Actu - 14 décembre 2025 - Parce que... c'est l'épisode 0x679!
Parce que… c’est l’épisode 0x679!
Shameless plug
25 et 26 février 2026 - SéQCure 2026
CfP
14 au 17 avril 2026 - Botconf 2026
28 et 29 avril 2026 - Cybereco Cyberconférence 2026
9 au 17 mai 2026 - NorthSec 2026
3 au 5 juin 2025 - SSTIC 2026
Notes
IA
Surfer
Block all AI browsers for the foreseeable future: Gartner
Google says Chrome’s AI creates risks only more AI can fix
Se tirer dans le pied
Gemini Enterprise No-Click Flaw Exposes Sensitive Data
Copilot’s No Code AI Agents Liable to Leak Company Data
ClickFix Style Attack Uses Grok, ChatGPT for Malware Delivery
Over the top
New OpenAI models likely to pose “high” cybersecurity risk
AI hackers are coming dangerously close to beating humans
New cybersecurity guidance paves the way for AI in critical infrastructure
AI-Powered Free Security-Audit Checklist 2026
3 ans d’audits cybersécu et finalement, c’est une IA qui trouve la faille en 4 jours
New Prompt Injection Attack via Malicious MCP Servers Let Attackers Drain Resources
‘Botnets in physical form’ are top humanoid robot risk
Building Trustworthy AI Agents
Microsoft to Bundle Security Copilot in M365 Enterprise License
Privacy Firewall - Le garde fou de vos IA
Red
Malicious Go Packages Mimic as Google’s UUID Library to Exfiltrate Sensitive Data
Ransomware gangs turn to Shanya EXE packer to hide EDR killers
Researchers spot 700 percent increase in hypervisor attacks
New Mirai Botnet Variant ‘Broadside’ Actively Attacking Users in the Wild
700+ self-hosted Git instances battered in 0-day attacks
10K Docker images spray live cloud creds across the internet
Infoblox Threat Intel: “Canadian online marketplace se…” - Infosec Exchange
Kali Linux 2025.4 released with 3 new tools, desktop updates
Apple fixes two zero-day flaws exploited in ‘sophisticated’ attacks
Blue
Windows PowerShell now warns when running Invoke-WebRequest scripts
Stop Breaking TLS
Daring Fireball: iMessage’s Delivery Architecture Makes It Hard to Block Without Blocking All iOS Push Notifications
Why a secure software development life cycle is critical for manufacturers
Le BISO, maillon opérationnel entre cybersécurité et métiers
Microsoft bounty program now includes any flaw impacting its services
MITRE Releases Top 25 Most Dangerous Software Weaknesses of 2025
Harden Windows Security - Blindez votre Windows sans installer un seul logiciel tiers !
Privacy
ICO: Home Office hushed up facial recognition biases
Hackers Can Leverage Delivery Receipts on WhatsApp and Signal to Extract User Private Information
Identité
The EFF Nails It: What’s Wrong With UK Digital ID
Why Isn’t Online Age Verification Just Like Showing Your ID In Person?
Australia social media ban: Teens navigate new world without social media as ban takes effect
Lawmaker calls facial recognition on doorbell cameras a ‘privacy nightmare’
Effacer son téléphone devant les douaniers peut vous envoyer en prison (logique)
Canada’s privacy regulator to probe billboards equipped with facial scanning tech
Firefox Survey Finds Only 16% Feel In Control of Their Privacy Choices Online
Information warfare
The war on disinformation is a losing battle
UK calls on Europe to counter Russia’s expanding info wars
Germany summons Russian ambassador over cyberattack, election disinformation
Want to sway an election? Here’s how much fake online accounts cost
Divers
Bad OPSEC Considered Harmful
Should You Trust Your VPN Location?
Collaborateurs
Nicolas-Loïc Fortin
Crédits
Montage par Intrasecure inc
Locaux réels par Moxy Montreal Downtown
Shameless plug
25 et 26 février 2026 - SéQCure 2026
CfP
14 au 17 avril 2026 - Botconf 2026
28 et 29 avril 2026 - Cybereco Cyberconférence 2026
9 au 17 mai 2026 - NorthSec 2026
3 au 5 juin 2025 - SSTIC 2026
Notes
IA
Surfer
Block all AI browsers for the foreseeable future: Gartner
Google says Chrome’s AI creates risks only more AI can fix
Se tirer dans le pied
Gemini Enterprise No-Click Flaw Exposes Sensitive Data
Copilot’s No Code AI Agents Liable to Leak Company Data
ClickFix Style Attack Uses Grok, ChatGPT for Malware Delivery
Over the top
New OpenAI models likely to pose “high” cybersecurity risk
AI hackers are coming dangerously close to beating humans
New cybersecurity guidance paves the way for AI in critical infrastructure
AI-Powered Free Security-Audit Checklist 2026
3 ans d’audits cybersécu et finalement, c’est une IA qui trouve la faille en 4 jours
New Prompt Injection Attack via Malicious MCP Servers Let Attackers Drain Resources
‘Botnets in physical form’ are top humanoid robot risk
Building Trustworthy AI Agents
Microsoft to Bundle Security Copilot in M365 Enterprise License
Privacy Firewall - Le garde fou de vos IA
Red
Malicious Go Packages Mimic as Google’s UUID Library to Exfiltrate Sensitive Data
Ransomware gangs turn to Shanya EXE packer to hide EDR killers
Researchers spot 700 percent increase in hypervisor attacks
New Mirai Botnet Variant ‘Broadside’ Actively Attacking Users in the Wild
700+ self-hosted Git instances battered in 0-day attacks
10K Docker images spray live cloud creds across the internet
Infoblox Threat Intel: “Canadian online marketplace se…” - Infosec Exchange
Kali Linux 2025.4 released with 3 new tools, desktop updates
Apple fixes two zero-day flaws exploited in ‘sophisticated’ attacks
Blue
Windows PowerShell now warns when running Invoke-WebRequest scripts
Stop Breaking TLS
Daring Fireball: iMessage’s Delivery Architecture Makes It Hard to Block Without Blocking All iOS Push Notifications
Why a secure software development life cycle is critical for manufacturers
Le BISO, maillon opérationnel entre cybersécurité et métiers
Microsoft bounty program now includes any flaw impacting its services
MITRE Releases Top 25 Most Dangerous Software Weaknesses of 2025
Harden Windows Security - Blindez votre Windows sans installer un seul logiciel tiers !
Privacy
ICO: Home Office hushed up facial recognition biases
Hackers Can Leverage Delivery Receipts on WhatsApp and Signal to Extract User Private Information
Identité
The EFF Nails It: What’s Wrong With UK Digital ID
Why Isn’t Online Age Verification Just Like Showing Your ID In Person?
Australia social media ban: Teens navigate new world without social media as ban takes effect
Lawmaker calls facial recognition on doorbell cameras a ‘privacy nightmare’
Effacer son téléphone devant les douaniers peut vous envoyer en prison (logique)
Canada’s privacy regulator to probe billboards equipped with facial scanning tech
Firefox Survey Finds Only 16% Feel In Control of Their Privacy Choices Online
Information warfare
The war on disinformation is a losing battle
UK calls on Europe to counter Russia’s expanding info wars
Germany summons Russian ambassador over cyberattack, election disinformation
Want to sway an election? Here’s how much fake online accounts cost
Divers
Bad OPSEC Considered Harmful
Should You Trust Your VPN Location?
Collaborateurs
Nicolas-Loïc Fortin
Crédits
Montage par Intrasecure inc
Locaux réels par Moxy Montreal Downtown
