_MUNGKHOOD_STUDIO_shutterstock.jpg?width=720&quality=80&disable=upscale)
Bonjour,
admin d’un framadate classique pour mon association, je viens de tester la version Beta. Cela fonctionne au top, bel effort 
ma question est si cette version beta est jugee fiable? Si je partage le lien du sondage à mes utilisateurs, le lien fonctionnera toujours après la phase beta?
Merci!
4 messages - 2 participant(e)s
Le 28 mai dernier, Framasoft était interviewée par l'association Data For Good
On a évoqué beaucoup de sujets : l'histoire de Framasoft, son positionnement, LaSuite numérique, les communs, l'IA, etc. (et même quelques teasers et spoilers 🤫)
Merci à Paul et à toute l'équipe D4G de nous avoir permis de partager tout cela avec leurs bénéficiaires 😊
Webinaire #25 : D4G x Framasoft avec Pierre-Yves Gosset, coordinateur des services numériques de l'association
Enregistrée le 28 mai 2026 par Data For Good
A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affiliates 90 percent of any ransom paid by victims. This post examines clues pointing to a real life identity for the administrator of The Gentlemen ransomware group.
A graphic created and shared by The Gentlemen ransomware group administrator Hastalamuerte on Breachforums in May 2026. Credit: ke-la.com.
Experts at the security firm Check Point Software have been closely covering exploits of The Gentlemen, a so-called “ransomware-as-a-service” (RaaS) offering that pays affiliates handsomely to help spread the group’s malware.
“A 90/10 affiliate revenue split — compared to the industry standard 80/20 — is accelerating the group’s growth by attracting experienced operators from competing programs,” the researchers wrote in April.
Check Point found The Gentlemen are the second most active ransomware group by victim count so far this year, claiming at least 332 published victims since the group’s inception in mid-2025 and more than 240 in 2026 alone.
According to Check Point, the group targets Internet-facing devices (VPNs, firewalls) as their entry point, and once inside moves quickly to encrypt entire networks within hours.
Check Point says the administrator and primary operator of the ransomware group uses the nickname Zeta88 on the Russian-language cybercrime forums, and that this individual was previously known under the moniker Hastalamuerte. Check Point noted that a breach of the group’s backend infrastructure made it clear that Hastalamuerte/Zeta88 is the person who assembles the locker and RaaS panel, manages payments, and is essentially the administrator of the entire program who receives 10 percent of all ransoms.
The cyber intelligence firm Intel 471 shows that the user Hastalamuerte is a Russian and English speaking person who registered on almost a dozen cybercrime forums between 2019 and the present day, including Exploit, Breachforums, Ramp_V2, BHF, Raidforums, and Nulled.
Intel 471 reveals that Hastalamuerte registered on Breachforums in January 2025 from an Internet address in Izhevsk, the capital city of Russia’s Udmurt Republic. Likewise, the user Zeta88 signed up at the English-language cybercrime forum Breached in August 2022 from a different Internet address in Izhevsk.
Intel 471 finds Hastalamuerte registered on Raidforums in 2020 using the email address hastalamuerte1488@protonmail.com (1488 is a common combination of two numeric symbols associated with white supremacy). A lookup on this address at the open source intelligence service Epieos shows it is connected to an account at Apple and to a phone number ending in 04.
Epieos says that Protonmail address is also linked to a GitHub account under the username SantaMuerte. That account is marked private, but a history of this user’s activity shows they are watching and developing a number of malware tools and exploits.
In April 2020, Hastalamuerte said on the crime forum Nulled that they could be contacted at the Telegram instant messenger name @hastalamuerte18, and the threat intelligence company Flashpoint finds this username is assigned the unique Telegram ID number 30907522 [full disclosure: Flashpoint is an advertiser on this blog].
The breach tracking service Constella Intelligence reports that Hastalamuerte’s Telegram ID is connected to another username — “bu4vs” — and to the Russian phone number 79127650004. Pivoting on this phone number in Constella fetches multiple records from hacked Russian government databases showing it is assigned to one Alexander Andreevich Yapaev, a 36-year-old from Izhevsk.
Constella reveals that phone number was used to create an account at the Russian social media platform Pikabu under the name “4apai18,” and shows Mr. Yapaev has signed up at a number of websites using the common surname Ivanov, or else “Chapaev” (the numeral 4 is often used as shorthand for a “ch” sound in Russian).
A search in Intel 471 for cybercrime forum members with the nickname SantaMuerte unearths an account by the same name created in 2020 on the Russian hacking forum Codeby. Intel 471 shows this user originally registered on Codeby with the not-so-subtle nickname Alexandr 4apaev.
Constella finds Mr. Yapaev regularly used the email address bu4vs@mail.ru. Meanwhile, Epieos shows this address is connected to a LinkedIn account for Alexander Yapaev, who lists himself as the head of B2B marketing at the company Uralenergo Udmurtia, one of Russia’s largest suppliers of electrotechnical and lighting products.
Mr. Yapaev did not respond to multiple requests for comment.
Nearly every time we publish one of these Breadcrumbs stories, readers are curious to know why it seems like so many cybercriminals from Russia apparently do little to hide their real life identities. The truth is that — Russian or not — most didn’t exactly set out to be arch criminals, but instead got drawn into the scene gradually over several years as their skills broadened and sharpened.
Another important dynamic is that the Russian government generally either co-opts or ignores cybercriminal activity within its borders so long as the hackers do not steal from or attack Russian businesses and citizens. As a result, successful cybercriminals in Russia are usually insulated from prosecution and arrest by foreign law enforcement agencies provided they occasionally pay off the right people and do not travel abroad. And cybercriminals who intend to strictly adhere to those unwritten rules may (at least initially) be less concerned about covering their tracks online.
But the simplest explanation is that cybercriminals of all nationalities tend to make a number of basic operational security mistakes early in their careers, when they are less savvy and have far less to lose by their carelessness. A review of Hastalamuerte’s early posts on the crime forums (circa 2019-2020) shows a relatively unsophisticated and low-skilled hacker still trying to learn the ropes and earn a positive reputation on these communities.
For example, in June 2020 Hastalamuerte’s Telegram account joined a multi-month training program (@pntst) to learn how to use popular penetration testing tools, and their candid posts to this hacker training camp show Hastalamuerte struggling to use these tools effectively. A Google-translated record of Hastalmuerte’s posts to @pntst is here.
Update, June 11, 10:23 a.m. ET: The threat research group PRODAFT has released a detailed writeup on the history and current operations of The Gentlemen. PRODAFT said its findings match the same persona with “high confidence,” and found the administrator (Zeta88/Hastalamuerte) supplies affiliates with initial access directly, primarily Fortinet SSL-VPN credentials obtained through brute-force attacks or sourced from the group’s own leak database. They also discovered the administrator is using AI to develop and maintain the ransomware and associated tooling, as well as to assist with post-exploitation activity.
Non è possibile sostituire Carola Frediani, fondatrice, anima e colonna portante di Guerre di Rete. Allo stesso tempo, sappiamo per certo che l’ultima cosa che Carola avrebbe voluto è che questo progetto terminasse.
Carola ha sempre voluto ampliare e far crescere Guerre di Rete. Non c’era nulla che le desse più soddisfazione che individuare nuovi collaboratori e collaboratrici, allargare la squadra della redazione, trasformare ciò che era nato come una newsletter personale in un progetto collettivo.
È per questo che Guerre di Rete va avanti, in memoria di Carola e d’accordo con la sua famiglia.
Guerre di Rete prosegue mantenendo inalterato il patto con il lettore. Il nostro continuerà a essere un giornalismo rigoroso, approfondito, autonomo e indipendente.
I nostri lettori e le nostre lettrici sono coloro che ci permettono di andare avanti, finanziando un progetto che quindi solo a loro vuole e deve rispondere.
Il lavoro di Carola Frediani è la nostra bussola. L’affetto e la stima che proviamo per lei è la ragione per cui vogliamo portare avanti la sua missione.
Lo faremo con tutte le nostre forze.
La redazione di Guerre di Rete
L'articolo Guerre di Rete continua, in memoria di Carola Frediani proviene da Guerre di Rete.
In city after city, the Trump administration’s immigration crackdown has been met by protests and rallies from members of the local community opposed to the White House’s deportation policies. Federal agents from the Customs and Border Protection and Immigration and Customs Enforcement have repeatedly attempted to break up and drive back these crowds through the use of airborne irritants like tear gas and pepper spray, which can cause an array of immediate reactions — from eye pain to shortness of breath to nausea and vomiting — intended to temporarily disable their targets.
DHS has defended its use of these weapons on crowds and said that it “does NOT target children,” but after reviewing news accounts, lawsuits and officer-worn body camera footage, as well as verifying incidents by interviewing more than 40 victims or witnesses, ProPublica recently identified more than six dozen instances in which children had been harmed by tear gas and pepper spray.
Here are five things you should know about how these airborne weapons have been used during Trump’s immigration crackdown and how their use has particularly harmed children.
So-called less lethal weapons like tear gas and pepper spray were developed to inflict severe pain and debilitate adult combatants and rioters, but ProPublica identified 79 children across the country since 2025 who have been harmed by these chemicals after they were deployed by federal immigration officers. Our tally is nearly four times the number cited in a recent congressional report, yet it is likely still a vast undercount.
The Department of Homeland Security has defended its agents’ use of the chemicals and claimed the blame lies with “agitators” in the crowds and parents who put their children in harm’s way. Many children harmed by tear gas and pepper spray were in their cars, at home or walking to school when they came into contact with the airborne weapons.
There is no one such thing as “tear gas.” It’s a catch-all term for various chemical irritants that exist as a fine powder and trigger nerve endings to feel as if they’re on fire. The chemicals sear your lungs and throat, inflaming your airways until it feels like you’re breathing through a straw, while snot and tears stream down your face. They can cause vomiting, rashes and coughs that last for weeks. Pepper spray is made from compounds found in hot peppers and causes similar effects.
Because children breathe more rapidly and can pull in more contaminated air than adults relative to their body weight, these weapons are particularly dangerous to the young. Children are also more vulnerable because they have narrower airways and they are closer to the ground, where tear gas tends to pool after being deployed. The Trump administration’s use of tear gas has been so extraordinary that no one yet knows what long-term harm may result from children who’ve come into contact with these chemicals — some of them multiple times.
In November 2025, a federal judge in Illinois ruled that ICE and CBP officers had deployed these chemicals “without justification, often without warning” against people who didn’t pose a physical threat. This constituted an illegal use of excessive force, said the judge, ordering the agencies to stop. But her injunction covered only the areas mentioned in the complaint. Agents were unfettered to continue using the weapons elsewhere.
After federal agents in Portland, Oregon, responded to a Jan. 31 rally by firing various less-lethals into the crowd — including Triple Chaser grenades that each separated into three tear gas canisters; dozens of pepper ball projectiles filled with chemical munitions; and “rubber ball grenades” that released stinging pellets, bright lights, and loud sounds — a judge there issued a temporary restraining order that forbade federal agents from using chemical munitions unless targeted at someone who posed “an imminent threat of physical harm.”
However, appellate courts have subsequently vacated the Illinois judge’s ruling and multiple rulings from judges in Portland seeking to enjoin the use of these weapons.
Though the Trump administration has defended agents’ training and said ICE officers are taught to use “the minimum amount of force necessary to resolve dangerous situations,” not only can tear gas canisters launched into a crowd bounce and roll unpredictably, but the toxic chemicals can travel through the air, sometimes for blocks. In Minneapolis, ProPublica found that tear gas had traveled at least a quarter mile before seeping into a McDonald’s.
Derrick Nash and his family live a block and a half east of an ICE facility in Broadview, Illinois. Even from that distance, they felt the effects inside their homes when officers tear-gassed protesters. Each time the tear gas seeped in, the kids — ages 6 to 17 — coughed, and their throats often burned. The eldest, a high school senior with asthma, would hide out in his second-floor bedroom. One evening, his face turned red as he coughed uncontrollably and sucked on his inhaler without relief.
“He was wigging out, saying, ‘I can’t breathe,’” Nash recalled. The family considered calling an ambulance, but the street was closed.
Law enforcement policies governing the use of tear gas and pepper spray differ widely by location, and no federal standard exists. The DHS policy on force says officers must use tactics that “minimize the risk of unintended injury” and should be guided by “respect for human life.” The CBP’s policy says officers “should not use” pepper spray or “less-lethal” chemical munitions against “small children.” ICE’s policy says “the presence of other officers, subjects, or bystanders” are a factor in determining whether an officers’ use of force is reasonable.
Compare that with tear gas policies in two cities that have experienced Trump’s immigration crackdown firsthand. In Portland, police officers who consider using tear gas must take into account their proximity to homes. Meanwhile, Minneapolis forbids officers from using chemical munitions for crowd control unless authorized by the police chief — even when officers fear they will be physically harmed.
Requiring all law enforcement agencies to adopt uniform policies and training methods would go a long way, experts told ProPublica. At the same time, they acknowledge that this would likely require Congress to pass a bill mandating that federal law enforcement entities adopt stricter practices and incentivize local police departments to do the same.
Bills that seek to strengthen use-of-force training on such a wide scale and legislation that targets DHS and its use of these weapons have thus far failed to even make it to a vote in Congress. Following ProPublica’s investigation, U.S. lawmakers have begun demanding reforms to immigration officers’ use of these weapons.
The post What You Need to Know About How Tear Gas Harms Kids appeared first on ProPublica.
Microsoft today released software updates to plug nearly 200 security holes across its Windows operating systems and supported software, a record number of fixes for the company’s monthly Patch Tuesday cycle. Nearly three dozen of those bugs earned Microsoft’s most dire “critical” rating, and exploit code for at least three of the weaknesses is now publicly available.
The software giant said in a blog post last month that both its engineers and the security community are increasing using artificial intelligence tools to find bugs, meaning this month’s heavy Patch Tuesday may start to become the norm, said Satnam Narang, senior staff research engineer at Tenable.
“Some surveys put AI usage among security professionals generally at 90%, so it’s unsurprising that this volume of patches may be the norm,” Narang said. “Pandora’s proverbial box has been opened, and as more advanced AI models become available, we expect the norm to continue upward across the board, not just for Patch Tuesday.”
June’s zero-day bugs include CVE-2026-49160, a denial of service vulnerability affecting a range of web servers, including Microsoft Internet Information Services (IIS). Microsoft says the flaw was reported by OpenAI’s Codex.
Two of the zero-days addressed this month appear to stem from recent vulnerability disclosures by Nightmare Eclipse, the nickname chosen by a security researcher who has been dropping exploits for various Windows flaws. One of those, dubbed “GreenPlasma,” leverages an elevation of privilege weakness in the Windows Collaborative Translation Framework, the same framework patched today in CVE-2026-45586.
Nightmare Eclipse also last month released “YellowKey,” an exploit for a Windows BitLocker vulnerability that allows an attacker with physical access to view encrypted data, and CVE-2026-50507 is a patch for an elevation of privilege bug in BitLocker.
Microsoft received heavy blowback on social media last month after it said in a blog post that it was considering taking legal action against the security researcher. The company later clarified on Twitter/X that while it has no intention of pursuing legal actions against researchers, it would report them to authorities if they break the law. The advisories for CVE-2026-49160 and CVE-2026-50507 do not credit any researchers in the acknowledgement section, saying only that “Microsoft recognizes the efforts of those in the security community who help us protect customers through coordinated vulnerability disclosure.”
Nightmare Eclipse claims to be a former employee of Microsoft, although Microsoft has not responded to questions about this claim. Rapid7 notes that a recent blog post by Nightmare Eclipse included an image of Albert Wesker, a character from the Resident Evil video game series who formerly worked as a researcher for a technology company before going rogue.
Nightmare Eclipse has pledged to release even more zero-day exploits for Windows in what they called a “bone shattering” drop planned for July 14 (the same day as next month’s Patch Tuesday). Immediately following the release of Microsoft patches today, the researcher published an exploit for what they claimed was a zero-day bug in Windows Defender.
While 200 vulnerabilities may be a record for Patch Tuesday, the actual number of security flaws Microsoft addressed this month is far higher, said Rapid7’s Adam Barnett.
“So far this month, Microsoft has provided patches to address 360 browser vulnerabilities, which is an order of magnitude more than has been typical in any given month over the past few years,” Barnett wrote. “As usual, browser [flaws] are not included in the Patch Tuesday count above. Indeed, the vast, and presumably sustained, uptick in the number of browser vulnerabilities has led to Microsoft no longer enumerating Chromium CVEs in the Security Update Guide.”
Microsoft also patched a zero-day vulnerability in Visual Studio Code that allows attackers to steal GitHub tokens with a single click. The company was forced to push a stopgap fix for the flaw on June 3, after a researcher published instructions showing how to exploit it. The researcher said they opted not to work with Microsoft because of a recent experience wherein Redmond silently patched a flaw they reported without offering credit or recognition.
Microsoft battled its own internal zero-day emergencies last week, after at least 72 of the company’s public code repositories were infected with a variant of the Shai-Hulud worm. Researchers found that all of the affected packages were connected to Microsoft official Azure Durable Task SDK, which got hit by the same Shai-Hulud worm in May.
Other major software makers are also shipping outsized update bundles this month. Adobe has released updates to fix a massive number of critical vulnerabilities across a range of products, including Adobe Experience Manager, Acrobat Reader and Cold Fusion. On June 3, Google resolved a whopping 429 vulnerabilities in its latest Chrome browser update (Chrome automatically downloads updates but installing them usually requires a complete restart of the browser).
As ever, please consider backing up your data before applying operating system updates, and drop a note in the comments if you run into any problems with this month’s patches.
Further reading:
Microsoft’s Security Update Guide
Accedi
