ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
New ‘Curly COMrades’ APT Hackers Attacking Targeting Critical Organizations in Countries
A sophisticated new threat actor group dubbed “Curly COMrades” has emerged as a significant cybersecurity concern, conducting targeted espionage campaigns against critical organizations in countries experiencing substant
Hackers Could Gain Full Control of Your Rooted Android Devices by Exploiting One Vulnerability
A critical security vulnerability discovered in popular Android rooting frameworks could allow malicious applications to completely compromise rooted devices, giving attackers full system control without user knowledge.
Microsoft Office Vulnerabilities Let Attackers Execute Malicious Code Remotely
Microsoft released critical security updates, addressing three serious vulnerabilities in Microsoft Office that could allow attackers to execute remote code on affected systems. The vulnerabilities, tracked as CVE-2025-
FortiWeb Authentication Bypass Vulnerability Let Attackers Log in As Any Existing User
A critical authentication bypass vulnerability in FortiWeb allows unauthenticated remote attackers to impersonate any existing user on affected systems. The vulnerability, tracked as CVE-2025-52970 with a CVSS score of
New Windows 0-Click NTLM Credential Leakage Vulnerability Bypasses Microsoft’s Patch
A critical zero-click NTLM credential leakage vulnerability that circumvents Microsoft’s recent patch for CVE-2025-24054. The newly identified flaw, assigned CVE-2025-50154, allows attackers to extract NTLM hashes from
Multiple Chrome High-Severity Vulnerabilities Let Attackers Execute Arbitrary Code
Google Chrome has released a critical security update addressing six vulnerabilities that could potentially enable arbitrary code execution on affected systems. The stable channel update to version 139.0.7258.127/.128 f
Critical FortiSIEM Vulnerability Let Attackers to Execute Malicious Commands – PoC Found in Wild
A critical security vulnerability in the Fortinet FortiSIEM platform that allows unauthenticated attackers to execute arbitrary commands remotely. The vulnerability CVE-2025-25256, classified as CWE-78 (OS Command Injec
SAP fixed 26 flaws in August 2025 Update, including 4 Critical
SAP’s August 2025 Patch Tuesday released 15 new security notes, including critical fixes, plus four updates to previously released patches. SAP’s August 2025 Patch Tuesday delivers 15 new security notes, including critic
Microsoft Patch Tuesday, August 2025 Edition
Microsoft today released updates to fix more than 100 security flaws in its Windows operating systems and other software. At least 13 of the bugs received Microsoft's most-dire "critical" rating, meaning they could be ab
BlackSuit Ransomware Servers Attacking U.S. Critical Infrastructure Seized by Law Enforcement Seizes
In a coordinated international operation, law enforcement agencies successfully dismantled critical infrastructure belonging to the BlackSuit ransomware group, also known as Royal, marking a significant victory in the on
Microsoft Releases Windows 11 Cumulative Updates (KB5063878, KB5063875) August 2025 with New Features
Microsoft has released the Windows 11 August 2025 Cumulative Updates, KB5063878 for version 24H2 and KB5063875 for versions 22H2 and 23H2, delivering critical stability fixes and new features released along with Microsof
Microsoft Teams RCE Vulnerability Let Attackers Read, Write and Delete Messages
Microsoft disclosed a significant remote code execution (RCE) vulnerability in its Teams collaboration software as part of its August 2025 Patch Tuesday updates. The critical flaw, identified as CVE-2025-53783, could all
Dutch NCSC: Citrix NetScaler zero-day breaches critical orgs
Dutch NCSC warns CVE-2025-6543 Citrix bug, a memory overflow flaw, is being exploited to breach critical organizations in the Netherlands. The Dutch NCSC warns that the critical Citrix NetScaler flaw CVE-2025-6543 has be
Microsoft Patch Tuesday August 2025 Released – 107 Vulnerabilities Fixed Including 36 RCE
Microsoft released August Patch Tuesday security updates, addressing a 107 vulnerabilities across its product ecosystem. The update includes fixes for 90 vulnerabilities, with 13 classified as Critical, 76...
Eight critical RCE flaws make Microsoft’s latest Patch Tuesday list
<p>No fewer than eight critical flaws that could allow a threat actor to achieve remote code execution (RCE) on a targeted system are listed in <a href="https://msrc.microsoft.com/update-guide/" target="_blank" rel="noop
17,000+ VMware ESXi Servers Vulnerable to Critical Integer-Overflow Vulnerability
More than 17,000 VMware ESXi installations worldwide are at risk from a severe integer-overflow vulnerability tracked as CVE-2025-41236 (CVSS 9.3), cybersecurity researchers warn. This critical vulnerability, first flagg
Critical Zoom Clients for Windows Vulnerability Lets Attackers Escalate Privileges
Zoom has disclosed a critical vulnerability affecting multiple Windows-based clients, potentially allowing attackers to escalate privileges and compromise user systems. Designated as CVE-2025-49457 under bulletin ZSB-250
Ivanti Connect Secure, Policy Secure and ZTA Vulnerabilities Let Attackers Trigger DoS Attack
Ivanti has released critical security updates addressing multiple high and medium-severity vulnerabilities across its Connect Secure, Policy Secure, and Zero Trust Access (ZTA) gateway products. The vulnerabilities, ide
7000+ Citrix NetScaler Devices Still Vulnerable to CVE-2025-5777 and CVE-2025-6543
Over 7,000 Citrix NetScaler appliances remain unpatched against two critical vulnerabilities: CVE-2025-5777 and CVE-2025-6543. Despite multiple advisories from Citrix, CISA’s KEV catalog entries, and updates from nation
Over 3,000 NetScaler devices left unpatched against CitrixBleed 2 bug
Over 3,300 Citrix NetScaler devices remain unpatched against a critical vulnerability that allows attackers to bypass authentication by hijacking user sessions, nearly two months after patches were released. [...]