CVE-2026-20700 – Apple corrige sa première faille zero-day de 2026 : patchez ! https://www.it-connect.fr/cve-2026-20700-apple-corrige-sa-premiere-faille-zero-day-de-2026-patchez/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #Apple

Update your iPhones to iOS 26.3, CVE-2026-20700 is pretty bad!

https://go.theregister.com/feed/www.theregister.com/2026/02/12/apple_ios_263/

Here's a summary of recent global, technology, and cybersecurity news from the last 24 hours:

Globally, Canada mourned 10 lives lost in a mass shooting in British Columbia (February 12).

In technology, Samsung began mass production of HBM4 with ultimate performance for AI computing (February 12). Waymo also launched fully autonomous operations with its 6th-generation Driver (February 12).

For cybersecurity, Google reported state-backed hackers are using Gemini AI for reconnaissance and attack support (February 12). Apple patched an actively exploited zero-day vulnerability (CVE-2026-20700) affecting iOS, macOS, and other devices (February 12). Additionally, Palo Alto Networks reportedly chose not to publicly link a global cyberespionage campaign to China over fears of retaliation (February 13).

#News #Anonymous #AnonNews_irc

Global cybersecurity remains critical: Threat actors are actively exploiting Google's Gemini AI for varied attack stages, from reconnaissance to phishing. Apple has patched a critical zero-day vulnerability (CVE-2026-20700) exploited in sophisticated attacks. CISA updated its KEV Catalog with four new vulnerabilities, urging immediate remediation. Furthermore, the EU launched a new ICT Supply Chain Security Toolbox to enhance risk mitigation. (Feb 12-13, 2026)

#Cybersecurity #AnonNews_irc #News

‼️ CISA has added 3 vulnerabilities to the KEV Catalog

CVE-2025-15556: Notepad++ Download of Code Without Integrity Check Vulnerability: Notepad++ when using the WinGUp updater, contains a download of code without integrity check vulnerability that could allow an attacker to intercept or redirect update traffic to download and execute an attacker-controlled installer. This could lead to arbitrary code execution with the privileges of the user.

CVE-2026-20700: Apple Multiple Buffer Overflow Vulnerability: Apple iOS, macOS, tvOS, watchOS, and visionOS contain an improper restriction of operations within the bounds of a memory buffer vulnerability that could allow an attacker with memory write the capability to execute arbitrary code.

CVE-2024-43468: Microsoft Configuration Manager SQL Injection Vulnerability: Microsoft Configuration Manager contains an SQL injection vulnerability. An unauthenticated attacker could exploit this vulnerability by sending specially crafted requests to the target environment which are processed in an unsafe manner enabling the attacker to execute commands on the server and/or underlying database.

It took less than a day. A PoC for BeyondTrust CVE-2026-1731 hit GitHub, and GreyNoise immediately started seeing reconnaissance from multi-exploit actors hiding behind VPNs + custom tooling. See what our data reveals about who’s mapping targets + how.

🔗 https://www.greynoise.io/blog/reconnaissance-beyondtrust-rce-cve-2026-1731

Had a case this week of a fairly secure deployment of BeyondTrust, but vulnerable to CVE-2026-1731. With basically zero egress, I implemented a timing oracle POC instead. Takes about 20 minutes to get the ls command output in this demo, but hey, it works! :D

Threat actors are actively exploiting CVE-2026-1731 (9.9) in BeyondTrust Remote Support & PRA.

Attackers extract portal data, then open WebSocket channels to trigger unauthenticated RCE.

🔗 Read → https://thehackernews.com/2026/02/researchers-observe-in-wild.html

Patches are out, but exploitation started fast.

Here's a summary of the latest critical news in technology and cybersecurity:

State-backed hackers are reportedly leveraging Google's Gemini AI for reconnaissance and attack support. A critical BeyondTrust Remote Code Execution vulnerability (CVE-2026-1731) is being actively exploited in the wild. CISA has added four new exploited vulnerabilities to its Known Exploited Vulnerabilities Catalog. In technology, Samsung commenced shipping of industry-first HBM4 memory for AI computing, and HKUST announced a major advance in calcium-ion battery technology.

#AnonNews_irc #Cybersecurity #Anonymous #News

Literally

(CVE)

Update: We’ve published free Socket Certified Patches for the next-mdx-remote RCE vulnerability (CVE-2026-0969).
No dependency upgrade required, and you don’t have to be a Socket customer to use them.

Details: https://socket.dev/blog/high-severity-rce-vulnerability-disclosed-in-next-mdx-remote
#NextJS

CVE-2025-49144 is a local privilege escalation in the Notepad++ installer that abuses how regsvr32.exe is called during setup.
We break down:
• what it looks like on real systems
• why Sysmon catches it cleanly
• a high-signal Graylog search + Sigma rule
https://graylog.org/post/detecting-notepad-cve-2025-49144-using-sysmon-logs/

⚠️ CVE-2026-25227 (CRITICAL, CVSS 9.1): Code injection in goauthentik authentik via delegated permissions. Patch to 2025.8.6, 2025.10.4, or 2025.12.4 urgently. Audit permissions & monitor test endpoint usage. https://radar.offseq.com/threat/cve-2026-25227-cwe-94-improper-control-of-generati-cc39f642 #OffSeq #authentik #infosec #CVE

🔐 CVE-2026-25227
CVE-2026-25227

📊 CVSS Score: 9.1
⚠️ Severity: Critical
📅 Published: 02/12/2026, 08:16 PM
🏷️ Aliases: CVE-2026-25227
🛡️ CWE: CWE-94
🔗 CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H (security-advisories@github.com)
📚 References: https://github.com/goauthentik/authentik/commit/c691afaef164cf73c10a26a944ef2f11dbb1ac80 https://github.com/goauthentik/authentik/releases/tag/version/2025.10.4

🔗 https://hecate.pw/vulnerability/CVE-2026-25227

#cve #vulnerability #hecate

CISA has added a critical code execution flaw in Notepad++ to its Known Exploited Vulnerabilities (KEV) catalog.

Notepad++ is a widely used open-source text editor popular among developers and IT teams.

The vulnerability (CVE-2025-15556) allows attackers to intercept or manipulate update traffic, tricking users into installing malicious payloads. The issue has been fixed in version 8.8.9 and all later releases.

‼️ CISA has added 3 vulnerabilities to the KEV Catalog

CVE-2025-15556: Notepad++ Download of Code Without Integrity Check Vulnerability: Notepad++ when using the WinGUp updater, contains a download of code without integrity check vulnerability that could allow an attacker to intercept or redirect update traffic to download and execute an attacker-controlled installer. This could lead to arbitrary code execution with the privileges of the user.

CVE-2026-20700: Apple Multiple Buffer Overflow Vulnerability: Apple iOS, macOS, tvOS, watchOS, and visionOS contain an improper restriction of operations within the bounds of a memory buffer vulnerability that could allow an attacker with memory write the capability to execute arbitrary code.

CVE-2024-43468: Microsoft Configuration Manager SQL Injection Vulnerability: Microsoft Configuration Manager contains an SQL injection vulnerability. An unauthenticated attacker could exploit this vulnerability by sending specially crafted requests to the target environment which are processed in an unsafe manner enabling the attacker to execute commands on the server and/or underlying database.

2 vulnerabilities in HAProxy have been fixed:
CVE-2026-26080 and CVE-2026-26081. DoS affecting QUIC

https://www.haproxy.com/blog/cves-2026-quic-denial-of-service