ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Gov.uk One Login yet to meet government cyber security standards for critical public services
<html><body><p>The government’s flagship digital identity system still does not fully conform to key national security standards three years after launch, while questions remain over whether historic security problems ha
When Satellites Go Dark – Persistent Cyber Assaults and The Growing Blind Spot
<html><body><p>In the cold vastness of space, thousands of satellites orbit silently, providing critical infrastructure for global communications, navigation systems, and military operations. Yet these silent sentinels h
Critical Linux Kernel Vulnerability Exposes Systems to Privilege Escalation Attacks
<html><body><p>A significant vulnerability in the Linux kernel’s Virtual Socket (vsock) implementation, designated as CVE-2025-21756, has been identified that could allow local attackers to escalate privileges to root le
CISA Issues Warning on Commvault Web Server Flaw Exploited in the Wild
<html><body><p>CISA has issued a new security warning about a critical vulnerability affecting the Commvault Web Server, built into one of the industry’s leading data protection platforms. Assigned CVE-2025-3928, the fla
SAP NetWeaver 0-Day Vulnerability Exploited in the Wild to Deploy Webshells
<html><body><p>SAP released an emergency out-of-band patch addressing CVE-2025-31324, a critical zero-day vulnerability in SAP NetWeaver Visual Composer with the highest possible CVSS score of 10.0. This vulnerability s
SEIKO EPSON Printer Vulnerabilities Let Attackers Execute Arbitrary Code
<html><body><p>A critical security vulnerability in SEIKO EPSON printer drivers for Windows has been identified, allowing malicious actors to execute arbitrary code with SYSTEM-level privileges. The vulnerability, track
China Claims that the US Attacked a Major Encryption Provider & Stole Sensitive Data
<html><body><p>China claims that the United States conducted a targeted cyberattack against one of its leading commercial encryption providers. A newly released report from China’s National Computer Network Emergency Re
A large-scale phishing campaign targets WordPress WooCommerce users
<html><body><p>A large-scale phishing campaign targets WordPress WooCommerce users with a fake security alert urging them to download a ‘critical patch’ hiding a backdoor. Patchstack researchers uncovered a large-scale p
Ransomware Defense Playbook for CISOs in 2025
<html><body><p>Ransomware has evolved into one of the most formidable threats to organizations worldwide, and 2025 marks a new era of both complexity and consequence. Attackers are no longer lone hackers but sophisticate
Assessing Third-Party Vendor Risks – CISO Best Practices
<html><body><p>Third-party vendors are indispensable to modern enterprises, offering specialized services, cost efficiencies, and scalability. However, they also introduce significant cybersecurity risks that can comprom
FastCGI Library Vulnerability Exposes Embedded Devices to Code Execution Attacks
<html><body><p>A critical vulnerability in the FastCGI library could allow attackers to execute arbitrary code on embedded devices. The flaw, tracked as CVE-2025-23016 with a CVSS score of 9.3, affects all FastCGI fcgi2
CISA Warns Planet Technology Network Products Let Attackers Manipulate Devices
<html><body><p>The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical advisory warning of multiple high-severity vulnerabilities in Planet Technology network products that could allow attackers
New iOS Critical Vulnerability That Could Brick iPhones With a Single Line of Code
<html><body><p>A critical vulnerability in iOS could allow malicious applications to disable iPhones with just a single line of code permanently. The vulnerability, assigned CVE-2025-24091, leverages the operating system
400+ SAP NetWeaver Devices Vulnerable to 0-Day Attacks that Exploited in the Wild
<html><body><p>Security researchers have identified 454 SAP NetWeaver systems vulnerable to a critical zero-day vulnerability that has been actively exploited in the wild. The vulnerability, tracked as CVE-2025-31324, al
Critical IXON VPN Vulnerabilities Let Attackers Gain Access to Windows & Linux Systems
<html><body><p>A recent security assessment by Shelltrail has uncovered three critical vulnerabilities in the IXON VPN client, potentially allowing attackers to escalate privileges on both Windows and Linux systems. Iden
Navigating Cybersecurity Frameworks – CISO Resource Guide
<html><body><p>The role of the Chief Information Security Officer (CISO) has never been more critical. As organizations face a rapidly evolving threat landscape, CISOs must defend against cyberattacks and ensure complian
Building Trust Through Transparency – CISO Cybersecurity Practices
<html><body><p>In an era of digital transformation and rising cyber threats, Building Trust Through Transparency has become a critical mission for the Chief Information Security Officer (CISO), who has evolved from a tec
WooCommerce admins targeted by fake security patches that hijack sites
<html><body><p>A large-scale phishing campaign targets WooCommerce users with a fake security alert urging them to download a "critical patch" that adds a Wordpress backdoor to the site. [...]</p></body></html>
How To Build A Data Center Security Strategy For 2025 And Beyond
<html><body><p>As the world becomes increasingly reliant on digital infrastructure, data centers have evolved into the backbone of business operations, cloud services, and critical government functions. With projections
Critical Craft CMS RCE 0-Day Vulnerability Exploited in Attacks to Steal Data
<html><body><p>According to security researchers at CERT Orange Cyberdefense, a critical remote code execution (RCE) vulnerability in Craft CMS is actively being exploited to breach servers and steal data. The vulnerabil