ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
New Research Uncovers Connection Between VPN Apps and Multiple Security Vulnerabilities
A comprehensive security analysis has revealed alarming vulnerabilities affecting over 700 million users across multiple VPN applications, exposing critical flaws that compromise the very privacy and security these servi
New Exploit for SAP 0-Day Vulnerability Allegedly Released in the Wild by ShinyHunters Hackers
Key Takeaways1. ShinyHunters publicly released exploits for critical SAP vulnerabilities.2. Unauthenticated attackers can achieve complete system takeover and remote code execution.3. Immediately apply SAP Security Notes
New Blue Locker Ransomware Attacking Oil & Gas Sector in Pakistan
Pakistan’s National Cyber Emergency Response Team (NCERT) has issued urgent warnings to 39 government ministries following a sophisticated ransomware campaign targeting the country’s critical infrastructure. The Blue Loc
SSH Keys Are Crucial for Secure Remote Access but Often Remain a Blind Spot in Enterprise Security
Enterprise security strategies have evolved dramatically to address modern threats, yet SSH keys—critical cryptographic credentials that provide direct access to mission-critical systems—remain largely ungoverned and poo
CISA Warns of Trend Micro Apex One OS Command Injection Vulnerability Exploited in Attacks
CISA has issued a critical warning regarding a high-severity OS command injection vulnerability in Trend Micro Apex One Management Console that threat actors are actively exploiting in the wild. The vulnerability, track
Over 800 N-able servers left unpatched against critical flaws
Over 800 N-able N-central servers remain unpatched against a pair of critical security vulnerabilities tagged as actively exploited last week. [...]
Intel Websites Exploited to Hack Every Intel Employee and View Confidential Data
A series of critical vulnerabilities across multiple internal Intel websites allowed for the complete exfiltration of the company’s global employee database and access to confidential supplier information. The flaws, ste
Linux Kernel Netfilter Vulnerability Let Attackers Escalate Privileges
A critical vulnerability in the Linux kernel’s netfilter ipset subsystem has been discovered that allows local attackers to escalate privileges to root-level access. The flaw, identified in the bitmap:ip implementation
Rockwell ControlLogix Ethernet Vulnerability Let Attackers Execute Remote Code
A critical security vulnerability has been discovered in Rockwell Automation’s ControlLogix Ethernet communication modules, potentially allowing remote attackers to execute arbitrary code on industrial control systems.
What is Use-After-Free Vulnerability? – Impact and Mitigation
Use-after-free (UAF) vulnerabilities represent one of the most critical and prevalent security threats in modern software systems, particularly affecting applications written in memory-unsafe languages like C and C++. Th
Critical PostgreSQL Vulnerabilities Allow Arbitrary Code Injection During Restoration
The PostgreSQL Global Development Group has issued emergency security updates across all supported versions to address three critical vulnerabilities that could allow attackers to execute arbitrary code during database r
Weekly Cybersecurity News Recap : Microsoft, Cisco, Fortinet Security Updates and Cyber Attacks
In the week of August 11-17, 2025, the cybersecurity landscape was marked by critical updates from major vendors and a surge in sophisticated threats, underscoring the ongoing battle against digital vulnerabilities. Micr
CISA Releases Operational Technology Guide for Owners and Operators Across all Critical Infrastructure
CISA in collaboration with international partners, has released comprehensive guidance, titled “Foundations for OT Cybersecurity: Asset Inventory Guidance for Owners and Operators,” to strengthen cybersecurity defenses a
Google Awards $250,000 Bounty for Chrome RCE Vulnerability Discovery
Google has awarded a record-breaking $250,000 bounty to security researcher “Micky” for discovering a critical remote code execution vulnerability in Chrome’s browser architecture. The vulnerability allowed malicious we
Microsoft IIS Web Deploy Vulnerability Let Attackers Execute Remote Code
A critical vulnerability in the Microsoft Web Deploy tool could allow authenticated attackers to execute remote code on affected systems. The vulnerability, tracked as CVE-2025-53772, was disclosed on August 12, 2025, a
Fortinet FortiSIEM Command Injection Vulnerability (CVE-2025-25256) – Technical Details Revealed
Cybersecurity researchers from watchTowr Labs have published a comprehensive technical analysis of a critical pre-authentication command injection vulnerability affecting Fortinet FortiSIEM systems, designated as CVE-202
Cisco warns of max severity flaw in Firewall Management Center
Cisco is warning about a critical remote code execution (RCE) vulnerability in the RADIUS subsystem of its Secure Firewall Management Center (FMC) software. [...]
Cisco fixed maximum-severity security flaw in Secure Firewall Management Center
Cisco patches critical Secure Firewall Management Center flaw allowing remote code execution on vulnerable systems. Cisco released security updates to address a maximum-severity security vulnerability, tracked as CVE-202
Cisco Secure Firewall Snort 3 Detection Engine Vulnerability Enables DoS Attacks
Critical security flaw CVE-2025-20217 allows unauthenticated attackers to trigger denial-of-service conditions in Cisco’s widely deployed firewall systems Cisco has disclosed a high-severity vulnerability in its Secure F
Cisco Secure Firewall Vulnerability Allows Hackers to Inject Remote Shell Command Injection
Cisco has disclosed a critical security vulnerability in its Secure Firewall Management Center (FMC) Software that could allow unauthenticated attackers to execute arbitrary shell commands with high-level privileges remo