October 20, 2025

Actu - 19 ocotbre 2025 - Parce que... c'est l'épisode 0x647!

1 hour 1 minute

Parce que… c’est l’épisode 0x647!

Shameless plug

12 au 17 octobre 2025 - Objective by the sea v8

14 et 15 octobre 2025 - ATT&CKcon 6.0

14 et 15 octobre 2025 - Forum inCyber Canada

Code rabais de 30% - CA25KDUX92

4 et 5 novembre 2025 - FAIRCON 2025

8 et 9 novembre 2025 - DEATHcon

17 au 20 novembre 2025 - European Cyber Week

25 et 26 février 2026 - SéQCure 2026

CfP

31 mars au 2 avril 2026 - Forum INCYBER - Europe 2026

14 au 17 avril 2026 - Botconf 2026

28 et 29 avril 2026 - Cybereco Cyberconférence 2026

9 au 17 mai 2026 - NorthSec 2026

3 au 5 juin 2026 - SSTIC 2026

19 septembre 2026 - Bsides Montréal

Notes

AI Agent Security: Whose Responsibility Is It?

Hackers Can Bypass OpenAI Guardrails Framework Using a Simple Prompt Injection Technique

AI makes phishing 4.5x more effective, Microsoft says

How AI-powered ransomware could destroy your business

Agentic AI’s OODA Loop Problem

‘Sovereign AI’ Has Become a New Front in the US-China Tech War

Microsoft

Microsoft warns of a 32% surge in identity hacks, mainly driven by stolen passwords

Extortion and ransomware drive over half of cyberattacks

Windows 11 And Server 2025 Will Start Caching Plaintext Credentials By Enabling WDigest Authentication

Microsoft: Exchange 2016 and 2019 have reached end of support

Microsoft frightful Patch Tuesday: 175+ CVEs, 3 under attack

Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped

Windows BitLocker Vulnerabilities Let Attackers Bypass Security Feature

Edge - IE

Microsoft restricts IE mode access in Edge after zero-day attacks

Hackers Leveraging Microsoft Edge Internet Explorer Mode to Gain Access to Users’ Devices

Défensif

Identity Security: Your First and Last Line of Defense

Banks need stricter controls to prevent romance fraud, says City regulator

CVE, CVSS scores need overhauling, argues Codific CEO

How to spot dark web threats on your network using NDR

Ukraine takes steps to launch dedicated cyber force for offensive strikes

How Microsoft is creating a security-first culture that lasts

Root Cause Analysis? You’re Doing It Wrong

Modern iOS Security Features – A Deep Dive into SPTM, TXM, and Exclaves

EDR-Freeze Tool Technical Workings Along With Forensic Artifacts Revealed

Wireshark 4.6.0 Supports macOS pktap Metadata (PID, Process Name, etc.)

Offensif

Why the F5 Hack Created an ‘Imminent Threat’ for Thousands of Networks

F5 says hackers stole undisclosed BIG-IP flaws, source code

‘Highly sophisticated’ government goons hacked F5

Oracle

Google, Mandiant expose malware and zero-day behind Oracle EBS extortion

Oracle issued an emergency security update to fix new E-Business Suite flaw CVE-2025-61884

Fortigate

FortiOS CLI Command Bypass Vulnerability Let Attacker Execute System Commands

FortiPAM and FortiSwitch Manager Vulnerability Let Attackers Bypass Authentication Process

Satellite

Unencrypted satellites expose global communications

Researchers find a startlingly cheap way to steal your secrets from space

Study reveals satellites comms spilling unencrypted data

Axis Communications Vulnerability Exposes Azure Storage Account Credentials

Android Pixnapping attack can capture app data like 2FA info

Ivanti Patches 13 Vulnerabilities in Endpoint Manager Allowing Remote Code Execution

Hackers Leverage Judicial Notifications to Deploy Info-Stealer Malware

Cyberattackers Target LastPass, Top Password Managers

Devs of VS Code extensions are leaking secrets en masse

How Attackers Bypass Synced Passkeys

RealBlindingEDR Tool That Permanently Turns Off AV/EDR Using Kernel Callbacks

New PoC Exploit Released for Sudo Chroot Privilege Escalation Vulnerability

Les Uropes

Europe’s Digital Sovereignty Paradox - “Chat Control” update

Britain issues first online safety fine to US website 4chan

Cyber-attacks rise by 50% in past year, UK security agency says

Netherlands invokes special powers against Chinese-owned semiconductor company Nexperia

Divers

GrapheneOS is finally ready to break free from Pixels, and it may never look back

[ProtonVPN Lied About Logging

Blog](https://vp.net/l/en-US/blog/ProtonVPN-Lied-About-Logging)

Adam Shostack : “Yay, more age verification law…”

California enacts age verification, chatbot laws

The Guardian view on the online scam industry: authorities must not forget that perpetrators are often victims too

Insolite

TikTok Videos Promoting Malware Installation

Kevin Beaumont: “This whole thing with TLP RED …” - Cyberplace

Collaborateurs

Nicolas-Loïc Fortin

Crédits

Montage par Intrasecure inc

Locaux réels par Intrasecure inc

...more

View all episodes

By Nicolas-Loïc Fortin et tous les collaborateurs

October 20, 2025

Actu - 19 ocotbre 2025 - Parce que... c'est l'épisode 0x647!

1 hour 1 minute

Parce que… c’est l’épisode 0x647!

Shameless plug

12 au 17 octobre 2025 - Objective by the sea v8

14 et 15 octobre 2025 - ATT&CKcon 6.0

14 et 15 octobre 2025 - Forum inCyber Canada

Code rabais de 30% - CA25KDUX92

4 et 5 novembre 2025 - FAIRCON 2025

8 et 9 novembre 2025 - DEATHcon

17 au 20 novembre 2025 - European Cyber Week

25 et 26 février 2026 - SéQCure 2026

CfP

31 mars au 2 avril 2026 - Forum INCYBER - Europe 2026

14 au 17 avril 2026 - Botconf 2026

28 et 29 avril 2026 - Cybereco Cyberconférence 2026

9 au 17 mai 2026 - NorthSec 2026

3 au 5 juin 2026 - SSTIC 2026

19 septembre 2026 - Bsides Montréal

Notes

AI Agent Security: Whose Responsibility Is It?

Hackers Can Bypass OpenAI Guardrails Framework Using a Simple Prompt Injection Technique

AI makes phishing 4.5x more effective, Microsoft says

How AI-powered ransomware could destroy your business

Agentic AI’s OODA Loop Problem

‘Sovereign AI’ Has Become a New Front in the US-China Tech War

Microsoft

Microsoft warns of a 32% surge in identity hacks, mainly driven by stolen passwords

Extortion and ransomware drive over half of cyberattacks

Windows 11 And Server 2025 Will Start Caching Plaintext Credentials By Enabling WDigest Authentication

Microsoft: Exchange 2016 and 2019 have reached end of support

Microsoft frightful Patch Tuesday: 175+ CVEs, 3 under attack

Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped

Windows BitLocker Vulnerabilities Let Attackers Bypass Security Feature

Edge - IE

Microsoft restricts IE mode access in Edge after zero-day attacks

Hackers Leveraging Microsoft Edge Internet Explorer Mode to Gain Access to Users’ Devices

Défensif

Identity Security: Your First and Last Line of Defense

Banks need stricter controls to prevent romance fraud, says City regulator

CVE, CVSS scores need overhauling, argues Codific CEO

How to spot dark web threats on your network using NDR

Ukraine takes steps to launch dedicated cyber force for offensive strikes

How Microsoft is creating a security-first culture that lasts

Root Cause Analysis? You’re Doing It Wrong

Modern iOS Security Features – A Deep Dive into SPTM, TXM, and Exclaves

EDR-Freeze Tool Technical Workings Along With Forensic Artifacts Revealed

Wireshark 4.6.0 Supports macOS pktap Metadata (PID, Process Name, etc.)

Offensif

Why the F5 Hack Created an ‘Imminent Threat’ for Thousands of Networks

F5 says hackers stole undisclosed BIG-IP flaws, source code

‘Highly sophisticated’ government goons hacked F5

Oracle

Google, Mandiant expose malware and zero-day behind Oracle EBS extortion

Oracle issued an emergency security update to fix new E-Business Suite flaw CVE-2025-61884

Fortigate

FortiOS CLI Command Bypass Vulnerability Let Attacker Execute System Commands

FortiPAM and FortiSwitch Manager Vulnerability Let Attackers Bypass Authentication Process

Satellite

Unencrypted satellites expose global communications

Researchers find a startlingly cheap way to steal your secrets from space

Study reveals satellites comms spilling unencrypted data

Axis Communications Vulnerability Exposes Azure Storage Account Credentials

Android Pixnapping attack can capture app data like 2FA info

Ivanti Patches 13 Vulnerabilities in Endpoint Manager Allowing Remote Code Execution

Hackers Leverage Judicial Notifications to Deploy Info-Stealer Malware

Cyberattackers Target LastPass, Top Password Managers

Devs of VS Code extensions are leaking secrets en masse

How Attackers Bypass Synced Passkeys

RealBlindingEDR Tool That Permanently Turns Off AV/EDR Using Kernel Callbacks

New PoC Exploit Released for Sudo Chroot Privilege Escalation Vulnerability

Les Uropes

Europe’s Digital Sovereignty Paradox - “Chat Control” update

Britain issues first online safety fine to US website 4chan

Cyber-attacks rise by 50% in past year, UK security agency says

Netherlands invokes special powers against Chinese-owned semiconductor company Nexperia

Divers

GrapheneOS is finally ready to break free from Pixels, and it may never look back

[ProtonVPN Lied About Logging

Blog](https://vp.net/l/en-US/blog/ProtonVPN-Lied-About-Logging)

Adam Shostack : “Yay, more age verification law…”

California enacts age verification, chatbot laws

The Guardian view on the online scam industry: authorities must not forget that perpetrators are often victims too

Insolite

TikTok Videos Promoting Malware Installation

Kevin Beaumont: “This whole thing with TLP RED …” - Cyberplace

Collaborateurs

Nicolas-Loïc Fortin

Crédits

Montage par Intrasecure inc

Locaux réels par Intrasecure inc

...more

More shows like PolySécure Podcast

View all

Tech Café

12 Listeners

Silicon Carne, un peu de picante dans un monde de Tech !

75 Listeners

Share Actu - 19 ocotbre 2025 - Parce que... c'est l'épisode 0x647!

Sign up to save your podcasts

Actu - 19 ocotbre 2025 - Parce que... c'est l'épisode 0x647!

Actu - 19 ocotbre 2025 - Parce que... c'est l'épisode 0x647!

More shows like PolySécure Podcast

Tech Café

Silicon Carne, un peu de picante dans un monde de Tech !