ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Microsoft 365 Outage – Admins are Unable to Access the Microsoft 365 Admin Center
<html><body><p>Microsoft 365 administrators faced significant challenges today as an ongoing outage prevented access to the Microsoft 365 Admin Center and the Exchange Admin Center (EAC). The issue, reported by the offic
Microsoft Disables ActiveX by Default in 365 to Block Malware Execution by Hackers
<html><body><p>Microsoft has taken a critical step to enhance security across its productivity suite by disabling ActiveX controls by default in Microsoft 365 applications. This significant security update, which began
Critical Apache Roller flaw allows to retain unauthorized access even after a password change
<html><body><p>A critical flaw (CVE-2025-24859, CVSS 10) in Apache Roller lets attackers keep access even after password changes. All versions ≤6.1.4 are affected. A critical vulnerability, tracked as CVE-2025-24859 (CVS
Securing Critical Infrastructure – Lessons From Recent Cyber Attacks
<html><body><p>As we move further into 2025, the cybersecurity landscape continues to evolve with alarming sophistication, particularly in attacks targeting critical infrastructure. The surge in cyberattacks on essential
Hertz Data Breach – Customer Personal Information Stolen by Hackers
<html><body><p>Hertz Corporation has confirmed a significant data breach affecting customers of its Hertz, Dollar, and Thrifty brands, where hackers exploited critical security vulnerabilities to access sensitive custome
100,000+ Installed WordPress Plugin Critical Vulnerability Exploited Within 4 Hours of Disclosure
<html><body><p>A severe vulnerability in the popular WordPress plugin SureTriggers has been actively exploited within just four hours of its public disclosure on April 10, 2025. The critical authentication bypass flaw a
Apache Roller Vulnerability Let Attackers Gain Unauthorized Access
<html><body><p>A critical security vulnerability in Apache Roller has been discovered, allowing attackers to maintain unauthorized access to blog systems even after password changes. The vulnerability, CVE-2025-24859, h
Gladinet flaw CVE-2025-30406 actively exploited in the wild
<html><body><p>Huntress reports active exploitation of Gladinet CVE-2025-30406 in the wild, affecting seven organizations and 120 endpoints. Security researchers at Huntress warn of attacks in the wild exploiting a criti
Third-Party Risk Management – How to Build a Strong TPRM Program
<html><body><p>In today’s interconnected business environment, organizations increasingly rely on third-party vendors, suppliers, and partners to deliver critical services and functions. While these relationships drive e
The Rise of Cyber Insurance – What CISOs Need to Consider
<html><body><p>As we move through 2025, Chief Information Security Officers (CISOs) face an increasingly complex threat landscape characterized by sophisticated ransomware attacks, evolving regulatory requirements, and e
How to Integrate Security into Agile Dev Teams
<html><body><p>In today’s rapidly evolving digital landscape, integrating security into agile development processes has become a critical imperative rather than a mere afterthought. The traditional approach of addressing
China Reportedly Admits Their Role in Cyber Attacks Against U.S. Infrastructure
<html><body><p>Chinese officials have implicitly acknowledged responsibility for a series of sophisticated cyber intrusions targeting critical U.S. infrastructure. During a high-level meeting in Geneva with American offi
Chinese Hackers Attacking Critical Infrastructure to Sabotage Networks
<html><body><p>In an alarming escalation of cyber threats, Chinese state-sponsored hackers have intensified their operations targeting critical infrastructure across the United States, Europe, and the Asia-Pacific region
69% of Critical & High Severity Vulnerabilities Not Patched by Organizations
<html><body><p>A recent report, the “2025 State of Pentesting Report,” highlights a troubling issue in cybersecurity. It reveals that organizations are only dealing with 69% of their most serious security weaknesses. Thi
Windows Server 2025 Restart Bug Breaks Connection with Active Directory Domain Controller
<html><body><p>Microsoft has warned IT administrators about a critical issue affecting Windows Server 2025 domain controllers. Following a system restart, these servers may fail to manage network traffic correctly, poten
CISOs Face Cyber Threats 2025 with Shrinking Budgets and High Demands
<html><body><p>Chief Information Security Officers (CISOs) find themselves at the intersection of escalating threats, tighter budgets, and rising expectations. This year marks a pivotal moment for CISOs as they adapt to
Chinese Hackers Exploit Ivanti VPN Vulnerabilities to Infiltrate Organizations
<html><body><p>A China-linked advanced persistent threat (APT) group has exploited critical vulnerabilities in Ivanti Connect Secure VPN appliances to infiltrate organizations across 12 countries and 20 industries, cyber
What’s the government up to with digital verification services? ‘ID’ like to know
<html><body><p>Is the government really looking to compete with the private sector for provision of digital identity? Such a move risks fundamentally undermining public trust in critical digital verification services</p>
Threat Actors Actively Attacking Semiconductor Companies With 0-Day Exploits
<html><body><p>In a concerning development for the global technology supply chain, sophisticated threat actors have launched a coordinated campaign exploiting previously unknown vulnerabilities in critical semiconductor
Stopping attacks against on-premises Exchange Server and SharePoint Server with AMSI
<html><body><p>Exchange Server and SharePoint Server are business-critical assets and considered crown-jewels for many organizations, making them attractive targets for attacks. To help customers protect their environmen