ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Microsoft Releases KB5089573 for Windows 11 to Fix Patch Tuesday Install Issues
Microsoft has rolled out a new cumulative update, KB5089573, for Windows 11 versions 25H2 and 24H2, targeting a critical installation failure that affected users following the May 2026 Patch Tuesday release. The update b
[Low] CVE-2026-4387 – StrongDM Desktop Application before 23.74.0 (Desktop Client before 53.77.0) on M...
Low CVE-2026-4387 StrongDM Desktop Application before 23.74.0 (Desktop Client before 53.77.0) on Microsoft Windows stores authentication state, including a JSON Web Token and asymmetric key material, in cleartext in a pe
Microsoft hits out over irresponsible vulnerability disclosure
<p><a href="https://www.microsoft.com/en-us/msrc/blog/2026/05/a-shared-responsibility-protecting-customers-through-coordinated-vulnerability-disclosure" target="_blank" rel="noopener">Microsoft has hit back</a> after a d
Microsoft Calls the Zero-Day Dumps Irresponsible. The Researcher Says Microsoft Started It.
A researcher dropped 6 Windows zero-days with no warning. Three are now exploited in the wild. Microsoft is angry. The researcher says Microsoft ignored them first. Over the past month, a researcher going by Chaotic Ecli
Google Chrome und Microsoft Edge: Mehrere Schwachstellen
In Google Chrome und Microsoft Edge existieren mehrere Schwachstellen. Ein Angreifer kann diese Schwachstellen ausnutzen, um Schadcode auszuführen, einen Programmabsturz zu verursachen oder andere, nicht näher beschriebe
MicrosoftSystem64 Malware Uses HuggingFace Datasets for Stealthy Data Exfiltration
A newly discovered malware called MicrosoftSystem64 has been quietly stealing data from infected computers by routing stolen files through HuggingFace, the popular AI platform used by researchers and developers worldwide
YellowKey-Exploit liest BitLocker-Volumes im Klartext aus
Der YellowKey-Exploit hebelt BitLocker über die Windows-Wiederherstellungsumgebung aus und ermöglicht Klartext-Zugriff auf verschlüsselte Laufwerke mit USB-Stick und Neustart. Microsoft führt die Lücke unter CVE-2026-4
Hackers Exploit Microsoft Teams’ Collaboration Features to Impersonate IT Helpdesk Staff
A growing wave of vishing (voice phishing) campaigns in which threat actors abuse Microsoft Teams’ external collaboration features to impersonate IT helpdesk personnel and investigators is now turning to the Microsoft 36
Sechs Zero-Days in sechs Wochen offengelegt: Microsoft reagiert mit Drohung
Microsoft hadert mit veröffentlichten Beweisen ungepatchter Sicherheitslücken. Der Konzern droht jetzt rechtliche Schritte an.
Resecurity Supports Microsoft DCU in Disrupting Fox Tempest ’s Cybercriminal Code-Signing Ecosystem
Microsoft and Resecurity disrupted Fox Tempest, a malware-signing service that used fake Microsoft certificates to make malware look legitimate. Resecurity supported Microsoft’s Digital Crimes Unit (DCU) in its disruptio
The Gentlemen ransomware: Dissecting a self-propagating Go encryptor
Microsoft Threat Intelligence presents a comprehensive analysis of The Gentlemen, a Go-based ransomware deployed by affiliates of Storm-2697 that combines per-file ephemeral key encryption with an aggressive self-propaga
Sicherheitsupdate: Veeam Backup & Replication unter Linux und Windows angreifbar
Schwachstellen gefährden Veeam Agent for Microsoft Windows und Veeam Software Appliance auf Linux-Servern.
Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal
Microsoft has come out strongly in favor of Coordinated Vulnerability Disclosure (CVD), urging the research community to share their findings and give affected vendors an opportunity to better understand the impact and a
Microsoft Warns Public Release of Zero-Day Details Before Vendor Coordination
Microsoft has issued a strong warning after multiple zero-day vulnerabilities were publicly disclosed without prior coordination, raising concerns about increased risk to users and enterprise environments. The company st
C# 16: Microsoft plant strengere Regeln für unsicheren Code
Microsoft überarbeitet das unsafe-Modell von C# nach dem Vorbild von Rust. Das Ziel: Weniger Speicherfehler und damit auch weniger Sicherheitslücken.
Microsoft patcht hochriskante SharePoint-Lücke
Microsoft schließt mit Updates für SharePoint-Server ein Sicherheitsleck. Die geschlossene Lücke erlaubt Einschmuggeln von Schadcode.
CVE-2026-46402 - Microsoft UFO uses untrusted task_name in log paths, allowing authenticated path traversal and log file creation outside the logs directory
CVE ID :CVE-2026-46402 Published : May 27, 2026, 11:16 p.m. | 1 hour, 53 minutes ago Description :Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, M
CVE-2026-46414 - Microsoft UFO WebSocket role spoofing allows authenticated peer task hijacking
CVE ID :CVE-2026-46414 Published : May 27, 2026, 11:16 p.m. | 1 hour, 53 minutes ago Description :Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, M
[High] CVE-2026-45108 – Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune...
High CVE-2026-45108 Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 2.0.0 to before 3.1.5 and 2.3.11, Himmelblau contained an authentication bypass vulnerability in the Device Author
CVE-2026-45108 - Himmelblau: Authentication Bypass via Cross-User Local Session Impersonation in Device Authorization Grant (DAG) Flow
CVE ID :CVE-2026-45108 Published : May 27, 2026, 8:16 p.m. | 53 minutes ago Description :Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 2.0.0 to before 3.1.5 and 2.3.11, Himme