ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
33,000 Employee Records Leaked from Tech Service Provider Without Authentication
<html><body><p>A major data security incident has been uncovered where sensitive information of over 33,000 employees was exposed due to unsecured API endpoints. CloudSEK’s BeVigil security platform discovered that a pr
Agent Tesla Malware Employs Multi-Stage Attacks Using PowerShell Scripts
<html><body><p>Security researchers have identified a sophisticated malware campaign utilizing Agent Tesla variants delivered through elaborate multi-stage attack sequences. The malware operation, discovered in mid-April
CISA Warns of SonicWall Command Injection Vulnerability Exploited in Wild
<html><body><p>The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical SonicWall vulnerability that is actively being exploited by threat actors. On April 16, 2025, CI
Cisco Webex Vulnerability Allows Code Execution via Weaponized Meeting Links
<html><body><p>A critical vulnerability in Cisco Webex App that could allow attackers to execute malicious code on target systems through specially crafted meeting invitation links. The high-severity flaw, tracked as CV
2 Apple Iphone Zero-Day Vulnerabilities Actively Exploited in Extremely Sophisticated Attacks
<html><body><p>Apple has released iOS 18.4.1 and iPadOS 18.4.1 to address two critical zero-day vulnerabilities that were actively exploited in highly targeted, sophisticated attacks against specific individuals iPhone.
New Windows TaskManager Vulnerabilities Allows Command Execution as SYSTEM User
<html><body><p>Critical Windows TaskManager involving schtasks.exe binary, which could enable malicious actors to execute commands with SYSTEM-level privileges, bypassing User Account Control (UAC) prompts and erasing au
The Psychology of Social Engineering – What Security Leaders Should Know
<html><body><p>Social engineering remains one of the most persistent threats to organizational security because it targets human psychology rather than technological vulnerabilities. Unlike conventional cyber threats tha
Hackers Exploiting NTLM Spoofing Vulnerability in Wild to Compromise Systems
<html><body><p>Cybercriminals have been actively exploiting a critical vulnerability in Windows systems, identified as CVE-2025-24054. This vulnerability leverages NTLM hash disclosure through spoofing techniques. This v
Dell Alienware Command Center Vulnerability Let Attackers Escalate Privileges
<html><body><p>Dell Technologies has released a critical security update to address a significant vulnerability in its Alienware Command Center software that could allow attackers to gain elevated privileges on affected
CISA extends funding to ensure 'no lapse in critical CVE services'
<html><body><p>CISA says the U.S. government has extended funding to ensure no continuity issues with the critical Common Vulnerabilities and Exposures (CVE) program. [...]</p></body></html>
Hacktivist Turns More Sophisticated Targeting Critical Infrastructure to Deploy Ransomware
<html><body><p>Hacktivist groups are rapidly evolving beyond their traditional tactics of DDoS attacks and website defacements into far more sophisticated operations targeting critical infrastructure and deploying ransom
New Threats Every CISO Should Watch in 2025
<html><body><p>As we move deeper into 2025, new threats for CISOs are emerging in an increasingly sophisticated landscape, requiring heightened vigilance and strategic preparation. The convergence of advanced technologie
Oracle Security Update – Patch for 378 Vulnerabilities Including Remote Exploits
<html><body><p>Oracle released its April 2025 Critical Patch Update (CPU), addressing 378 new security vulnerabilities across its extensive product portfolio. The quarterly security update, announced on Wednesday, contai
Chinese UNC5174 Actors Added New Open Source Tool & C2 Infrastructure to Their Arsenal
<html><body><p>Cybersecurity researchers have uncovered a significant evolution in the tactics of the Chinese threat group UNC5174, which has incorporated a new open-source tool and command-and-control (C2) infrastructur
Why Threat Intelligence is Crucial for Modern Cyber Defense
<html><body><p>As cyberattacks become more sophisticated and frequent, organizations face unprecedented risks to their digital assets, reputations, and operational continuity. Cybercrime costs are rising rapidly, undersc
MITRE warns that funding for critical CVE program expires today
<html><body><p>MITRE Vice President Yosry Barsoum has warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs expires today, which could lead
Windows 11 Escalation Vulnerability Let Attackers Gain Admin Access Within 300 Milliseconds
<html><body><p>A critical vulnerability in Windows 11 allowed attackers to escalate from a low-privileged user to full system administrator rights in just 300 milliseconds. The vulnerability, tracked as CVE-2025-24076,
Funding Expires for Key Cyber Vulnerability Database
<html><body><p>A critical resource that cybersecurity professionals worldwide rely on to identify, mitigate and fix security vulnerabilities in software and hardware is in danger of breaking down. The federally funded, n
Critical Chrome Vulnerability Let Attackers Steal Data & Gain Unauthorized Access
<html><body><p>Google has issued an urgent security update for its Chrome browser after two critical vulnerabilities were discovered. These vulnerabilities could allow attackers to steal sensitive data and gain unauthori
MITRE’s Support for CVE Program Set to Expire! – Internal Letter Leaked Online
<html><body><p>A letter from MITRE, dated April 15, 2025, has leaked online claimed to be revealed from a reliable source that the organization’s contract to support the Common Vulnerabilities and Exposures (CVE) program