ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Samsung MagicINFO 9 Server Vulnerability Exploited in the Wild
<html><body><p>A critical security vulnerability in Samsung’s digital signage management platform has moved from theoretical risk to active threat as attackers begin exploiting it in real-world attacks. CVE-2024-7399, a
New GPOHound Tool To Analyze Group Policy in Active Directory For Privilege Escalation Paths
<html><body><p>The new GPOHound is a powerful new open-source tool designed to analyze Group Policy Objects (GPOs) in Active Directory environments for privilege escalation vulnerabilities and misconfigurations. The too
CISA Warns of Langflow Missing Authentication Vulnerability Exploited in Attacks
<html><body><p>CISA has added a critical Langflow vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, identified as CVE-2025-3248, a
Critical Microsoft Telnet 0-Click Vulnerability Exposes Windows Credentials
<html><body><p>A critical vulnerability in Microsoft Telnet Server enables attackers to bypass authentication completely, potentially gaining administrator access without valid credentials. Organizations running legacy W
MediaTek Patches Multiple Vulnerabilities Affecting Tablets, Smartphones & TV Chipsets
<html><body><p>MediaTek has released critical security patches addressing six significant vulnerabilities affecting a wide range of devices powered by their chipsets. The vulnerabilities, disclosed in the company’s May
xAI Dev Leaked API Key on GitHub for Private SpaceX, Tesla & Twitter/X
<html><body><p>A significant security lapse occurred at Elon Musk’s artificial intelligence company xAI, where a developer inadvertently leaked a private API key on GitHub that remained accessible for nearly two months.
Iranian Hackers Breaches Critical National Infrastructure With multiple Webshells & Backdoors
<html><body><p>A sophisticated cyber intrusion targeting critical national infrastructure in the Middle East has been uncovered, with evidence pointing to an Iranian state-sponsored threat group. The attack, which persis
North Korean Hacker Tries to Breach Kraken Platform by Submitting Job Application
<html><body><p>Cryptocurrency exchange Kraken recently uncovered a sophisticated infiltration attempt by a North Korean hacker who applied for an engineering position at the company. Instead of immediately rejecting the
New SonicBoom Attack Allows Bypass of Authentication for Admin Access
<html><body><p>A critical new attack chain, dubbed “SonicBoom,” that enables remote attackers to bypass authentication and seize administrative control over enterprise appliances, including SonicWall Secure Mobile Access
Apache Parquet Java Vulnerability Let Attackers Execute Arbitrary Code
<html><body><p>A new critical security vulnerability in Apache Parquet Java has been disclosed that could allow attackers to execute arbitrary code through specially crafted Parquet files. The vulnerability, tracked as
Critical Webmin Vulnerability Let Remote Attackers Escalate Privileges to Root-Level
<html><body><p>A critical security vulnerability in Webmin, a widely-used web-based system administration tool, has been discovered, allowing remote attackers to escalate privileges and execute code with root-level acces
CISA Warns of KUNBUS Auth Bypass Vulnerabilities Exposes Systems to Remote Attacks
<html><body><p>CISA has issued an urgent advisory highlighting critical vulnerabilities in KUNBUS GmbH’s Revolution Pi industrial automation devices. These flaws, which include authentication bypass and remote code execu
How to Configure Email Security With DMARC, SPF, And DKIM
<html><body><p>Email is a critical business communication tool, but it is also a primary target for cybercriminals who exploit its openness to launch phishing attacks, impersonate brands, and distribute malware. To count
Threat Actors Attacking Critical National Infrastructure With New Malware and Infrastructure
<html><body><p>A sophisticated cyber intrusion targeting critical national infrastructure (CNI) in the Middle East has been uncovered, revealing a long-term espionage operation attributed to an Iranian state-sponsored th
ANY.RUN Unveils Q1 2025 Malware Trends Report, Highlighting Evolving Cyber Threats
<html><body><p>ANY.RUN, a leading cybersecurity firm, has released its Q1 2025 Malware Trends Report, offering critical insights into the dynamic cyber threat landscape. Drawing from data analyzed by 15,000 companies and
macOS Sandbox Escape Vulnerability Allows Keychain Deletion and Replacement
<html><body><p>A security vulnerability in macOS has been discovered. It allows malicious actors to escape the App Sandbox protection by manipulating security-scoped bookmarks. Tracked as CVE-2025-31191, this vulnerabil
CISA Releases ICS Advisories Targeting Vulnerabilities & Exploits
<html><body><p>The Cybersecurity and Infrastructure Security Agency (CISA) has released two Industrial Control Systems (ICS) advisories today, addressing critical security vulnerabilities that could potentially impact mu
CISA Warns of Apache HTTP Server Escape Vulnerability Exploited in the Wild
<html><body><p>The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-38475, a critical vulnerability affecting Apache HTTP Server, to its Known Exploited Vulnerabilities (KEV) catalog. This vuln
Why CISOs Need to Rethink Endpoint Security in 2025
<html><body><p>In 2025, as the digital world grows increasingly interconnected and the line between corporate and personal tech fades, Endpoint Security for CISOs becomes more critical than ever. Chief Information Securi
Packet Analysis Optimization Advanced Protocols For Cybersecurity Analysts
<html><body><p>Packet analysis is a fundamental discipline within cybersecurity, providing critical insights into the behavior of networked systems and the activities of users and potential adversaries. As enterprise net