ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Samsung MagicINFO 9 Server Vulnerability Let Attackers Write Arbitrary File
<html><body><p>Samsung has disclosed a critical security vulnerability (CVE-2025-4632) affecting its MagicINFO 9 Server platform, a widely deployed content management system used for digital signage across retail, transp
Adobe Photoshop Vulnerability Let Attackers Execute Arbitrary Code
<html><body><p>Adobe has released critical security updates for Photoshop on both Windows and macOS platforms after discovering multiple severe vulnerabilities that could allow attackers to execute arbitrary code on vict
Researchers Detailed New Threat-Hunting Techniques to Detect Azure Managed Identity Abuse
<html><body><p>Cybersecurity experts have unveiled sophisticated techniques to identify potential abuse of Azure Managed Identities (MIs), addressing a critical but often overlooked security concern in cloud environments
Windows Remote Desktop Gateway Vulnerability Let Attackers Trigger Dos Condition
<html><body><p>Microsoft Security Response Center (MSRC) has released important security updates to address a critical vulnerability in Windows Remote Desktop Gateway (RD) service tracked as CVE-2025-26677 that could all
Chinese Hackers Exploit SAP NetWeaver 0-Day Vulnerability To Attack Critical Infrastructures
<html><body><p>In April 2025, security researchers identified a sophisticated campaign targeting critical infrastructure networks worldwide through a previously unknown vulnerability in SAP NetWeaver Visual Composer. The
INE Security Alert: Continuous CVE Practice Closes Critical Gap Between Vulnerability Alerts and Effective Defense
<html><body><p>INE Security, a global leader in hands-on cybersecurity training and certifications, today highlighted how ongoing real-world practice with the latest CVEs (Common Vulnerabilities and Exposures) is essenti
Fortinet fixed actively exploited FortiVoice zero-day
<html><body><p>Fortinet fixed a critical remote code execution zero-day vulnerability actively exploited in attacks targeting FortiVoice enterprise phone systems. Fortinet released security updates to address a critical
82,000+ WordPress Sites Exposed to Remote Code Execution Attacks
<html><body><p>Critical vulnerabilities were identified in TheGem, a premium WordPress theme with more than 82,000 installations worldwide. Researchers identified two separate but interconnected vulnerabilities in TheGe
Windows Remote Desktop Vulnerability Let Attackers Execute Malicious Code Over Network
<html><body><p>Microsoft’s May 2025 Patch Tuesday has addressed several critical vulnerabilities in Windows Remote Desktop services that could allow attackers to execute malicious code remotely. Security experts are urgi
Microsoft Rolls Out Windows 11 Cumulative Updates KB5058411 and KB5058405 With May Patch Tuesday
<html><body><p>Microsoft released two significant cumulative updates for Windows 11, KB5058411 and KB5058405, targeting improved security and system performance across various versions of the operating system. These upda
Windows DWM 0-Day Vulnerability Allows Attackers to Escalate Privileges
<html><body><p>Microsoft has patched a critical zero-day vulnerability in the Windows Desktop Window Manager (DWM) Core Library, tracked as CVE-2025-30400, which was actively exploited in the wild to grant attackers SYST
Microsoft Scripting Engine 0-Day Vulnerability Enables Remote Code Execution Over Network
<html><body><p>Microsoft has disclosed a critical memory corruption vulnerability in its Scripting Engine (CVE-2025-30397), which allows unauthorized attackers to execute code remotely over a network. The flaw, classifie
Windows Common Log File System 0-Day Vulnerability Actively Exploited in the Wild
<html><body><p>Microsoft has confirmed that threat actors are actively exploiting two critical vulnerabilities in the Windows Common Log File System (CLFS) driver to gain SYSTEM-level privileges on compromised systems. T
FortiVoice 0-day Vulnerability Exploited in the Wild to Execute Arbitrary Code
<html><body><p>Fortinet has disclosed a critical stack-based buffer overflow vulnerability (CVE-2025-32756) affecting multiple products in its security portfolio, with confirmed exploitation targeting FortiVoice systems
Fortinet fixes critical zero-day exploited in FortiVoice attacks
<html><body><p>Fortinet released security updates to patch a critical remote code execution vulnerability exploited as a zero-day in attacks targeting FortiVoice enterprise phone systems. [...]</p></body></html>
Critical Ivanti ITSM Vulnerability Let Remote Attacker Gain Administrative Access
<html><body><p>Ivanti has released security updates to address a critical authentication bypass vulnerability in its Neurons for ITSM (IT Service Management) solution that could allow unauthenticated attackers to gain ad
FortiOS Authentication Bypass Vulnerability Let Attackers Access Device as Valid Admin
<html><body><p>Fortinet has disclosed a significant security vulnerability affecting multiple Fortinet products, allowing attackers to bypass authentication and gain administrative access to affected systems. The vulnera
Ivanti warns of critical Neurons for ITSM auth bypass flaw
<html><body><p>Ivanti has released security updates for its Neurons for ITSM IT service management solution that mitigate a critical authentication bypass vulnerability. [...]</p></body></html>
Ivanti Releases Critical Security Update for EPMM After Limited Exploits Discovered
<html><body><p>Ivanti has issued an important security advisory addressing vulnerabilities in open-source libraries used in its Endpoint Manager Mobile (EPMM) solution. The company announced today that a small number of
Researchers Proposed Mythic Framework Agent to Boost Pentesting Tool Performances
<html><body><p>Cybersecurity professionals constantly seek more effective penetration testing tools to stay ahead of threat actors and properly assess organizational defenses. A recent innovation in this field comes from