Flux
Toutes les catégories

Cybersécurité

86 articles

Fragments d'un web adolescent
DevOps Programmation Cybersécurité

Fragments d'un web adolescent

J’ai exhumé quelques vieux articles tapés, adolescent, entre 1996 et 1998. Sans éclat à leur époque, ces pages composent, trois décennies plus tard, la chronique d’un temps disparu. Le mot « blog » n’existe pas encore. Wikipédia reste à venir. Google n’a pas vu le jour. AltaVista règne sur les recherches, tout en peinant déjà à embrasser l’immensité naissante du web1. Pour se rencontrer, il faut s’accorder au préalable et préparer son chemin sur des cartes de papier. 🗺️ Le web s’élance. La…

Vincent Bernat
RAID 5 avec des disques de capacités différentes sous Linux
DevOps Programmation Cybersécurité

RAID 5 avec des disques de capacités différentes sous Linux

Les solutions RAID classiques gaspillent de l’espace lorsque les disques sont de tailles différentes. Le RAID logiciel Linux avec LVM exploite la capacité totale de chaque disque et permet d’étendre le stockage en remplaçant un ou deux disques à la fois.1 Nous partons de quatre disques de taille identique : $ lsblk -Mo NAME,TYPE,SIZE NAME TYPE SIZE vda disk 101M vdb disk 101M vdc disk 101M vdd disk 101M Nous créons une partition sur chacun d’eux : $ sgdisk --zap-all --new=0:0:0 -t 0:fd00…

Vincent Bernat
Répartition du trafic sur des chaussettes UDP avec eBPF et Go
DevOps Programmation Cybersécurité

Répartition du trafic sur des chaussettes UDP avec eBPF et Go

Akvorado collecte des flux sFlow et IPFIX via UDP. Comme UDP ne retransmet pas les paquets perdus, il faut les traiter rapidement. Akvorado exécute plusieurs routines écoutant sur le même port. Le noyau devrait répartir équitablement les paquets reçus entre ces routines. Cependant, cela ne fonctionne pas comme prévu. Quelques routines présentent une perte de paquets importante : $ curl -s 127.0.0.1:8080/api/v0/inlet/metrics \ > | sed -n s/akvorado_inlet_flow_input_udp_in_dropped//p…

Vincent Bernat
TanStack npm Packages Compromised in Ongoing Mini Shai-Hulud Supply-Chain Attack
Nouveau
Cybersécurité Programmation

TanStack npm Packages Compromised in Ongoing Mini Shai-Hulud Supply-Chain Attack

The Socket Threat Research team detected a compromise across 84 npm package artifacts in the tanstack namespace. Affected packages were modified to add a suspected credential stealer targeting various CI systems, including Github Actions. All packages were flagged by Socket AI Scanner in six minutes or less after publication. Several of the newly turned malicious packages, like pkg:npm/@tanstack/react-router have over 12 million weekly downloads, and are widely consumed both directly and…

Socket
fsnotify Maintainer Dispute Sparks Supply Chain Concerns
Cybersécurité Programmation

fsnotify Maintainer Dispute Sparks Supply Chain Concerns

A dispute over maintainer access in fsnotify, a widely used Go library for cross-platform filesystem notifications, briefly raised takeover concerns this week after contributors were removed from the project’s GitHub organization and recent releases came under scrutiny. So far, there’s no evidence that any fsnotify release was compromised. The concern is messier and more familiar: when a popular project has unclear maintainer roles, release access, and review norms, downstream users can’t…

Socket
Socket Releases Free Certified Patches for Critical vm2 Sandbox Escape
Cybersécurité Programmation

Socket Releases Free Certified Patches for Critical vm2 Sandbox Escape

Socket is releasing free Certified Patches for a critical sandbox escape vulnerability in vm2, a JavaScript sandboxing library used to run untrusted code inside Node.js applications. The vulnerability, tracked as GHSA-ffh4-j6h5-pg66 and CVE-2026-26956, allows attacker-controlled JavaScript executed through VM.run() to escape the sandbox, access the host Node.js process object, and execute arbitrary operating system commands. The current GitHub advisory identifies vm2 3.10.4 as affected and…

Socket
5 Malicious NuGet Packages Impersonate Chinese UI Libraries to Distribute Crypto Wallet and Credential Stealer
Cybersécurité Programmation

5 Malicious NuGet Packages Impersonate Chinese UI Libraries to Distribute Crypto Wallet and Credential Stealer

Socket's Threat Research Team discovered five malicious NuGet packages published under the account bmrxntfj that typosquat widely used Chinese .NET UI and infrastructure libraries. Each package grafts a .NET Reactor protected infostealer payload onto a decompiled copy of a legitimate open source library. The stealer targets saved credentials across 12 browsers, 8 desktop cryptocurrency wallets, 5 browser wallet extensions and exfiltrates to a newly-registered C2 domain. Across all versions, the…

Socket
pnpm 11 Adds Supply Chain Protection Defaults for Minimum Release Age and Exotic Subdependencies
Cybersécurité Programmation

pnpm 11 Adds Supply Chain Protection Defaults for Minimum Release Age and Exotic Subdependencies

pnpm 11 has been released with new supply chain protections in place, making safer install behavior the default while still allowing teams to override those settings. The release sets Minimum Release Age to 24 hours by default, blocks exotic subdependencies by default, and introduces a new Allow Builds model for controlling dependency build scripts. pnpm 11 arrived as the JavaScript, Python, and PHP ecosystems were responding to Mini Shai-Hulud, a fresh supply chain campaign that compromised…

Socket
PyPI Fixes High-Severity Access Control Issues Found in Security Audit
Cybersécurité Programmation

PyPI Fixes High-Severity Access Control Issues Found in Security Audit

PyPI has fixed two high-severity flaws found during its second external security audit, addressing access control issues that could have allowed organization members to invite new owners and stale team permissions to persist after project transfers. The audit was performed by Trail of Bits and funded by the Sovereign Tech Agency. It reviewed Warehouse, the open source Python application that powers PyPI and handles package uploads, metadata validation, storage, and downloads for pip and other…

Socket