Tour d’horizon cyber de la semaine : lookup, fuite de données, Telegram, McDonald’s France, VPN saisi, fausses promotions, fraudes publicitaires, menaces Linux, IA et accès initial en 2026.

Un suspect interpellé après un trafic de données lié à Telegram, crypto-actifs et 79 millions d’entrées.

Un nouveau rebondissement dans l’une des plus mystérieuses affaires criminelles françaises ?

Telegram : un audit confirme un risque de suivi passif via une clé d'authentification, malgré les démentis de l’entreprise.

McDonald’s France touché par des fraudes McDo+ : les cartes fidélité deviennent une cible cyber rentable à la suite d'une fuite de données.

First VPN démantelé : 33 serveurs saisis, plus de 5000 comptes liés à des enquêtes cyber. L'admin gardait les infos des clients !

Fraudes publicitaires : Meta, TikTok et Google visés par Que Choisir, le BEUC et l’Arcom au nom du DSA

Monday recap. Same mess, new week. A sketchy dev tool got people pwned, old bugs came back from the dead, and security products somehow needed protecting from themselves. A bunch of companies spent the week checking old boxes and forgotten servers they shoul…

Dutch authorities arrested two suspects and seized 800 servers tied to Stark Industries, a hosting firm linked to cyberattacks and disinformation. Dutch financial crime investigators arrested two men and seized 800 servers connected to Stark Industries, a hos…

AI flaw-finder still under lock and key for now while company figures out guardrails, but made available to more users including governments

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. CVE-2026…

Ransomware gangs are shifting from encryption to pure extortion, focusing on stolen data, reputational pressure, and stealthier attacks. Ransomware groups are quietly changing strategy in 2026. Instead of encrypting systems and causing immediate disruption, m…

Anthropic on Friday disclosed that Project Glasswing has helped uncover more than 10,000 high- or critical-severity vulnerabilities across some of the most "systemically" important software across the world since the cybersecurity initiative went live last mo…

Amazon is selling the 2026 Hisense Hi-QLED S7 Canvas TV for 43% off during Memorial Day weekend.

Ghostwriter targeted Ukrainian government agencies with phishing emails delivering malware and Cobalt Strike payloads. The Belarus-nexus APT group Ghostwriter (also tracked as UAC-0057 and UNC1151) has resurfaced with a new phishing campaign targeting Ukraini…

Will Jason Statham save us?

The Belarus-aligned threat actor known as Ghostwriter (aka UAC-0057 and UNC1151Ukraine's National Security and Defense Council) has been observed using lures related to Prometheus, a Ukrainian online learning platform, to target government organizations in th…

Japanese cybersecurity software company Trend Micro has addressed an Apex One zero-day vulnerability exploited in attacks targeting Windows systems. [...]

Cybersecurity researchers have disclosed details of a new automated campaign called Megalodon that has pushed 5,718 malicious commits to 5,561 GitHub repositories within a six-hour window. "Using throwaway accounts and forged author identities (build-bot, au…

1 Introduction This article provides a technical analysis of how many Windows kernel mode drivers can be interacted with from user mode without the hardware they were developed for. This work was motivated by driver-oriented vulnerability research and the ne…

'Budgets are moral documents,' Rep. Delia Ramirez said

Lee Ultimate Hacker Cybersecurity Support Focused on Protection and Reliability - posted in Windows 10 Discussion: Leeultimatehacker @ a o l . c o m)   whatspp +1  ( 7 1 5 )  3 1  4  -  9 2 4 8 Lee Ultimate Hacker is a professional cybersecurity platform spec…

A Chinese cyber-espionage campaign has been targeting telecommunications providers with newly discovered Linux and Windows malware dubbed Showboat and JFMBackdoor, respectively. [...]

Europol has seized First VPN, a service used by ransomware gangs, arrested its administrator and gained access to data linked to thousands of users.

Consider a cached access key on a single Windows machine. It got there the way most cached credentials do - a user logged in, and the key stored itself automatically. Standard AWS behavior. No one misconfigured anything or violated a policy. Yet that single k…

On Wednesday, Microsoft started rolling out security patches for two Defender vulnerabilities that have been exploited in zero-day attacks. [...]