The widely used file compression tool for Windows, WinRAR, has just released version 7.13 to address a severe security vulnerability identified as CVE-2025-8088. This flaw, discovered by ESET security researchers, specifically affects the Windows version of WinRAR, targeting the UNRAR.dll library. The vulnerability allows attackers to craft malicious archive files that, when extracted by a user, trick WinRAR into writing files to a location of the attacker’s choosing instead of […]
Mobil Sherpa+ from MobilWithUs is a one-stop embedded security software becoming popular in the automotive industry. As vehicles evolve into software-defined systems, manufacturers face strict regulatory requirements to integrate robust security features across numerous electronic control units (ECUs). Yet many OEMs and Tier 1/2 suppliers lack deep cybersecurity expertise and struggle with varying hardware and software environments. Mobil Sherpa+ tackles this by bundling diverse security requirements into a single, customizable […]
Microsoft’s Threat Intelligence team has identified a now-fixed security vulnerability in Apple’s macOS Spotlight search tool that could have allowed unauthorized access to sensitive user data. The issue, internally dubbed “Sploitlight”, stemmed from how Spotlight handled plugin files and potentially bypassed Apple’s privacy protection framework known as Transparency, Consent, and Control (TCC).The flaw made it possible for attackers to exploit Spotlight’s plugin system—components that normally help index app content for […]
Formez vous à l’OSINT avec OpenFacto
OpenFacto est une association loi 1901 dont l’objectif est de fédérer et de promouvoir la scène OSINT francophone.
Unseen threats can have serious consequences. In homes, schools or hospitals, small drones can slip past cameras or radar and invade privacy or safety. On factory floors and construction sites, hidden impacts or mechanical faults in vehicles may go unheard until it’s too late, leading to accidents or costly downtime.Traditional systems often leave blind spots: cameras need a clear line of sight, and radar systems struggle to spot small, low-flying […]
A recent cybersecurity warning highlights significant risks associated with AI-powered browser agents, especially for users of Chrome and Microsoft Edge. According to cybersecurity firm SquareX, the widespread adoption of agentic AI—AI tools capable of autonomously performing tasks—may pose an escalating threat to enterprise security.Browser AI agents are now used by approximately 79% of organizations, mainly to boost productivity by automating tasks. However, unlike human users, these agents lack the ability […]
The U.S. House of Representatives has officially banned the use of WhatsApp, the messaging platform owned by Meta Platforms, on all House-issued devices. According to a memo circulated on Monday by the Chief Administrative Officer’s Office of Cybersecurity, WhatsApp has been classified as a “high risk” application due to significant concerns over data protection and transparency.The memo outlines three main reasons for the ban: insufficient transparency regarding WhatsApp’s data protection […]
Connexion
