Kevin Poireault

London

Reporter at Infosecurity Magazine

🇬🇧 Reporter @InfosecurityMag 📧 [email protected] 🇫🇷 Co-👶 @TeknolojiaNews • 👶 @Coupe_Circuit | 🌍 ⚽🥊

Featured in: Favicon

infosecurity-magazine.com Favicon

rfi.fr

lesinrocks.com Favicon

usinenouvelle.com Favicon

usine-digitale.fr Favicon

jeuneafrique.com Favicon

newsbreak.com Favicon

theafricareport.com Favicon

sifted.eu

msn.com + 2 more

Articles

Chinese Hackers Exploit Backdoor to Spy on European Businesses

1 week ago | infosecurity-magazine.com | Kevin Poireault

A Chinese cyber espionage tool initially made for intrusion into Linux systems has been used to spy on European organizations via Windows. On April 15, European cybersecurity company NVISO published a report with new findings on BRICKSTORM, a backdoor linked to the China-nexus cluster UNC5221 previously believed to target Linux vCenter servers. In the report, NVISO researchers shared that they discovered two new BRICKSTORM samples affecting Windows environments.
DPRK Hackers Exploit LinkedIn to Infect Developers with Infostealers

1 week ago | infosecurity-magazine.com | Kevin Poireault

If you are a developer working on cryptocurrency projects, beware of people trying to hire you on LinkedIn – they could be North Korean hackers. In an April 14 report, Unit 42, Palo Alto Networks’ research branch, shared new findings about Slow Pisces, a hacking group affiliated with the North Korean regime. In a new malicious campaign that started in 2024, the group has been posing as recruiters on LinkedIn, targeting developers of cryptocurrency projects with malicious coding challenges.
Organizations Found to Address Only 21% of GenAI-Related Flaws

1 week ago | infosecurity-magazine.com | Kevin Poireault

Organizations remediate only 48% of all vulnerabilities with detected exploits, according to a new study by Pentesting-as-a-Service (PTaaS) firm Cobalt. This number is even more concerning for generative AI (GenAI) applications and tools, with only 21% of flaws discovered being resolved. These findings come from Cobalt’s latest State of Pentesting Report, published on April 14.
Prodaft Offers Deal to Buy Dark Web Accounts from Hacking Forum Users

1 week ago | infosecurity-magazine.com | Kevin Poireault

Cyber threat intelligence firm Prodaft is encouraging users of the most notorious cybercrime-focused dark web forums to turn over a new leaf and sell their accounts to the good guys. In a world-first initiative called SYS, the European-based company has offered to buy vetted accounts within five key cybercrime forums, XSS, Exploit in, RAMP4U, Verified and Breachforums.
NVD Revamps Operations as Vulnerability Reporting Surges

1 week ago | infosecurity-magazine.com | Kevin Poireault

After a tumultuous year marked by internal turmoil and a mounting vulnerability backlog, the National Vulnerability Database (NVD) team within the US National Institute of Standards and Technology (NIST) has finally stabilized. However, the NVD is now facing a new challenge: a surge in vulnerability reporting that has sent its backlog soaring, threatening to outpace the team's revitalized efforts.
Cyble Urges Critical Vulnerability Fixes Affecting Industrial Systems

1 week ago | infosecurity-magazine.com | Kevin Poireault

Multiple industrial control system (ICS) devices are affected by vulnerabilities carrying critical severity ratings up to a 9.9 CVSS base score. In an April 10 blog post, Cyble urged users of Rockwell Automation, Hitachi Energy and Inaba Denki Sangyo, three industrial hardware providers, to patch critical vulnerabilities in their products.
Ransomware Attacks Hit All-Time High as Payoffs Dwindle

2 weeks ago | infosecurity-magazine.com | Kevin Poireault

A recent surge in ransomware claims might signal that the profitability of the cybercriminal trade is beginning to falter and payouts are dwindling. Several cyber threat reports recently showed that ransomware attack claims reached record-breaking levels at the beginning of 2025. However, victims appear to be resisting demands in many cases.
Three-Quarters of IT Leaders Fear Nation-State AI Cyber Threats

2 weeks ago | infosecurity-magazine.com | Kevin Poireault

AI is at the top of most IT leaders' minds when asked about the cyber threats their organizations could face, according to a recent Armis survey. Almost three-quarters (74%) of respondents said that AI-powered attacks significantly threaten their organization’s security. A similar share (73%) added that they specifically feared that nation-state hackers’ AI capabilities could enable future sophisticated cyber-attacks.
CISA Warns of CrushFTP Vulnerability Exploitation in the Wild

2 weeks ago | infosecurity-magazine.com | Kevin Poireault

The US top cybersecurity agency has confirmed that the critical vulnerability in file transfer solution provider CrushFTP’s product is being exploited in the wild. The authentication bypass vulnerability, CVE-2025-31161, was added to the Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) catalog on April 7.
Malicious Microsoft VS Code Extensions Used in Cryptojacking Campaign

2 weeks ago | infosecurity-magazine.com | Kevin Poireault

An unknown threat actor is deploying a large-scale, sophisticated cryptojacking campaign through a series of malicious extensions in Visual Studio Code, Microsoft’s lightweight source-code editor, according to a group of security researchers. In a new report shared exclusively with Infosecurity, researchers from newly founded cybersecurity startup ExtensionTotal observed that at least nine extensions recently uploaded in the VS Code marketplace were malicious.