Actu - 30 novembre 2025 - Parce que... c'est l'épisode 0x671!
Parce que… c’est l’épisode 0x671!
Shameless plug
25 et 26 février 2026 - SéQCure 2026
CfP
27 février 2026 - Blackout
14 au 17 avril 2026 - Botconf 2026
28 et 29 avril 2026 - Cybereco Cyberconférence 2026
9 au 17 mai 2026 - NorthSec 2026
3 au 5 juin 2026 - SSTIC 2026
juin 2026 - leHACK
Notes
IA
Vibe coding: What is it good for? Absolutely nothing
The slow rise of SBOMs meets the rapid advance of AI
Malveillant
How Malware Authors Incorporate LLMs to Evade Detection
KawaiiGPT - Free WormGPT Variant Leveraging DeepSeek, Gemini, and Kimi-K2 AI Models
LLMs Tools Like GPT-3.5-Turbo and GPT-4 Fuels the Development of Fully Autonomous Malware
Amazon Is Using Specialized AI Agents for Deep Bug Hunting
OpenAI dumps Mixpanel after analytics breach hits API users
Gibberifier
Souveraineté
Europe Is Bending the Knee to the US on Tech Policy
NATO taps Google for air-gapped sovereign cloud
Canadian data order risks blowing a hole in EU sovereignty
Underwater Cables That Carry the Internet Are in Trouble
Social media giants liable for financial scams under new EU law
Switzerland: Data Protection Officers Recommend Broad Cloud Ban for Authorities
Pluralistic: (Digital) Elbows Up (28 Nov 2025) – Pluralistic: Daily links from Cory Doctorow
Red
Threats Actors Leverage Python-based Malware to Inject Process into a Legitimate Windows Binary
New Fluent Bit Flaws Expose Cloud to RCE and Stealthy Infrastructure Intrusions
ClickFix
Hackers Tricks macOS Users to Execute Command in Terminal to Deliver FlexibleFerret Malware
Beware of Weaponized Google Meet page that uses ClickFix to deliver Malicious Payload
ClickFix attack uses fake Windows Update screen to push malware
Malicious Blender model files deliver StealC infostealing malware
HashiCorp Vault Vulnerability Allow Attackers to Authenticate to Vault Without Valid Credentials
Cheap Device Bypasses AMD, Intel Memory Encryption
Advanced Security Isn’t Stopping Old Phishing Tactics
Des outils de formatage de code ont exposé des milliers de mots de passe
Over 390 Abandoned iCalendar Sync Domains Could Expose ~4 Million Devices to Security Risks
Public GitLab repositories exposed more than 17,000 secrets
Blue
Leonardo unveils ‘Michelangelo Dome’ AI-powered shield system
Ex-CISA officials, CISOs aim to stop the spread of hacklore
Mobile phones : Threat landscape since 2015
Air Force practices operating from cut-off bases in fierce future war
Airbus: We were hours from pausing production in Spain
Microsoft to secure Entra ID sign-ins from script injection attacks
Privacy
Mind-reading devices can now predict preconscious thoughts: is it time to worry?
One Tech Tip: Modern cars are spying on you. Here’s what you can do about it
Proton Meet: Secure, end-to-end encrypted video conferencing
Chat Control - 3 ans de débats pour accoucher d’un truc qui ne sert à rien
GrapheneOS: “We no longer have any active s…” - GrapheneOS Mastodon
GrapheneOS bails on OVHcloud over France’s privacy stance
European Parliament for mandatory age verification for social media
Collaborateurs
Nicolas-Loïc Fortin
Crédits
Montage par Intrasecure inc
Locaux réels par Intrasecure inc
Shameless plug
25 et 26 février 2026 - SéQCure 2026
CfP
27 février 2026 - Blackout
14 au 17 avril 2026 - Botconf 2026
28 et 29 avril 2026 - Cybereco Cyberconférence 2026
9 au 17 mai 2026 - NorthSec 2026
3 au 5 juin 2026 - SSTIC 2026
juin 2026 - leHACK
Notes
IA
Vibe coding: What is it good for? Absolutely nothing
The slow rise of SBOMs meets the rapid advance of AI
Malveillant
How Malware Authors Incorporate LLMs to Evade Detection
KawaiiGPT - Free WormGPT Variant Leveraging DeepSeek, Gemini, and Kimi-K2 AI Models
LLMs Tools Like GPT-3.5-Turbo and GPT-4 Fuels the Development of Fully Autonomous Malware
Amazon Is Using Specialized AI Agents for Deep Bug Hunting
OpenAI dumps Mixpanel after analytics breach hits API users
Gibberifier
Souveraineté
Europe Is Bending the Knee to the US on Tech Policy
NATO taps Google for air-gapped sovereign cloud
Canadian data order risks blowing a hole in EU sovereignty
Underwater Cables That Carry the Internet Are in Trouble
Social media giants liable for financial scams under new EU law
Switzerland: Data Protection Officers Recommend Broad Cloud Ban for Authorities
Pluralistic: (Digital) Elbows Up (28 Nov 2025) – Pluralistic: Daily links from Cory Doctorow
Red
Threats Actors Leverage Python-based Malware to Inject Process into a Legitimate Windows Binary
New Fluent Bit Flaws Expose Cloud to RCE and Stealthy Infrastructure Intrusions
ClickFix
Hackers Tricks macOS Users to Execute Command in Terminal to Deliver FlexibleFerret Malware
Beware of Weaponized Google Meet page that uses ClickFix to deliver Malicious Payload
ClickFix attack uses fake Windows Update screen to push malware
Malicious Blender model files deliver StealC infostealing malware
HashiCorp Vault Vulnerability Allow Attackers to Authenticate to Vault Without Valid Credentials
Cheap Device Bypasses AMD, Intel Memory Encryption
Advanced Security Isn’t Stopping Old Phishing Tactics
Des outils de formatage de code ont exposé des milliers de mots de passe
Over 390 Abandoned iCalendar Sync Domains Could Expose ~4 Million Devices to Security Risks
Public GitLab repositories exposed more than 17,000 secrets
Blue
Leonardo unveils ‘Michelangelo Dome’ AI-powered shield system
Ex-CISA officials, CISOs aim to stop the spread of hacklore
Mobile phones : Threat landscape since 2015
Air Force practices operating from cut-off bases in fierce future war
Airbus: We were hours from pausing production in Spain
Microsoft to secure Entra ID sign-ins from script injection attacks
Privacy
Mind-reading devices can now predict preconscious thoughts: is it time to worry?
One Tech Tip: Modern cars are spying on you. Here’s what you can do about it
Proton Meet: Secure, end-to-end encrypted video conferencing
Chat Control - 3 ans de débats pour accoucher d’un truc qui ne sert à rien
GrapheneOS: “We no longer have any active s…” - GrapheneOS Mastodon
GrapheneOS bails on OVHcloud over France’s privacy stance
European Parliament for mandatory age verification for social media
Collaborateurs
Nicolas-Loïc Fortin
Crédits
Montage par Intrasecure inc
Locaux réels par Intrasecure inc
