Kevin Poireault
LightNews LightNews
banner
leekthehack.bsky.social
Kevin Poireault
@leekthehack.bsky.social
140 followers 830 following 200 posts
Tech reporter https://linksta.cc/@kevinpoireault
Posts Replies Media Videos
Reposted by Kevin Poireault
coupecircuit.bsky.social
Pourquoi Taïwan bloque RedNote (mais pas TikTok)

Cette semaine, dans Coupe-circuit: open.substack.com/pub/coupecir...
December 22, 2025 at 4:26 PM
Reposted by Kevin Poireault
coupecircuit.bsky.social
GreatFire balance tout !

Après des mois à tenter de protéger Vultr, @greatfire.org a révélé le rôle central de l’entreprise américaine dans la censure que le géant chinois Tencent essaie de lui imposer en demandant la suppression de son site FreeWeChat.

open.substack.com/pub/coupecir...
December 17, 2025 at 12:38 PM
leekthehack.bsky.social
𝗣𝗢𝗗𝗖𝗔𝗦𝗧 🎧 𝗛𝗼𝘄 𝟮𝟬𝟮𝟱 𝗦𝗵𝗮𝗽𝗲𝗱 𝘁𝗵𝗲 𝗙𝘂𝘁𝘂𝗿𝗲 𝗼𝗳 𝗖𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆

We sat down with Rebecca Taylor from Sophos and @bushidotoken.net from @teamcymrus2.bsky.social to discuss 2025’s highs and lows in cyber and make educated guesses on what to look for in 2026.

feeds.soundcloud.com/users/soundc...
December 9, 2025 at 1:07 PM
leekthehack.bsky.social
Uganda’s authorities are mulling imposing strict controls on internet use, including the possible blocking of major social media networks ahead of the general elections scheduled for mid-January 2026.

Platforms affected include TikTok, YouTube, Facebook, Instagram and X.
coupecircuit.bsky.social Coupe-circuit 🔕🔇 @coupecircuit.bsky.social · 16d
En Ouganda, le secrétaire de la Commission électorale a révélé que les autorités du pays pourraient restreindre l’accès aux réseaux sociaux en préparation des élections générales prévues pour mi-janvier 2026.

La nouvelle édition de Courts-circuits: coupecircuit.substack.com/p/un-scrutin...
December 9, 2025 at 10:41 AM
leekthehack.bsky.social
𝗡𝗘𝗪 - 𝗨𝗞'𝘀 𝗖𝘆𝗯𝗲𝗿 𝗦𝗲𝗿𝘃𝗶𝗰𝗲 𝗳𝗼𝗿 𝗧𝗲𝗹𝗰𝗼𝘀 𝗕𝗹𝗼𝗰𝗸𝘀 𝟭 𝗕𝗶𝗹𝗹𝗶𝗼𝗻 𝗠𝗮𝗹𝗶𝗰𝗶𝗼𝘂𝘀 𝗦𝗶𝘁𝗲 𝗔𝘁𝘁𝗲𝗺𝗽𝘁𝘀

Almost one billion early-stage cyber-attacks have been prevented in the past year in the UK thanks to Share and Defend, a service run by @ncsc.gov.uk.

www.infosecurity-magazine.com/news/uk-cybe...
December 3, 2025 at 4:18 PM
leekthehack.bsky.social
𝗡𝗘𝗪 - 𝗨𝗞 𝗥𝗮𝗻𝘀𝗼𝗺𝘄𝗮𝗿𝗲 𝗣𝗮𝘆𝗺𝗲𝗻𝘁 𝗕𝗮𝗻 𝘁𝗼 𝗖𝗼𝗺𝗲 𝘄𝗶𝘁𝗵 𝗘𝘅𝗲𝗺𝗽𝘁𝗶𝗼𝗻𝘀

Speaking at the @financialtimes.com's Cyber Resilience Summit: Europe today, British Security Minister Dan Jarvis said the ban on ransomware payments will include "national security exemptions."

www.infosecurity-magazine.com/news/uk-rans...
December 3, 2025 at 4:06 PM
leekthehack.bsky.social
👀 VulnWatch Monday: CVE-2025-35028 🔓

A critical vulnerability was found by the Austin Hackers Association in HexStrike AI MCP server.

takeonme.org/cves/cve-202...
December 1, 2025 at 3:53 PM
leekthehack.bsky.social
🔎 VulnWatch Friday: CVE-2025-66022 🔓

A critical vulnerability was discovered in Faction, a pentesting report generation framework developed by Faction Security.

🔧 This issue has been patched in version 1.7.1.
🔎 nvd.nist.gov/vuln/detail/...
November 28, 2025 at 3:29 PM
leekthehack.bsky.social
𝗡𝗘𝗪 - 𝗙𝗿𝗲𝗻𝗰𝗵 𝗙𝗼𝗼𝘁𝗯𝗮𝗹𝗹 𝗙𝗲𝗱𝗲𝗿𝗮𝘁𝗶𝗼𝗻 𝗦𝘂𝗳𝗳𝗲𝗿𝘀 𝗗𝗮𝘁𝗮 𝗕𝗿𝗲𝗮𝗰𝗵

🇫🇷 The FFF detected unauthorized access to the software platform used by all licensed football clubs in France to manage administrative tasks, incl. registering their players with the federation.

📰 www.infosecurity-magazine.com/news/french-...
November 28, 2025 at 11:22 AM
leekthehack.bsky.social
🇬🇧 Cyber Security & Resilience Bill: Key Changes Revealed

Shona Lester, Head of CSR Bill Team, just shared the bill's key provisions.

Here’s what’s coming:
☑️ Expanded Regulatory Scope
☑️ Enhanced Incident Reporting
☑️ Strengthened Regulatory Powers

📰 www.infosecurity-magazine.com/news/key-pro...
November 27, 2025 at 10:48 AM
Reposted by Kevin Poireault
coupecircuit.bsky.social
Pour les plus friands de détails techniques mais pas forcément anglophones, j’ai aussi concocté un tableau résumant les résultats de l’analyse des chercheurs, à découvrir ici : datawrapper.dwcdn.net/Ea0qo/13/
November 25, 2025 at 1:40 PM
Reposted by Kevin Poireault
coupecircuit.bsky.social
Votre VPN est-il vulnérable à la censure numérique ?

Des chercheurs de l’IIIT Delhi, en Inde, se sont demandé dans quelle mesure un gouvernement pourrait détecter du trafic VPN et ainsi (potentiellement) le bloquer.

On vous explique ce qu'ils ont trouvé ⬇️

coupecircuit.substack.com/p/vpn-voici-...
November 25, 2025 at 1:39 PM
leekthehack.bsky.social
🚨 𝐎𝐩. 𝐄𝐧𝐝𝐠𝐚𝐦𝐞 3.0 𝐃𝐢𝐬𝐦𝐚𝐧𝐭𝐥𝐞𝐬 𝐑𝐡𝐚𝐝𝐚𝐦𝐚𝐧𝐭𝐡𝐲𝐬, 𝐕𝐞𝐧𝐨𝐦𝐑𝐀𝐓 𝐚𝐧𝐝 𝐄𝐥𝐲𝐬𝐢𝐮𝐦

The third "season" of Operation Endgame resulted in:
🗄️ Over 1025 servers taken down or disrupted
🌐 20 domains seized
🚪 11 locations searched
👮 One arrest

📰 www.infosecurity-magazine.com/news/operati...
November 13, 2025 at 1:02 PM
leekthehack.bsky.social
𝐏𝐎𝐃𝐂𝐀𝐒𝐓 - 𝐇𝐨𝐰 𝐏𝐫𝐢𝐯𝐚𝐭𝐞 𝐑𝐞𝐬𝐞𝐚𝐫𝐜𝐡𝐞𝐫𝐬 𝐀𝐫𝐞 𝐓𝐚𝐤𝐢𝐧𝐠 𝐃𝐨𝐰𝐧 𝐑𝐚𝐧𝐬𝐨𝐦𝐰𝐚𝐫𝐞 𝐎𝐩𝐞𝐫𝐚𝐭𝐢𝐨𝐧𝐬

I sat down with Matthew Maynard, a cybersecurity pro by day and a cyber ghost-buster by night, who doesn’t just hunt vulnerabilities, but haunts the hackers themselves.

🎧 Listen here: feeds.soundcloud.com/users/soundc...
November 5, 2025 at 11:02 AM
leekthehack.bsky.social
𝘗𝘦𝘳𝘴𝘰𝘯𝘢𝘭 𝘰𝘱𝘪𝘯𝘪𝘰𝘯: 𝐂𝐲𝐛𝐞𝐫𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐑𝐞𝐩𝐨𝐫𝐭𝐢𝐧𝐠 𝐒𝐡𝐨𝐮𝐥𝐝𝐧’𝐭 𝐉𝐮𝐦𝐩 𝐭𝐨 𝐆𝐞𝐨𝐩𝐨𝐥𝐢𝐭𝐢𝐜𝐚𝐥 𝐂𝐨𝐧𝐜𝐥𝐮𝐬𝐢𝐨𝐧𝐬 (𝐄𝐬𝐩𝐞𝐜𝐢𝐚𝐥𝐥𝐲 𝐖𝐢𝐭𝐡𝐨𝐮𝐭 𝐄𝐯𝐢𝐝𝐞𝐧𝐜𝐞)

The latest cyberattack on airports is a serious incident that warrants thorough investigation. (1/5)

www.infosecurity-magazine.com/news/airport...
Airport Chaos Enters Third Day After Supply Chain Attack
Heathrow, Brussels, Dublin and Berlin airports are among those disrupted by a cyber-attack on Collins Aerospace
www.infosecurity-magazine.com
September 22, 2025 at 7:30 PM
leekthehack.bsky.social
EXCLUSIVE - Why Three Vendors Pulled Out of ‘Cybersecurity Olympics’

Microsoft, SentinelOne and Palo Alto Networks have decided not to take part in the 2025 edition of MITRE’s EDR test.

I spoke with MITRE CTO to understand what motivated these moves.

www.infosecurity-magazine.com/news/cyber-v...
September 22, 2025 at 1:03 PM
Reposted by Kevin Poireault
metacurity.com
Hackers calling themselves SafePay. carried out a ransomware attack on the five-star K Club resort in Co Kildare as it prepared to host some of the world’s top golfers at the Irish Open this past weekend.
www.thetimes.com/world/irelan...
Cyberattack on K Club before Irish Open
The five-star resort was hit by a ransomware attack, with leaked data including financial records, IT documentation and administrative information
www.thetimes.com
September 8, 2025 at 12:29 PM
Reposted by Kevin Poireault
metacurity.com
Cybersecurity firm Netskope eyes up to $6.5 billion valuation in US IPO
www.reuters.com/business/cyb...
Cybersecurity firm Netskope eyes up to $6.5 billion valuation in US IPO
Netskope is seeking a valuation of up to $6.5 billion in its initial public offering in the United States, the cloud-based cybersecurity firm said on Monday, signaling investors' appetite for new listings.
www.reuters.com
September 8, 2025 at 12:22 PM
Reposted by Kevin Poireault
metacurity.com
Hackers are using security reports to translate technical problems into “partial malicious code” as part of the “vibe coding” trend.
www.trendmicro.com/vinfo/us/sec...
Do Security Blogs Enable Vibe-Coded Cybercrime?
Security companies routinely publish detailed analyses of security incidents, making attacker tactics, techniques, and procedures (TTPs) widely known and visible. These reports often provide comprehen...
www.trendmicro.com
September 4, 2025 at 10:39 AM
leekthehack.bsky.social
𝐂𝐈𝐒𝐀 2015 𝐒𝐚𝐟𝐞 𝐇𝐚𝐫𝐛𝐨𝐫 𝐚𝐭 𝐑𝐢𝐬𝐤 𝐚𝐬 𝐒𝐞𝐩𝐭𝐞𝐦𝐛𝐞𝐫 30 𝐃𝐞𝐚𝐝𝐥𝐢𝐧𝐞 𝐍𝐞𝐚𝐫𝐬

⌛As the expiration date for the Cybersecurity Information Sharing Act of 2015 looms in the US, I spoke to experts about the provisions the Act offers and the debates surrounding the renewal and the consequences of non-renewal.
September 2, 2025 at 11:04 AM
Reposted by Kevin Poireault
coupecircuit.bsky.social
𝐕𝐨𝐭𝐫𝐞 𝐕𝐏𝐍 𝐞𝐬𝐭-𝐢𝐥 𝐮𝐧 𝐜𝐡𝐞𝐯𝐚𝐥 𝐝𝐞 𝐓𝐫𝐨𝐢𝐞 𝐜𝐡𝐢𝐧𝐨𝐢𝐬 ? 🇨🇳

D’après 3 études, des dizaines d’applis VPN (Google Play Store/Apple App Store) sont liées entre elles… et certaines appartiennent à Qihoo 360, proche de l’armée chinoise.

🔗 Nouvelle édition de Coupe-Circuit : open.substack.com/pub/coupecir...
August 31, 2025 at 3:29 PM
leekthehack.bsky.social
🔎 VulnWatch Friday: CVE-2025-57819 🔓

The Sangoma FreePBX Security Team has warned of a vulnerability being exploited in the wild.

FreePBX is an open-source graphical user interface (GUI) for managing Asterisk, the popular open-source Private Branch Exchange (PBX) and telephony platform.
August 29, 2025 at 2:53 PM
leekthehack.bsky.social
🧐 VulnWatch Wednesday: CVE-2025-7775 🔓

Citrix has released patches for three critical zero days in NetScaler ADC and Gateway, one of which was already being exploited by attackers.

According to Kevin Beaumont, exploit campaigns 🎯CVE-2025-7775 began before the patches were made available.
August 27, 2025 at 10:55 AM
leekthehack.bsky.social
🧐 VulnWatch Wednesday: CVE-2025-31324 🔓

A critical vulnerability in SAP NetWeaver is now being widely exploited following the release of public exploit tooling.

🆕 The public availability of the full source code makes the exploit easy to use even for attackers with little technical expertise.
August 20, 2025 at 4:10 PM
leekthehack.bsky.social
𝐋𝐞𝐠𝐢𝐭𝐢𝐦𝐚𝐭𝐞 𝐂𝐡𝐫𝐨𝐦𝐞 𝐕𝐏𝐍 𝐄𝐱𝐭𝐞𝐧𝐬𝐢𝐨𝐧 𝐓𝐮𝐫𝐧𝐬 𝐭𝐨 𝐁𝐫𝐨𝐰𝐬𝐞𝐫 𝐒𝐩𝐲𝐰𝐚𝐫𝐞

FreeVPN.One, a popular Google-featured browser VPN extension, recently turned malicious and is now spying on users’ every move online.

A good read from Koi Security on 𝑰𝒏𝒕𝒆𝒓𝒏𝒂𝒕𝒊𝒐𝒏𝒂𝒍 𝑽𝑷𝑵 𝑫𝒂𝒚

www.infosecurity-magazine.com/news/chrome-...
August 19, 2025 at 1:01 PM