Voici la sélection des vulnérabilités de cybersécurité le plus critiques découvertes durant ce dernier tour de veille hebdomadaire.
Bonne lecture et merci pour le café car cette veille est produite avec un vrai cerveau non artificiel 😉
LastPass users furious after being locked out due to MFA resets
LastPass password manager users have been experiencing significant login issues starting early May after being prompted to reset their authenticator apps.
Critical Flaw Found in WordPress Plugin for WooCommerce Used by 30,000 Websites
Attention online retailers! A critical security flaw in the « Abandoned Cart Lite for WooCommerce » plugin puts over 30,000 websites at risk.
Schneider Power Meter Vulnerability Opens Door to Power Outages
A severe security vulnerability allows credentials for the power meters to continuously transmit in cleartext, allowing device takeover.
Millions of GitHub repositories vulnerable to RepoJacking: Report
AquaSec analyzed a sample of 1% of GitHub repositories and found that about 37,000 of them are vulnerable to RepoJacking, including the repositories of companies such as Google and Lyft.
These are the most hacked passwords. Is yours on the list?
Based on more than 6 million breached passwords, there are certain subjects and patterns you should avoid in your own passwords, says payment firm Dojo.
ASUS warns router customers: Patch now, or block all inbound requests
« Do as we say, not as we do! » – The patches took ages to come out, but don’t let that lure you into taking ages to install them.
Apple patch fixes zero-day kernel hole reported by Kaspersky – update now!
Apple didn’t use the words « Triangulation Trojan », but you probably will.