster by night, who doesn’t just hunt vulnerabilities, but haunts the hackers themselves. 🎧 Listen here: feeds.soundcloud.com/users/soundc...

𝘗𝘦𝘳𝘴𝘰𝘯𝘢𝘭 𝘰𝘱𝘪𝘯𝘪𝘰𝘯: 𝐂𝐲𝐛𝐞𝐫𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐑𝐞𝐩𝐨𝐫𝐭𝐢𝐧𝐠 𝐒𝐡𝐨𝐮𝐥𝐝𝐧’𝐭 𝐉𝐮𝐦𝐩 𝐭𝐨 𝐆𝐞𝐨𝐩𝐨𝐥𝐢𝐭𝐢𝐜𝐚𝐥 𝐂𝐨𝐧𝐜𝐥𝐮𝐬𝐢𝐨𝐧𝐬 (𝐄𝐬𝐩𝐞𝐜𝐢𝐚𝐥𝐥𝐲 𝐖𝐢𝐭𝐡𝐨𝐮𝐭 𝐄𝐯𝐢𝐝𝐞𝐧𝐜𝐞) The latest cyberattack on airports is a serious incident that warrants thorough investigation. (1/5) www.infosecurity-magazine.com/news/airport...

EXCLUSIVE - Why Three Vendors Pulled Out of ‘Cybersecurity Olympics’ Microsoft, SentinelOne and Palo Alto Networks have decided not to take part in the 2025 edition of MITRE’s EDR test. I spoke with MITRE CTO to understand what motivated these moves. www.infosecurity-magazine.com/news/cyber-v...

Hackers calling themselves SafePay. carried out a ransomware attack on the five-star K Club resort in Co Kildare as it prepared to host some of the world’s top golfers at the Irish Open this past weekend. www.thetimes.com/world/irelan...

Cybersecurity firm Netskope eyes up to $6.5 billion valuation in US IPO www.reuters.com/business/cyb...

Hackers are using security reports to translate technical problems into “partial malicious code” as part of the “vibe coding” trend. www.trendmicro.com/vinfo/us/sec...

𝐂𝐈𝐒𝐀 2015 𝐒𝐚𝐟𝐞 𝐇𝐚𝐫𝐛𝐨𝐫 𝐚𝐭 𝐑𝐢𝐬𝐤 𝐚𝐬 𝐒𝐞𝐩𝐭𝐞𝐦𝐛𝐞𝐫 30 𝐃𝐞𝐚𝐝𝐥𝐢𝐧𝐞 𝐍𝐞𝐚𝐫𝐬 ⌛As the expiration date for the Cybersecurity Information Sharing Act of 2015 looms in the US, I spoke to experts about the provisions the Act offers and the debates surrounding the renewal and the consequences of non-renewal.

𝐕𝐨𝐭𝐫𝐞 𝐕𝐏𝐍 𝐞𝐬𝐭-𝐢𝐥 𝐮𝐧 𝐜𝐡𝐞𝐯𝐚𝐥 𝐝𝐞 𝐓𝐫𝐨𝐢𝐞 𝐜𝐡𝐢𝐧𝐨𝐢𝐬 ? 🇨🇳 D’après 3 études, des dizaines d’applis VPN (Google Play Store/Apple App Store) sont liées entre elles… et certaines appartiennent à Qihoo 360, proche de l’armée chinoise. 🔗 Nouvelle édition de Coupe-Circuit : open.substack.com/pub/coupecir...

🔎 VulnWatch Friday: CVE-2025-57819 🔓 The Sangoma FreePBX Security Team has warned of a vulnerability being exploited in the wild. FreePBX is an open-source graphical user interface (GUI) for managing Asterisk, the popular open-source Private Branch Exchange (PBX) and telephony platform.

🧐 VulnWatch Wednesday: CVE-2025-7775 🔓 Citrix has released patches for three critical zero days in NetScaler ADC and Gateway, one of which was already being exploited by attackers. According to Kevin Beaumont, exploit campaigns 🎯CVE-2025-7775 began before the patches were made available.

🧐 VulnWatch Wednesday: CVE-2025-31324 🔓 A critical vulnerability in SAP NetWeaver is now being widely exploited following the release of public exploit tooling. 🆕 The public availability of the full source code makes the exploit easy to use even for attackers with little technical expertise.

𝐋𝐞𝐠𝐢𝐭𝐢𝐦𝐚𝐭𝐞 𝐂𝐡𝐫𝐨𝐦𝐞 𝐕𝐏𝐍 𝐄𝐱𝐭𝐞𝐧𝐬𝐢𝐨𝐧 𝐓𝐮𝐫𝐧𝐬 𝐭𝐨 𝐁𝐫𝐨𝐰𝐬𝐞𝐫 𝐒𝐩𝐲𝐰𝐚𝐫𝐞 FreeVPN.One, a popular Google-featured browser VPN extension, recently turned malicious and is now spying on users’ every move online. A good read from Koi Security on 𝑰𝒏𝒕𝒆𝒓𝒏𝒂𝒕𝒊𝒐𝒏𝒂𝒍 𝑽𝑷𝑵 𝑫𝒂𝒚 www.infosecurity-magazine.com/news/chrome-...

👀 VulnWatch Monday: CVE-2025-25256 🔓 WatchTowr Labs has published a technical analysis of CVE-2025-25256, a critical pre-auth command injection vulnerability in Fortinet's FortiSIEM, as well as a detection artifact generator. 🔧 Fix? Yes (see Fortinet's security advisory)