ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Microsoft Patches 57 Vulnerabilities, Three Zero-Days
Microsoft has addressed a Windows vulnerability exploited as zero-day that allows attackers to obtain System privileges. The post Microsoft Patches 57 Vulnerabilities, Three Zero-Days appeared first on SecurityWeek.
Microsoft releases Windows 10 KB5071546 extended security update
Microsoft has released the KB5071546 extended security update to resolve 57 security vulnerabilities, including three zero-day flaws. [...]
Microsoft December 2025 Patch Tuesday fixes 3 zero-days, 57 flaws
Microsoft's December 2025 Patch Tuesday fixes 57 flaws, including one actively exploited and two publicly disclosed zero-day vulnerabilities. [...]
Microsoft December 2025 Patch Tuesday – 56 Vulnerabilities Fixed Including 3 Zero-days
Microsoft released its final Patch Tuesday updates of 2025 on December 9, addressing 56 security vulnerabilities across Windows, Office, Exchange Server, and other components. This patch includes three zero-day flaws: tw
Oracle EBS zero-day used by Clop to breach Barts Health NHS
Clop ransomware stole data from Barts Health NHS after exploiting a zero-day in its Oracle E-Business Suite. Barts Health NHS confirmed that Clop ransomware group stole data by exploiting zero-day CVE-2025-61882 in its O
Predator Spyware Compamy Used 15 Zero-Days Since 2021 to Target iOS Users
A commercial spyware company called Intellexa has exploited 15 zero-day vulnerabilities since 2021 to target iOS and Android users worldwide. The company, known for developing the Predator spyware, continues operations d
Barts Health NHS discloses data breach after Oracle zero-day hack
Barts Health NHS Trust has announced that Clop ransomware actors have stolen files from a database by exploiting a vulnerability in its Oracle E-business Suite software. [...]
Leaks show Intellexa burning zero-days to keep Predator spyware running
A fresh investigation uncovers how Predator spyware still reaches victims through high-priced, newly bought zero-days.
Intellexa Leaks Reveal Zero-Days and Ads-Based Vector for Predator Spyware Delivery
A human rights lawyer from Pakistan's Balochistan province received a suspicious link on WhatsApp from an unknown number, marking the first time a civil society member in the country was targeted by Intellexa's Predator
iOS Zero-Day Exploit Chain Leveraged by Mercenary Spyware for Device Surveillance
A new iOS zero-day exploit chain has been linked to mercenary spyware used for silent device surveillance against high‑risk users. The operation, attributed to the commercial surveillance vendor Intellexa, chains multipl
Microsoft "mitigates" Windows LNK flaw exploited as zero-day
Microsoft has silently "mitigated" a high-severity Windows LNK vulnerability exploited by multiple state-backed and cybercrime hacking groups in zero-day attacks. [...]
Android’s December 2025 Updates Patch Two Zero-Days
Google warns that two out of the 107 vulnerabilities patched in Android this month have been exploited in limited, targeted attacks. The post Android’s December 2025 Updates Patch Two Zero-Days appeared first on Security
Google Patches Android 0-Day Vulnerabilities Exploited in the Wild
Google has released critical security updates to address multiple zero-day vulnerabilities affecting Android devices worldwide. The December 2025 security bulletin reveals that threat actors are actively exploiting at le
Canon Allegedly Breached by Clop Ransomware via Oracle E-Business Suite 0-Day Hack
Canon has officially confirmed that it was targeted during the widespread hacking campaign exploiting a critical zero-day vulnerability in Oracle E-Business Suite (EBS). The attack, orchestrated by the notorious Clop ran
Cox Enterprises discloses Oracle E-Business Suite data breach
Cox Enterprises is notifying impacted individuals of a data breach that exposed their personal data to hackers who breached the company network after exploiting a zero-day flaw in Oracle E-Business Suite. [...]
CISA Warns of Actively Exploited Critical Oracle Identity Manager Zero-Day Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting Oracle Identity Manager to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active
CISA warns Oracle Identity Manager RCE flaw is being actively exploited
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning government agencies to patch an Oracle Identity Manager tracked as CVE-2025-61757 that has been exploited in attacks, potentially as a zero-day. [
North Korean Kimsuky and Lazarus Join Forces to Exploit Zero-Day Vulnerabilities Targeting Critical Sectors Worldwide
Two of North Korea’s most dangerous hacking groups have joined forces to launch a coordinated attack campaign that threatens organizations worldwide. The Kimsuky and Lazarus groups are working together to steal sensitive
Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day
CVE-2025-61757 is an unauthenticated remote code execution vulnerability affecting Oracle Identity Manager. The post Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day appeared first on SecurityWeek.
Broadcom Allegedly Breached by Clop Ransomware via E-Business Suite 0-Day Hack
The Cl0p ransomware group has claimed responsibility for infiltrating Broadcom’s internal systems as part of an ongoing exploitation campaign targeting Oracle E-Business Suite vulnerabilities. According to threat intelli