ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
August 2025 Patch Tuesday fixes a Windows Kerberos Zero-Day
Microsoft Patch Tuesday security updates for August 2025 fixed 107 flaws, including a publicly disclosed Windows Kerberos zero-day. Microsoft Patch Tuesday security updates for August 2025 fixed 107 vulnerabilities in Wi
Dutch NCSC: Citrix NetScaler zero-day breaches critical orgs
Dutch NCSC warns CVE-2025-6543 Citrix bug, a memory overflow flaw, is being exploited to breach critical organizations in the Netherlands. The Dutch NCSC warns that the critical Citrix NetScaler flaw CVE-2025-6543 has be
Microsoft August 2025 Patch Tuesday fixes one zero-day, 107 flaws
Today is Microsoft's August 2025 Patch Tuesday, which includes security updates for 107 flaws, including one publicly disclosed zero-day vulnerability in Windows Kerberos. [...]
NCSC Warns of Citrix Netscaler Vulnerability CVE-2025-6543 Exploited to Breach Orgs
The Dutch National Cyber Security Centre (NCSC-NL) has issued an urgent warning about sophisticated cyberattacks targeting critical infrastructure through a zero-day vulnerability in Citrix NetScaler devices. The vulnera
Details emerge on WinRAR zero-day attacks that infected PCs with malware
Researchers have released a report detailing how a recent WinRAR path traversal vulnerability tracked as CVE-2025-8088 was exploited in zero-day attacks by the Russian 'RomCom' hacking group to drop different malware pay
WinRAR 0-Day in Phishing Attacks to Deploy RomCom Malware
A critical zero-day vulnerability has been identified in WinRAR that cybercriminals are actively exploiting through sophisticated phishing campaigns to distribute RomCom malware. The flaw, designated as CVE-2025-8088, r
Phishing attacks exploit WinRAR flaw CVE-2025-8088 to install RomCom
WinRAR flaw CVE-2025-8088, fixed in v7.13, was exploited as a zero-day in phishing attacks to install RomCom malware. The WinRAR flaw CVE-2025-8088, a directory traversal bug fixed in version 7.13, was exploited as a zer
BitUnlocker – Multiple 0-days to Bypass BitLocker and Extract All Protected Data
Researchers have disclosed a series of critical zero-day vulnerabilities that completely bypass Windows BitLocker encryption, allowing attackers with physical access to extract all protected data from encrypted devices i
WinRAR zero-day flaw exploited by RomCom hackers in phishing attacks
A recently fixed WinRAR vulnerability tracked as CVE-2025-8088 was exploited as a zero-day in phishing attacks to install the RomCom malware. [...]
SonicWall dismisses zero-day fears after Ransomware probe
SonicWall found no evidence of a new vulnerability after probing reports of a zero-day used in ransomware attacks. SonicWall investigated claims of a zero-day being used in ransomware attacks but found no evidence of any
SonicWall Confirms No New SSLVPN 0-Day – Ransomware Attack Linked to Old Vulnerability
Cybersecurity firm SonicWall has officially addressed recent concerns about a potential new zero-day vulnerability in its Secure Sockets Layer Virtual Private Network (SSLVPN) products. In a statement to Cybersecurity Ne
SonicWall finds no SSLVPN zero-day, links ransomware attacks to 2024 flaw
SonicWall says that recent Akira ransomware attacks exploiting Gen 7 firewalls with SSLVPN enabled are exploiting an older vulnerability rather than a zero-day flaw. [...]
HashiCorp Vault 0-Day Vulnerabilities Let Attackers Execute Remote Code
Security researchers uncovered a series of critical zero-day vulnerabilities in HashiCorp Vault in early August 2025, the widely adopted secrets management solution. These flaws, spanning authentication bypasses, policy
Sophisticated DevilsTongue Windows Spyware Tracking Users Globally
The emergence of DevilsTongue marks a significant escalation in mercenary spyware capabilities, leveraging advanced Windows-based techniques to infiltrate high-value targets worldwide. First observed in campaigns dating
Adobe AEM Forms 0-Day Vulnerability Let Attackers Execute Arbitrary Code
Adobe has released an urgent security update for Adobe Experience Manager Forms on Java Enterprise Edition (JEE) to address two critical zero-day vulnerabilities that could allow attackers to execute arbitrary code and p
Trend Micro warns of Apex One zero-day exploited in attacks
Trend Micro has warned customers to immediately secure their systems against an actively exploited remote code execution vulnerability in its Apex One endpoint security platform. [...]
Adobe issues emergency fixes for AEM Forms zero-days after PoCs released
Adobe released emergency updates for two zero-day flaws in Adobe Experience Manager (AEM) Forms on JEE after a PoC exploit chain was disclosed that can be used for unauthenticated, remote code execution on vulnerable ins
SonicWall investigates possible zero-day amid Akira ransomware surge
<html><body>SonicWall probes possible new zero-day after spike in Akira ransomware attacks on Gen 7 firewalls with SSLVPN enabled. SonicWall is investigating a potential new zero-day after a surge in Akira ransomware att
SonicWall VPNs Actively Exploited for 0-Day Vulnerability to Bypass MFA and Deploy Ransomware
<html><body><p>A likely zero-day vulnerability in SonicWall’s Secure Mobile Access (SMA) VPNs and firewall appliances is being actively exploited in the wild, enabling attackers to bypass multi-factor authentication (MFA
Threat Actors Exploitation Attempts Spikes as an Early Indicator of New Cyber Vulnerabilities
<html><body><p>Cybersecurity researchers have uncovered a groundbreaking pattern that could revolutionize how organizations prepare for emerging threats. A comprehensive analysis reveals that spikes in malicious attacker