ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Critical Android vulnerabilities patched—update as soon as you can
Google has patched 6 vulnerabilities in Android including two critical ones, one of which can compromise a device without the user needing to do anything.
Critical Android System Component Vulnerability Allows Remote Code Execution Without User Interaction
<html><body><p>Google released its August 2025 Android Security Bulletin on August 4, revealing a critical vulnerability that poses significant risks to Android device users worldwide. The most severe flaw, designated C
NVIDIA Triton Vulnerability Chain Let Attackers Take Over AI Server Control
<html><body><p>A critical vulnerability chain in NVIDIA’s Triton Inference Server that allows unauthenticated attackers to achieve complete remote code execution (RCE) and gain full control over AI servers. The vulnerab
CVE-2025-54782
<html><body>Currently trending CVE - Hype Score: 7 - Nest is a framework for building scalable Node.js server-side applications. In versions 0.2.0 and below, a critical Remote Code Execution (RCE) vulnerability was disco
FUJIFILM Printers Vulnerability Let Attackers Trigger DoS Condition
<html><body><p>A critical security vulnerability affecting multiple FUJIFILM printer models could allow attackers to trigger denial-of-service (DoS) conditions through malicious network packets. The vulnerability, track
Black Hat USA: Halcyon and Sophos tag-team ransomware fightback
<html><body><p>Cyber protection specialists <a href="https://www.halcyon.ai/" target="_blank" rel="noopener">Halcyon</a> and <a href="https://www.sophos.com/en-gb" target="_blank" rel="noopener">S
Threat Actors Exploitation Attempts Spikes as an Early Indicator of New Cyber Vulnerabilities
<html><body><p>Cybersecurity researchers have uncovered a groundbreaking pattern that could revolutionize how organizations prepare for emerging threats. A comprehensive analysis reveals that spikes in malicious attacker
Critical HashiCorp Vulnerability Let Attackers Execute Arbitrary Code on Underlying Host
<html><body><p>A critical HashiCorp security vulnerability affecting Vault Community Edition and Enterprise versions could allow privileged operators to execute arbitrary code on underlying host systems. The vulnerabili
NestJS Framework Vulnerability Let Attackers Execute Arbitrary Code in Developers Machine
<html><body><p>A critical security vulnerability has been discovered in the NestJS framework’s development tools that enables remote code execution (RCE) attacks against JavaScript developers. The flaw, identified as CV
Nation-state group CL-STA-0969 targeted Southeast Asian telecoms in 2024
<html><body>State-backed group CL-STA-0969 hit Southeast Asian telecoms in 2024, targeting critical infrastructure, says Palo Alto Networks’ Unit 42. Palo Alto Networks reported that a nation-state actor, tracked as CL-S
Microsoft PlayReady DRM Used by Netflix, Amazon, and Disney+ Leaked Online
<html><body><p>A significant security breach has compromised Microsoft’s PlayReady Digital Rights Management (DRM) system, exposing critical certificates that protect premium streaming content across major platforms incl
Cybersecurity News Recap – Chrome, Gemini Vulnerabilities, Linux Malware, and Man-in-the-Prompt Attack
<html><body><p>Welcome to this week’s edition of Cybersecurity News Recap! In this issue, we bring you the latest updates and critical developments across the threat landscape. Stay ahead of risks with key insights on ne
APT36 Hackers Weaponizing PDF Files to Attack Indian Railways, Oil & Government Systems
<html><body><p>The Pakistan-linked Advanced Persistent Threat (APT) group APT36, also known as Transparent Tribe, has significantly expanded its cyber operations beyond traditional military targets to encompass critical
Securing agentic identities focus of Palo Alto’s CyberArk buy
<html><body><p><a href="https://www.paloaltonetworks.com/" target="_blank" rel="noopener">Palo Alto Networks</a> has placed securing <a href="https://www.techtarget.com/searchenterpriseai/tip/Agentic
$1,000,000 for WhatsApp 0-Click RCE Exploit at Pwn2Own Ireland 2025
<html><body><p>Trend Micro’s Zero Day Initiative (ZDI) announces an unprecedented $1,000,000 bounty for a zero-click remote code execution (RCE) exploit targeting WhatsApp at the upcoming Pwn2Own Ireland 2025 competition
CISA Issues ICS Advisories for Rockwell Automation Using VMware, and Güralp Seismic Monitoring Systems
<html><body><p>CISA released two high-severity Industrial Control Systems (ICS) advisories on July 31, 2025, highlighting critical vulnerabilities in widely deployed industrial equipment that could enable remote attacker
Microsoft Upgrades .NET Bounty Program with Rewards to Researchers Up to $40,000
<html><body><p>Microsoft has significantly enhanced its .NET bounty program, announcing substantial updates that expand the program’s scope, streamline award structures, and provide greater incentives for cybersecurity r
Navigating APTs – Singapore’s Cautious Response to State-Linked Cyber Attacks
<html><body><p>Singapore’s cybersecurity landscape faced a significant challenge in July 2025 when Coordinating Minister K. Shanmugam disclosed that the nation was actively defending against UNC3886, a highly sophisticat
Attackers actively exploit critical zero-day in Alone WordPress Theme
<html><body>Hackers exploit a critical vulnerability, tracked as CVE-2025-5394 (CVSS score of 9.8), in the Alone WordPress theme to hijack sites. Threat actors are actively exploiting a critical flaw, tracked as CVE-2025
17K+ SharePoint Servers Exposed to Internet – 840 Servers Vulnerable to 0-Day Attacks
<html><body><p>A massive exposure of Microsoft SharePoint servers to internet-based attacks has been identified, with over 17,000 servers exposed and 840 specifically vulnerable to the critical zero-day vulnerability CVE