ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
15,00 Jenkins Servers With Vulnerable Git Parameter Plugin Enables Command Injection
A critical security vulnerability affecting thousands of Jenkins servers worldwide has emerged as a significant threat to enterprise infrastructure. CVE-2025-53652, initially classified as medium severity, affects the wi
SAP Security Patch Day – 15 Vulnerabilities Patched including 3 Critical Injection Vulnerabilities
SAP released a comprehensive security update on August 12th, 2025, addressing 15 new vulnerabilities across its enterprise software portfolio, including three critical code injection flaws that pose significant risks to
Critical Vulnerability in Carmaker Portal Let Hackers Unlock the Car Remotely
A severe flaw in a major automaker’s dealer portal allowed unauthorized attackers to register for dealer accounts, escalate privileges to a national administrator, and ultimately control vehicles remotely. The vulnerabi
Smart Bus Systems Vulnerability Let Hackers Remotely Track and Control Vehicles
A newly discovered security flaw in leading smart bus systems threatens to expose passenger safety and fleet integrity. Researchers have identified a critical vulnerability CVE-2025-44179 in the remote management interf
NCSC Warns of Citrix Netscaler Vulnerability CVE-2025-6543 Exploited to Breach Orgs
The Dutch National Cyber Security Centre (NCSC-NL) has issued an urgent warning about sophisticated cyberattacks targeting critical infrastructure through a zero-day vulnerability in Citrix NetScaler devices. The vulnera
Erlang/OTP SSH RCE Vulnerability Exploited in the Wild to Attack Across OT Networks
A critical remote code execution vulnerability in Erlang/OTP’s SSH daemon has been actively exploited in the wild, with cybercriminals targeting operational technology networks across multiple industries. CVE-2025-32433,
Netherlands: Citrix Netscaler flaw CVE-2025-6543 exploited to breach orgs
The Netherlands' National Cyber Security Centre (NCSC) is warning that a critical Citrix NetScaler vulnerability tracked as CVE-2025-6543 was exploited to breach "critical organizations" in the country. [...]
CVE-2025-54366
Currently trending CVE - Hype Score: 8 - FreeScout is a lightweight free open source help desk and shared inbox built with PHP (Laravel framework). In versions 1.8.185 and below, there is a critical deserialization vulne
Hackers Weaponized Linux Webcams as Attack Tools to Inject Keystrokes and Launch Attacks
A critical vulnerability was uncovered that transforms ordinary Linux-powered webcams into weaponized BadUSB attack tools, enabling remote hackers to inject malicious keystrokes and compromise target systems without dete
Critical Vulnerabilities Uncovered in Zero Trust Network Access Products of Check Point Zscaler and NetSkope
Critical cybersecurity vulnerabilities have been identified in enterprise-level Zero Trust Network Access solutions, potentially enabling malicious actors to breach corporate networks with relative ease. AmberWolf securi
Xerox FreeFlow Vulnerabilities leads to SSRF and RCE Attacks
An urgent security update has been released for Xerox FreeFlow Core software, addressing two critical vulnerabilities that could allow attackers to execute remote code and perform server-side request forgery attacks. Th
WinRAR 0-Day in Phishing Attacks to Deploy RomCom Malware
A critical zero-day vulnerability has been identified in WinRAR that cybercriminals are actively exploiting through sophisticated phishing campaigns to distribute RomCom malware. The flaw, designated as CVE-2025-8088, r
GPT-5 Jailbreaked With Echo Chamber and Storytelling Attacks
Researchers have compromised OpenAI’s latest GPT-5 model using sophisticated echo chamber and storytelling attack vectors, revealing critical vulnerabilities in the company’s most advanced AI system. The breakthrough de
ChatGPT Connectors ‘0-click’ Vulnerability Let Attackers Exfiltrate Data From Google Drive
A critical vulnerability in OpenAI’s ChatGPT Connectors feature allows attackers to exfiltrate sensitive data from connected Google Drive accounts without any user interaction beyond the initial file sharing. The attack,
New Linux Kernel Vulnerability Directly Exploited from Chrome Renderer Sandbox Via Rare Linux Socket Feature
August 9, 2025 — A critical vulnerability in the Linux kernel, identified as CVE-2025-38236, has exposed a flaw that could allow attackers to escalate privileges from within the Chrome renderer sandbox on Linux systems.
BitUnlocker – Multiple 0-days to Bypass BitLocker and Extract All Protected Data
Researchers have disclosed a series of critical zero-day vulnerabilities that completely bypass Windows BitLocker encryption, allowing attackers with physical access to extract all protected data from encrypted devices i
28,000+ Microsoft Exchange Servers Vulnerable to CVE-2025-53786 Exposed Online
Over 28,000 unpatched Microsoft Exchange servers are exposed on the public internet and remain vulnerable to a critical security flaw designated CVE-2025-53786, according to new scanning data released on August 7, 2025,
Axis Camera Server Vulnerabilities Exposes Thousands of Organizations to Attack
Critical security flaws in Axis Communications’ surveillance infrastructure have left over 6,500 organizations worldwide vulnerable to sophisticated cyberattacks, with potential impacts spanning government agencies, educ
ECScape: Exploiting ECS Protocol on EC2 to Exfiltrate Cross-Task IAM and Execution Role Credentials
A sophisticated technique dubbed “ECScape” that allows malicious containers running on Amazon Elastic Container Service (ECS) to steal AWS credentials from other containers sharing the same EC2 instance. The discovery hi
CISA orders fed agencies to patch new Exchange flaw by Monday
CISA has issued an emergency directive ordering all Federal Civilian Executive Branch (FCEB) agencies to mitigate a critical Microsoft Exchange hybrid vulnerability tracked as CVE-2025-53786 by Monday morning at 9:00 AM