ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Akira Ransomware targets SonicWall VPNs in likely zero-day attacks
<html><body>Akira ransomware targets fully patched SonicWall VPNs in suspected zero-day attacks, with multiple intrusions seen in late July 2025. Arctic Wolf Labs researchers reported that Akira ransomware is exploiting
SonicWall Firewall Devices 0-day Vulnerability Actively Exploited by Akira Ransomware
<html><body><p>A suspected zero-day vulnerability in SonicWall firewall devices that the Akira ransomware group is actively exploiting. The flaw allows attackers to gain initial access to corporate networks through Sonic
The blind spot: digital supply chain is now a board-level imperative
<html><body><p>Many organisations still lack visibility into their <a href="https://www.techtarget.com/searcherp/definition/digital-supply-chain">digital supply chains</a>, leaving serious vulnerabiliti
Attackers actively exploit critical zero-day in Alone WordPress Theme
<html><body>Hackers exploit a critical vulnerability, tracked as CVE-2025-5394 (CVSS score of 9.8), in the Alone WordPress theme to hijack sites. Threat actors are actively exploiting a critical flaw, tracked as CVE-2025
17K+ SharePoint Servers Exposed to Internet – 840 Servers Vulnerable to 0-Day Attacks
<html><body><p>A massive exposure of Microsoft SharePoint servers to internet-based attacks has been identified, with over 17,000 servers exposed and 840 specifically vulnerable to the critical zero-day vulnerability CVE
Microsoft SharePoint Server 0-Day Hack Hits African Treasury, Companies, and University
<html><body><p>A sophisticated cyberattack exploiting a zero-day vulnerability in Microsoft SharePoint servers has compromised over 400 entities globally, with significant impact across African nations including South Af
Critical CrushFTP 0-Day RCE Vulnerability Technical Details and PoC Released
<html><body><p>A significant zero-day vulnerability in CrushFTP has been disclosed, allowing unauthenticated attackers to achieve complete remote code execution on vulnerable servers. The flaw, tracked as CVE-2025-54309
Apple fixed a zero-day exploited in attacks against Google Chrome users
<html><body>Apple addressed a high-severity vulnerability that has been exploited in zero-day attacks targeting Google Chrome users. Apple released security updates to address a high-severity vulnerability, tracked as CV
Apple patches security flaw exploited in Chrome zero-day attacks
<html><body>Apple has released security updates to address a high-severity vulnerability that has been exploited in zero-day attacks targeting Google Chrome users. [...]</body></html>
Apple pushes almost 30 security fixes in mobile update
<html><body><p><a href="https://www.apple.com/" target="_blank" rel="noopener">Apple</a> has released more than 20 vulnerability fixes for its mobile device ecosystem in a new round of updates to the tw
Chinese Hackers Weaponizes Software Vulnerabilities to Compromise Their Targets
<html><body><p>Over the past year, a previously quiet Chinese threat cluster has surged onto incident-response dashboards worldwide, pivoting from single zero-day hits to an industrialized pipeline of weaponized vulnerab
Lovense sex toy app flaw leaks private user email addresses
<html><body>The connected sex toy platform Lovense is vulnerable to a zero-day flaw that allows an attacker to get access to a member's email address simply by knowing their username, putting them at risk of doxxing and
UNC3886 Hackers Exploiting 0-Days in VMware vCenter/ESXi, Fortinet FortiOS, and Junos OS
<html><body><p>Singapore’s critical infrastructure is under siege from UNC3886, a sophisticated China-linked advanced persistent threat (APT) group. As of July 2025, the group has been actively targeting essential servic
New “ToolShell” Exploit Chain Attacking SharePoint Servers to Gain Complete Control
<html><body><p>A critical new threat targeting Microsoft SharePoint servers through a sophisticated exploit chain dubbed “ToolShell.” This multi-stage attack combines previously patched vulnerabilities with fresh zero-da
SharePoint users hit by Warlock ransomware, says Microsoft
<html><body><p>Multiple organisations have now been hit by Warlock ransomware deployed on their systems via the dangerous ToolShell vulnerability chain in <a href="https://www.computerweekly.com/news/366627866/P
Microsoft: SharePoint servers also targeted in ransomware attacks
<html><body>A China-based hacking group is deploying Warlock ransomware on Microsoft SharePoint servers vulnerable to widespread attacks targeting the recently patched ToolShell zero-day exploit chain. [...]</body></html
U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog
<html><body>U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CrushFTP, Google Chromium, and
U.S. CISA urges FCEB agencies to fix two Microsoft SharePoint flaws immediately and added them to its Known Exploited Vulnerabilities catalog
<html><body>U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds two Microsoft SharePoint flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA
US nuclear weapons agency hacked in Microsoft SharePoint attacks
<html><body>Unknown threat actors have breached the National Nuclear Security Administration's network in attacks exploiting a recently patched Microsoft SharePoint zero-day vulnerability chain. [...]</body></html>
US nuclear weapons agency reportedly hacked in SharePoint attacks
<html><body>Unknown threat actors have reportedly breached the National Nuclear Security Administration's (NNSA) network in attacks exploiting a recently patched Microsoft SharePoint zero-day vulnerability chain. [...]</