ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Russian Hackers Attempting to Sabotage The Digital Control System of a Dutch Public Service
<html><body><p>In a concerning development that marks a significant escalation in cyber warfare tactics, Russian hackers have been detected attempting to infiltrate and sabotage the digital control system of a critical D
SAP fixes critical Netweaver flaw exploited in attacks
<html><body><p>SAP has released out-of-band emergency updates for NetWeaver to fix an actively exploited remote code execution (RCE) vulnerability used to hijack servers. [...]</p></body></html>
Microsoft’s Symlink Patch Created New Windows DoS Vulnerability
<html><body><p>A recent Microsoft security update, intended to patch a critical privilege escalation vulnerability, has inadvertently introduced a new and significant flaw. The fix now enables non-administrative users t
Lazarus APT Attacking Organizations by Exploiting One-Day vulnerabilities
<html><body><p>Cybersecurity experts have identified a sophisticated campaign by the North Korean state-sponsored Lazarus APT group targeting critical infrastructure and financial organizations worldwide. The threat acto
ToyMaker Hackers Compromised Multitude Hosts Using SSH & File Transfer Tools
<html><body><p>In 2023, cybersecurity experts uncovered an extensive compromise in critical infrastructure enterprises by a sophisticated threat actor group. This initial access broker, dubbed “ToyMaker,” systematically
Linux io_uring Security Blind Spot Let Attackers Stealthily Deploy Rootkits
<html><body><p>A critical vulnerability exists in Linux’s security framework, revealing that many runtime security tools struggle to detect threats operating via the io_uring interface. This discovery exposes a critical
Citrix NetScaler Console Vulnerability Enables Admin Access – PoC Released
<html><body><p>A critical vulnerability in Citrix NetScaler Console allows complete unauthenticated administrative access despite being initially classified as merely a “sensitive information disclosure” issue. The proo
Zyxel RCE Vulnerability Allows Arbitrary Query Execution Without any Authentication
<html><body><p>A critical vulnerability in Zyxel’s FLEX-H Series devices that enables attackers to execute arbitrary database queries and gain remote code execution capabilities without requiring authentication. The fla
Cisco Confirms Multiple Products Impacted by Erlang/OTP SSH Server RCE Vulnerability
<html><body><p>Cisco Systems has issued a critical security advisory confirming that multiple products across its portfolio are affected by a remote code execution (RCE) vulnerability in the Erlang/OTP SSH server (CVE-20
Commvault RCE Vulnerability Let Attackers Breach the Vault – PoC Released
<html><body><p>A critical pre-authenticated Remote Code Execution (RCE) vulnerability affecting Commvault’s backup and data protection platform. The vulnerability, tracked as CVE-2025-34028, could allow attackers to com
Critical Langflow Vulnerability Allows Malicious Code Injection – Technical Details Revealed
<html><body><p>Cybersecurity researchers have uncovered a critical remote code execution (RCE) vulnerability in Langflow, an open-source platform widely used for visually composing AI-driven agents and workflows. Designa
GitLab Security Update – Patch for XSS, DoS & Account Takeover Vulnerabilities
<html><body><p>GitLab has released critical security patches addressing multiple high-severity vulnerabilities in its platform, highlighting robust security measures amid increasing cyber threats. The company has issued
SonicWall SSLVPN Vulnerability Let Remote Attackers to Crash Firewall Appliances
<html><body><p>SonicWall has disclosed a critical security vulnerability in its SSLVPN service that allows unauthenticated remote attackers to crash affected firewall appliances, potentially causing significant disruptio
Challenges persist as UK’s Cyber Security and Resilience Bill moves forward
<html><body><p>Elements of the proposed Cyber Security and Resilience Bill are welcome but questions remain about how best to act in the face of persistent challenges like geopolitical chaos, threats to critical infrastr
Microsoft to Offer Rewards Up to $30,000 for AI Vulnerabilities
<html><body><p>Microsoft has launched an expanded bug bounty program offering rewards of up to $30,000 for researchers who identify critical vulnerabilities in AI systems within its Dynamics 365 and Power Platform produc
Beyond Compliance – How VPs of Security Drive Strategic Cybersecurity Initiatives
<html><body><p>In an era where cyber threats evolve faster than regulatory frameworks, Vice Presidents (VPs) of Security are redefining their roles from compliance enforcers to strategic business leaders. While adherence
Critical Commvault RCE Vulnerability Lets Remote Attackers Execute Arbitrary Code
<html><body><p>A significant security vulnerability (CVE-2025-34028) has been discovered in Commvault Command Center Innovation Release, enabling unauthenticated attackers to execute arbitrary code remotely. The vulnerab
Regulating AI Behavior with a Hypervisor
<html><body><p>Interesting research: “<a href="https://arxiv.org/abs/2504.15499">Guillotine: Hypervisors for Isolating Malicious AIs</a>.”</p> <blockquote><p><b>Abstract</b>:As AI models become more embedded in critical
Critical Vulnerabilities in Browser Wallets Let Attackers Drain your Funds
<html><body><p>Significant vulnerabilities in popular browser-based cryptocurrency wallets enable attackers to steal funds without any user interaction or approval. These critical flaws, discovered in wallets including
FireEye EDR Agent Vulnerability Let Attackers Inject Malicious Code
<html><body><p>A significant vulnerability in the FireEye Endpoint Detection and Response (EDR) agent that could allow attackers to inject malicious code and render critical security protections ineffective. The vulnerab