Actu - 25 janvier 2026 - Parce que... c'est l'épisode 0x699!
Parce que… c’est l’épisode 0x699!
Shameless plug
29 janvier 2026 - The Coming AI Hackers
25 et 26 février 2026 - SéQCure 2026
CfP
31 mars au 2 avril 2026 - Forum INCYBER - Europe 2026
14 au 17 avril 2026 - Botconf 2026
28 et 29 avril 2026 - Cybereco Cyberconférence 2026
9 au 17 mai 2026 - NorthSec 2026
3 au 5 juin 2026 - SSTIC 2026
19 septembre 2026 - Bsides Montréal
Notes
IA
Le ciel nous tombe sur la tête
New Study Shows GPT-5.2 Can Reliably Develop Zero-Day Exploits at Scale
An AI wrote VoidLink, the cloud-targeting Linux malware
AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities
AI-powered cyberattack kits are ‘just a matter of time’
Fail
West Midlands copper chief cops it after Copilot copped out
When two years of academic work vanished with a single click
L’humain dans tout ça
Could ChatGPT Convince You to Buy Something?
Why AI Keeps Falling for Prompt Injection Attacks
Google Gemini Prompt Injection Flaw Exposed Private Calendar Data via Malicious Invites
What an AI-Written Honeypot Taught Us About Trusting Machines
Microsoft & Anthropic MCP Servers at Risk of RCE, Cloud Takeovers
apply_chat_template() Is the Safety Switch
Ukraine’s new defence minister vows data-driven overhaul of military
AI Agents ‘Perilous’ for Secure Apps Such as Signal, Whittaker Says
cURL removes bug bounties
Nadella talks AI sovereignty at the World Economic Forum
Wikipedia volunteers spent years cataloging AI tells. Now there’s a plugin to avoid them.
Souveraineté
European Open Digital Ecosystems
What it’s like to be banned from the US for fighting online hate
Europe wants to end its dangerous reliance on US internet technology
Red
A scammer’s blueprint: How cybercriminals plot to rob a target in a week
Shostack + Associates > Threat Advisory: GPS Attacks [SA-26-01]
Risky Chinese Electric Buses Spark Aussie Gov’t Review
Blue
Congressional appropriators move to extend information-sharing law, fund CISA
IPv6 is not insecure because it lacks a NAT
Microsoft Teams External Domain Anomalies Allow Defenders to Detect Attackers at Earliest
Healthy Security Cultures Thrive on Risk Reporting
Privacy
Starmer stares down social media ban barrel in latest U-turn
Europe’s GDPR cops dished out €1.2B in fines last year
Microsoft Gave FBI BitLocker Encryption Keys, Exposing Privacy Flaw
Shostack + Associates > Shostack + Friends Blog > Bitlocker, the FBI, and Risk
TikTok Is Now Collecting Even More Data About Its Users. Here Are the 3 Biggest Changes
Social Analyzer - Le détective du web qui scanne vos profils sociaux (OSINT)
iCloud with Advanced Data Protection doesn’t delete your files
Divers
CISA won’t attend infosec industry’s biggest conference
You Got Phished? Of Course! You’re Human…
Internet Voting is Too Insecure for Use in Elections
Work-from-office mandate? Expect top talent turnover, culture rot
Collaborateurs
Nicolas-Loïc Fortin
Crédits
Montage par Intrasecure inc
Locaux réels par Intrasecure inc
Shameless plug
29 janvier 2026 - The Coming AI Hackers
25 et 26 février 2026 - SéQCure 2026
CfP
31 mars au 2 avril 2026 - Forum INCYBER - Europe 2026
14 au 17 avril 2026 - Botconf 2026
28 et 29 avril 2026 - Cybereco Cyberconférence 2026
9 au 17 mai 2026 - NorthSec 2026
3 au 5 juin 2026 - SSTIC 2026
19 septembre 2026 - Bsides Montréal
Notes
IA
Le ciel nous tombe sur la tête
New Study Shows GPT-5.2 Can Reliably Develop Zero-Day Exploits at Scale
An AI wrote VoidLink, the cloud-targeting Linux malware
AIs are Getting Better at Finding and Exploiting Internet Vulnerabilities
AI-powered cyberattack kits are ‘just a matter of time’
Fail
West Midlands copper chief cops it after Copilot copped out
When two years of academic work vanished with a single click
L’humain dans tout ça
Could ChatGPT Convince You to Buy Something?
Why AI Keeps Falling for Prompt Injection Attacks
Google Gemini Prompt Injection Flaw Exposed Private Calendar Data via Malicious Invites
What an AI-Written Honeypot Taught Us About Trusting Machines
Microsoft & Anthropic MCP Servers at Risk of RCE, Cloud Takeovers
apply_chat_template() Is the Safety Switch
Ukraine’s new defence minister vows data-driven overhaul of military
AI Agents ‘Perilous’ for Secure Apps Such as Signal, Whittaker Says
cURL removes bug bounties
Nadella talks AI sovereignty at the World Economic Forum
Wikipedia volunteers spent years cataloging AI tells. Now there’s a plugin to avoid them.
Souveraineté
European Open Digital Ecosystems
What it’s like to be banned from the US for fighting online hate
Europe wants to end its dangerous reliance on US internet technology
Red
A scammer’s blueprint: How cybercriminals plot to rob a target in a week
Shostack + Associates > Threat Advisory: GPS Attacks [SA-26-01]
Risky Chinese Electric Buses Spark Aussie Gov’t Review
Blue
Congressional appropriators move to extend information-sharing law, fund CISA
IPv6 is not insecure because it lacks a NAT
Microsoft Teams External Domain Anomalies Allow Defenders to Detect Attackers at Earliest
Healthy Security Cultures Thrive on Risk Reporting
Privacy
Starmer stares down social media ban barrel in latest U-turn
Europe’s GDPR cops dished out €1.2B in fines last year
Microsoft Gave FBI BitLocker Encryption Keys, Exposing Privacy Flaw
Shostack + Associates > Shostack + Friends Blog > Bitlocker, the FBI, and Risk
TikTok Is Now Collecting Even More Data About Its Users. Here Are the 3 Biggest Changes
Social Analyzer - Le détective du web qui scanne vos profils sociaux (OSINT)
iCloud with Advanced Data Protection doesn’t delete your files
Divers
CISA won’t attend infosec industry’s biggest conference
You Got Phished? Of Course! You’re Human…
Internet Voting is Too Insecure for Use in Elections
Work-from-office mandate? Expect top talent turnover, culture rot
Collaborateurs
Nicolas-Loïc Fortin
Crédits
Montage par Intrasecure inc
Locaux réels par Intrasecure inc
