ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Navigating APTs – Singapore’s Cautious Response to State-Linked Cyber Attacks
<html><body><p>Singapore’s cybersecurity landscape faced a significant challenge in July 2025 when Coordinating Minister K. Shanmugam disclosed that the nation was actively defending against UNC3886, a highly sophisticat
Attackers actively exploit critical zero-day in Alone WordPress Theme
<html><body>Hackers exploit a critical vulnerability, tracked as CVE-2025-5394 (CVSS score of 9.8), in the Alone WordPress theme to hijack sites. Threat actors are actively exploiting a critical flaw, tracked as CVE-2025
17K+ SharePoint Servers Exposed to Internet – 840 Servers Vulnerable to 0-Day Attacks
<html><body><p>A massive exposure of Microsoft SharePoint servers to internet-based attacks has been identified, with over 17,000 servers exposed and 840 specifically vulnerable to the critical zero-day vulnerability CVE
Lenovo IdeaCentre and Yoga Laptop BIOS Vulnerabilities Let Attackers Execute Arbitrary Code
<html><body><p>Critical vulnerabilities in Lenovo’s IdeaCentre and Yoga All-In-One systems could allow privileged local attackers to execute arbitrary code and access sensitive system information. The vulnerabilities af
Critical SUSE Manager Vulnerability Let Attackers Execute Arbitrary Commands as Root
<html><body><p>A newly disclosed critical security vulnerability in SUSE Manager poses severe risks to enterprise infrastructure, allowing unauthenticated attackers to execute arbitrary commands with root privileges. Th
UNC2891 Threat Actors Hacked ATM Networks Using 4G Raspberry Pi Device
<html><body><p>A financially motivated threat group known as UNC2891 orchestrated a sophisticated attack on banking infrastructure by physically installing a 4G-equipped Raspberry Pi device directly into an ATM network,
Microsoft SharePoint Server 0-Day Hack Hits African Treasury, Companies, and University
<html><body><p>A sophisticated cyberattack exploiting a zero-day vulnerability in Microsoft SharePoint servers has compromised over 400 entities globally, with significant impact across African nations including South Af
APT Hackers Attacking Maritime and Shipping Industry to Launch Ransomware Attacks
<html><body><p>The maritime industry, which facilitates approximately 90% of global trade, has emerged as a critical battleground for advanced persistent threat (APT) groups deploying sophisticated ransomware campaigns.
Critical CrushFTP 0-Day RCE Vulnerability Technical Details and PoC Released
<html><body><p>A significant zero-day vulnerability in CrushFTP has been disclosed, allowing unauthenticated attackers to achieve complete remote code execution on vulnerable servers. The flaw, tracked as CVE-2025-54309
OAuth2-Proxy Vulnerability Enables Authentication Bypass by Manipulating Query Parameters
<html><body><p>A critical security vulnerability has been identified in OAuth2-Proxy, a widely-used reverse proxy that provides authentication services for Google, Azure, OpenID Connect, and numerous other identity provi
ChatGPT, Gemini, GenAI Tools Vulnerable to Man-in-the-Prompt Attacks
<html><body><p>A critical vulnerability affecting popular AI tools, including ChatGPT, Google Gemini, and other generative AI platforms, exposes them to a novel attack vector dubbed “Man-in-the-Prompt.” Published on Jul
Dahua Camera flaws allow remote hacking. Update firmware now
<html><body>Critical flaws in Dahua cameras let hackers take control remotely. The vendor has released patches, users should update firmware asap. Bitdefender cybersecurity experts discovered serious vulnerabilities in D
BulletProof Hosting Provider Qwins Ltd Fueling Global Malware Campaigns
<html><body><p>A sophisticated bulletproof hosting operation has emerged as a critical enabler of global malware campaigns, with cybersecurity researchers uncovering extensive evidence linking UK-registered company Qwins
Hackers actively exploit critical RCE in WordPress Alone theme
<html><body>Threat actors are actively exploiting a critical unauthenticated arbitrary file upload vulnerability in the WordPress theme 'Alone,' to achieve remote code execution and perform a full site takeover. [...]</b
Critical SonicWall SSL VPN Vulnerability Let Attackers Trigger DoS Attack on Firewalls
<html><body><p>A critical vulnerability in SonicWall Gen7 firewall products could allow remote unauthenticated attackers to cause service disruptions through denial-of-service (DoS) attacks. The format string vulnerabil
WordPress Theme RCE Vulnerability Actively Exploited to Take Full Site Control
<html><body><p>A critical remote code execution (RCE) vulnerability in the popular “Alone” WordPress theme is being actively exploited by attackers to gain complete control of vulnerable websites. The vulnerability, ass
Scattered Spider tactics continue to evolve, warn cyber cops
<html><body><p>The Scattered Spider hacking collective is still hard at work <a href="https://www.computerweekly.com/news/366627722/Scattered-Spider-playbook-evolving-fast-says-Microsoft" target="_blank" rel="no
Apple pushes almost 30 security fixes in mobile update
<html><body><p><a href="https://www.apple.com/" target="_blank" rel="noopener">Apple</a> has released more than 20 vulnerability fixes for its mobile device ecosystem in a new round of updates to the tw
MS Authenticator users face passkey crunch time
<html><body><p>Microsoft’s move <a href="https://www.computerweekly.com/news/366561597/The-Security-Interviews-Talking-identity-with-Microsofts-Joy-Chik" target="_blank" rel="noopener">towards passwordless te
AI-enabled security pushes down breach costs for UK organisations
<html><body><p>British organisations that have incorporated <a href="https://www.techtarget.com/searchenterpriseai/definition/AI-Artificial-Intelligence" target="_blank" rel="noopener">artificial intelligence