News

40,000 CVEs a Year, 72 Hours to Respond: MOABI at Cyber On Board 2026

The third edition of Cyber On Board opens today on the Giens Peninsula: three days of scientific conferences, panel discussions, and exchanges centered on embedded cybersecurity, the resilience of critical systems, and technological sovereignty. The opening day sets the tone. Following the official welcome by Patrick Radja, VP Cybersecurity Director at Naval Group, the program moves into a keynote on AI and cybersecurity in embedded environments, followed by two substantial panels: one on technological sovereignty in the face of the rise of embedded AI, featuring representatives from NVIDIA, Valeo, and the French Gendarmerie; the other on regulation and cooperation at the heart of critical systems (rail, naval, aerospace), with SNCF, Alstom, and the French Navy’s General Staff. When Security Tools Become the Attack Vector The timing of this edition is especially telling. This past March, the cybersecurity community experienced a shock that captures, on its own, the very issues being addressed at Cyber On Board. On March 19, 2026, Trivy, one of the most widely used open-source vulnerability scanners in the world, developed by Aqua Security, was compromised in a sophisticated software supply chain attack. In other words, a tool designed to protect the software supply chain became the vehicle for its compromise. The mechanism is striking. Attackers force-pushed malicious code to 75 of the 76 version tags of Trivy’s official GitHub Action, turning the security scanner into a credential-stealing tool. In practice, the malicious code ran silently before the legitimate scanner, so workflows appeared to complete normally. Yet this tool runs at the heart of thousands of CI/CD pipelines, on every pull request, every merge, every deployment, with access to pipeline secrets by design. The outcome: cloud credentials, SSH keys, and Kubernetes tokens exfiltrated within hours. This episode reflects a deeper trend that the industry leaders gathered at Giens know well: attackers are moving upstream, increasingly targeting trusted tools, dependencies, and infrastructure rather than end applications. In this environment, relying solely on vendor metadata or version matching is no longer enough. It has become essential to analyze what actually runs in production. Tomorrow: Jonathan Brossard’s Presentation This is precisely the challenge that Jonathan Brossard, Founder and CTO of MOABI, will address in his talk on Wednesday, May 27, at 11:30 a.m., in the Software & Drone scientific conference session. His topic: practical vulnerability management under regulatory constraints for modern PSIRTs. This has become a structural challenge for product security teams. With more than 40,000 CVEs published in a single year, that is over a hundred new vulnerabilities every business day, and regulations such as the Cyber Resilience Act, NIS2, and DORA imposing remediation deadlines of 24 to 72 hours, traditional methods are reaching their limits. This is all the more true in embedded and industrial environments, where source code is sometimes no longer available, where firmware has been modified, and where life cycles span several decades. The Rest of the Week: Sessions Worth Watching Wednesday, dedicated to scientific conferences, brings together several major defense players. ArianeGroup will present its work on software obfuscation in industrial contexts and its integration into the development life cycle. Thales will speak on black-box analysis of security components, a subject closely related to MOABI’s own. Airbus Defence & Space will share lessons learned from the SOC dedicated to Airbus Helicopters products, while Naval Group will address the security evaluation of real-time embedded systems. Thursday continues this momentum with a strong focus on compliance and defense. Black Duck Software will open the day with the concrete impacts of the Cyber Resilience Act on R&D organizations, echoing directly the regulatory constraints raised by Jonathan. At 10:00 a.m., the MBDA x Alcyconie case study, presented by Stéphanie Ledoux, will focus on preparing embedded systems engineering teams for cyber crisis management, beyond the CERT perimeter alone. The French Navy will outline its approach to cyber training in the face of an exponentially growing threat, and KNDS will offer lessons learned from adopting post-quantum cryptography in vehicle computers and weapon systems. It is a program that confirms a fundamental shift: embedded cybersecurity is no longer a purely technical matter. It has become a regulatory, industrial, and strategic constraint for the entire sector. A full article covering Jonathan’s presentation and the discussions from these three days will follow later this week.

Read More »

Feedback: the Cyber Founder Tour in Sophia Antipolis ; bridging research, entrepreneurship and real-world practice

On 9 April, we took part in the Cyber Founder Tour in Sophia Antipolis, an event dedicated to the creation and acceleration of cybersecurity start-ups. Held in the ALPHA building, at the heart of the technology park, the event brought together researchers, entrepreneurs, industry representatives and institutional stakeholders around a common goal: to foster and structure the cybersecurity start-ups of the future. A format designed to drive projects forward The day is structured around three key elements: This format is particularly valuable because it goes beyond simply sharing ideas: it allows projects, hypotheses and strategies to be put to the test in a practical way. Academic–industrial collaboration: a key issue At this year’s event, our CTO, Jonathan Brossard, took part in a panel discussion on a fundamental topic: collaboration between academic research and industry. This topic lies at the heart of innovation in cybersecurity. On the one hand, research produces significant technical advances: reverse engineering, vulnerability analysis, new analytical methods. On the other, industry imposes significant constraints: The challenge is not simply to transfer research to industry but to successfully align these two worlds without losing either technical rigour or the ability to deploy at scale. Concrete exchanges with the ecosystem Beyond the conferences, one of the highlights of the day was the one-to-one meetings with industry representatives and institutional stakeholders. These discussions enable participants to: It is often during these discussions that projects evolve most rapidly. The ecosystem present, including notably stakeholders from research, support and funding, demonstrates just how cybersecurity is now a key issue at both regional and national levels. A key point: structuring the cyber ecosystem This type of event highlights a fundamental point: 👉 cybersecurity cannot be built in isolation It relies on a balance between: The Cyber Founder Tour perfectly illustrates this dynamic by bringing these stakeholders together in one place, with a clear objective: to accelerate the transformation of ideas into concrete solutions. What we take away from MOABI At MOABI, this type of event is directly in line with our positioning. We operate at the intersection of advanced cybersecurity research and practical industrial applications These exchanges enable us to compare our technical approaches, refine our use cases and better understand the expectations of industry and institutions They also confirm a key point:👉 issues relating to software security and the software supply chain are becoming increasingly central to discussions. Conclusion The Cyber Founder Tour confirms the importance of these hybrid formats, which sit halfway between a conference, mentoring and targeted networking. In a field as complex as cybersecurity, progress comes not only from technology, but also from the ability to bring the right stakeholders together at the right time. We are delighted to have been able to take part and engage with the ecosystem.

Read More »

Feedback: what we took away from Insomni’hack 2026

We’ve just returned from Insomni’hack, a must-attend hacking conference in Europe, with our conviction further strengthened:cybersecurity remains a field where hands-on practice, experimentation and direct dialogue play a vital role. We would like to thank EPFL once again for their invitation and for allowing us to participate in the event with a stand. Over the course of these few days, we had the opportunity to attend several talks, engage with numerous stakeholders in the ecosystem and discover some particularly interesting technical approaches. Here are a few key takeaways. A stark reminder of the reality of cyberattacks The principal highlight was the screening of the documentary “Don’t go to the police”, presented by Orange Cyberdefense. This type of content offers a different perspective:less technical in form, but extremely concrete in substance. It highlights: This kind of feedback serves as a reminder that behind the vulnerabilities and exploits, there are above all organisations facing complex situations, often in a state of emergency. Demonstrations that reflect the reality on the ground Among the technical demonstrations, some focused on specific attack scenarios, particularly those involving embedded systems. A striking example:a demonstration showing how a vehicle, such as a Tesla, can be targeted via a vector as simple as a USB port. Without going into technical details, this type of demonstration highlights several key points: These examples clearly illustrate the difficulty of securing modern systems, where hardware, software and user interfaces are deeply intertwined. A community as active as ever Beyond the talks, Insomni’hack remains first and foremost a place for exchange. We were able to speak with: These exchanges, often informal, allow us to compare approaches, discover new ideas and better understand the challenges encountered in the field. This is also what makes this type of event so valuable:the opportunity to step outside the usual framework to discuss technical matters directly and openly. What we take away from it This type of conference highlights several key points: Insomni’hack confirms, once again, the importance of technical events within the cybersecurity ecosystem. They not only enable us to keep pace with developments in the field, but also to compare ideas, share feedback and fuel technical discussions. We leave with numerous avenues to explore, fresh ideas, and a desire to continue delving into these topics.

Read More »