ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Kimusky Hackers Exploiting RDP & MS Office Vulnerabilities in Targeted Attacks
<html><body><p>A sophisticated Advanced Persistent Threat (APT) operation named Larva-24005, linked to the notorious Kimsuky threat group, has been discovered actively exploiting critical vulnerabilities in Remote Deskto
GitHub Enterprise Server Vulnerabilities Allows Arbitrary Code Execution
<html><body><p>GitHub has issued urgent security updates for its Enterprise Server product after discovering multiple high-severity vulnerabilities, including a critical flaw (CVE-2025-3509) that allows attackers to exec
Cyber Security News Letter: Key Updates on Attacks, Vulnerabilities, & Data Breaches
<html><body><p>Welcome to this week’s Cybersecurity Newsletter, where we provide the latest updates and critical insights from the swiftly changing realm of cybersecurity.This edition focuses on new threats and the evolv
Public exploits released for critical Erlang/OTP SSH flaw, patch now
<html><body><p>Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing unauthenticated attackers to remotely execute code on impacted devices. [...]</p></body></h
Hackers Actively Exploiting Critical Exchange & SharePoint Server Vulnerabilities
<html><body><p>Microsoft has warned organizations worldwide that threat actors are ramping up their exploitation of critical vulnerabilities in on-premises Exchange Server and SharePoint Server. These attacks, observed i
Detecting And Responding To New Nation-State Persistence Techniques
<html><body><p>Nation-state cyber threats have evolved dramatically over the past decade, with attackers employing increasingly sophisticated persistence techniques to maintain long-term access within targeted environmen
ASUS warns of critical auth bypass flaw in routers using AiCloud
<html><body><p>ASUS is warning about an authentication bypass vulnerability in routers with AiCloud enabled that could allow remote attackers to perform unauthorized execution of functions on the device. [...]</p></body>
Linux Kernel Vulnerability Let Attackers Escalate Privilege – PoC Released
<html><body><p>A newly discovered vulnerability, CVE-2024-53141, in the Linux kernel’s IP sets framework has exposed a critical security flaw that allows local attackers to escalate privileges and potentially gain root a
Global Zoom Outage Caused by Server Block Imposed from GoDaddy Registry
<html><body><p>On April 16, 2025, millions of users worldwide found themselves unable to access Zoom, the widely used video conferencing platform, due to a critical outage that lasted nearly two hours. The disruption, wh
How to Use Passive DNS To Trace Hackers Command And Control Infrastructure
<html><body><p>Passive DNS has emerged as a critical tool for cybersecurity professionals seeking to identify and track malicious command and control (C2) infrastructure. By creating a historical record of DNS activities
Researchers Uncovered The Stealthy StrelaStealer Malware Tactics, Techniques, and Procedures
<html><body><p>This malicious software specifically targets email credentials from popular clients such as Microsoft Outlook and Mozilla Thunderbird, creating significant security risks for organizations worldwide. The m
Web Server Hardening Best Practices For Organizations Across Industries
<html><body><p>Web server hardening is a critical security process that reduces an organization’s attack surface and helps defend against ransomware, malware, and other cyberthreats. In today’s threat landscape, web serv
U.S DOGE Allegedly Hacked – Fed Whistleblower Leaked Most Disturbing Documents
<html><body><p>A federal whistleblower “Daniel Berulis”, A senior DevSecOps architect has allegedly sent a affidavit document of a U.S DOGE significant data breach at the National Labor Relations Board (NLRB), claiming t
CISA Warns of Multiple Apple 0-day Vulnerabilities Actively Exploited in Attacks
<html><body><p>The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding multiple Apple 0-day vulnerabilities currently being actively exploited in targeted attacks. These critic
PoC Exploit Released for Erlang/OTP SSH Remote Code Execution Vulnerability
<html><body><p>A critical remote code execution vulnerability in Erlang/OTP’s SSH implementation has security teams scrambling to patch affected systems after researchers confirmed the development of a proof-of-concept e
Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now
<html><body><p>A critical vulnerability in the Erlang/OTP SSH, tracked as CVE-2025-32433, has been disclosed that allows for unauthenticated remote code execution on vulnerable devices. [...]</p></body></html>
CrazyHunter Hacker Group Using Open-Source Tools from GitHub to Attack Organizations
<html><body><p>A sophisticated ransomware group known as CrazyHunter has emerged as a significant threat to organizations, particularly those in Taiwan’s critical infrastructure sectors. This newly identified threat acto
43% Top 100 Enterprise-Used Mobile Apps Opens Door for Hackers to Access Sensitive Data
<html><body><p>A recent comprehensive security audit has revealed that 43% of the top 100 mobile applications used in enterprise environments contain critical vulnerabilities that could allow malicious actors to access s
Critical Erlang/OTP SSH Vulnerability Allows Unauthenticated Remote Code Execution
<html><body><p>A critical vulnerability in the Erlang/Open Telecom Platform (OTP) SSH implementation that allows attackers to execute arbitrary code without authentication. The flaw, tracked as CVE-2025-32433, has been
Critical PHP’s extract() Function Vulnerability Allows Arbitrary Code Execution
<html><body><p>A critical vulnerability in PHP’s extract() function enables attackers to trigger memory corruption that can lead to arbitrary native code execution across multiple PHP versions. The vulnerability stems f