Voici la sélection des vulnérabilités de cybersécurité les plus critiques découvertes la semaine passée.
Vous retrouvez ci-dessous les liens directs vers les articles les plus intéressants. Pour information, cette veille est préparée avec un vrai cerveau non artificiel, alors bonne lecture et merci de soutenir le Décodeur !
Les actus sélectionnées cette semaine
We’ve said it before; we’ll say it again: Don’t put credentials in publicly available code.
The contactless payment system for New York City’s subways has a security hole.
An unknown number of LogicMonitor’s customers have been hacked due to the fact that the company set weak default passwords.
Information was exposed on hundreds of crypto-related bankruptcy claimants in proceedings involving FTX, Genesis, and BlockFI.
SQL injection and its ilk will stop being “a thing” only after organizations focus on security by construction.
Several Buffer Overflow vulnerabilities have been discovered in Notepad++ that can be exploited by threat actors for malicious purposes.
Cybersecurity analysts at Trend Micro, Europol, and UNICRI jointly studied criminal AI exploitation, releasing the “Malicious Uses and Abuses of Artificial Intelligence”.
Unpatched Citrix systems under attack! Unknown threat actors are exploiting a critical vulnerability (CVE-2023-3519) for ransomware attacks.
New research uncovers how hackers could cleverly bypass endpoint security by exploiting Windows Container Isolation
IT specialists say radio attacks point to long-standing weaknesses in rail network’s security.
Artificial intelligence tools have given scammers a potent weapon for trying to trick people into sending them money.