ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Cisco fixed a critical flaw in its IOS XE Wireless Controller
<html><body><p>Cisco addressed a flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files. Cisco released software updates to address a vulnerability, tracked
Researchers Details macOS Remote Code Execution Vulnerability – CVE-2024-44236
<html><body><p>A critical remote code execution vulnerability identified in Apple’s macOS operating system, tracked as CVE-2024-44236. The vulnerability, which carries a high CVSS score of 7.8, could allow attackers to e
Detecting Vulnerable Commvault Environments Within Azure Using KQL Query
<html><body><p>Cybersecurity analysts are racing to respond to an active exploitation campaign targeting Commvault environments in Microsoft Azure through the recently identified CVE-2025-3928 vulnerability. This critica
Russian COLDRIVER Hackers Using LOSTKEYS Malware To Steal Sensitive Data
<html><body><p>Cybersecurity researchers have uncovered a sophisticated malware campaign attributed to the Russian threat actor COLDRIVER, also known as Star Blizzard or Callisto. The newly identified malware, dubbed LOS
Cisco IOS XE Wireless Controllers Vulnerability Enables Full Device Control for Attackers
<html><body><p>Cisco has disclosed a critical security vulnerability in its IOS XE Wireless LAN Controllers that could allow unauthorized attackers to gain complete control of affected devices. The flaw, assigned the max
Top Ransomware Actors Actively Attacking Financial Sector, 406 Incidents Publicly Disclosed
<html><body><p>The financial sector has emerged as a prime target for sophisticated ransomware operations, with a staggering 406 publicly disclosed incidents recorded between April 2024 and April 2025. These attacks have
Critical Open Source Easyjson Library Under Full Control of Russian Company
<html><body><p>A critical security revelation has sent shockwaves through the cybersecurity community as researchers uncovered that easyjson, a widely adopted open-source Go package central to JSON serialization processe
Hackers exploit OttoKit WordPress plugin flaw to add admin accounts
<html><body><p>Hackers are exploiting a critical unauthenticated privilege escalation vulnerability in the OttoKit WordPress plugin to create rogue admin accounts on targeted sites. [...]</p></body></html>
SysAid ITSM Platform Vulnerabilities Allows Pre-authenticated Remote Command Execution
<html><body><p>A critical vulnerability chain in SysAid’s On-Premise IT Service Management (ITSM) platform that allows attackers to achieve pre-authenticated Remote Command Execution (RCE). The findings detail how multi
Canary Exploit tool allows to find servers affected by Apache Parquet flaw
<html><body><p>F5 Labs researchers released a PoC tool to find servers vulnerable to the Apache Parquet vulnerability CVE-2025-30065. A working proof-of-concept exploit for the critical Apache Parquet vulnerability CVE-2
CISA warns of hackers targeting critical oil infrastructure
<html><body><p>CISA warned critical infrastructure organizations of "unsophisticated" threat actors actively targeting the U.S. oil and natural gas sectors. [...]</p></body></html>
Critical AWS Amplify Studio Vulnerability Let Attackers Execute Arbitrary Code
<html><body><p>A critical security vulnerability in AWS Amplify Studio has been identified, potentially allowing authenticated users to execute arbitrary JavaScript code during component rendering and build processes. A
IBM Cognos Analytics Vulnerability Let Attackers Upload Malicious Files
<html><body><p>IBM has issued a critical security advisory warning of two high-severity vulnerabilities affecting its Cognos Analytics platform that could allow attackers to upload malicious files and execute code on aff
Critical Kibana Vulnerability Let Attackers Execute Arbitrary Code
<html><body><p>Elastic has disclosed a critical security vulnerability in Kibana, its popular data visualization platform, that could allow attackers to execute arbitrary code. The vulnerability, identified as CVE-2025-
Mirai Botnet Actively Exploiting GeoVision IoT Devices Command Injection Vulnerabilities
<html><body><p>The cybersecurity landscape has once again been disrupted by the resurgence of the notorious Mirai botnet, which has been actively exploiting command injection vulnerabilities in discontinued GeoVision Int
Chrome Security Patch Addresses WebAudio Vulnerability Allowing Code Execution
<html><body><p>Google has released a critical security update for Chrome, addressing a vulnerability that could allow attackers to execute malicious code through the browser’s WebAudio component. According to an announc
UK critical systems at risk from ‘digital divide’ created by AI threats
<html><body><p>GCHQ’s National Cyber Security Centre warns that a growing ‘digital divide’ between organisations that can keep pace with AI-enabled threats and those that cannot is set to heighten the UK's overall cyber
Apache Parquet exploit tool detect servers vulnerable to critical flaw
<html><body><p>A proof-of-concept exploit has been publicly released for a maximum severity Apache Parquet vulnerability, tracked as CVE-2025-30065, making it easy to find vulnerable servers. [...]</p></body></html>
Initial Access Brokers Plays a Vital Role Modern Ransomware Attacks
<html><body><p>In today’s evolving cyberthreat landscape, Initial Access Brokers (IABs) have emerged as critical facilitators in the ransomware attack chain. These specialized cybercriminals focus exclusively on breachin
Critical Langflow RCE flaw exploited to hack AI app servers
<html><body><p>The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has tagged a Langflow remote code execution vulnerability as actively exploited, urging organizations to apply security updates and mitiga