ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Chinese cyber spies among those linked to SharePoint attacks
<html><body><p>An as-yet unnamed Chinese state threat actor appears to be among those exploiting <a href="https://www.computerweekly.com/news/366627866/Patch-ToolShell-SharePoint-zero-day-immediately-says-Micros
Microsoft Sharepoint ToolShell attacks linked to Chinese hackers
<html><body>Hackers with ties to the Chinese government have been linked to a recent wave of widespread attacks targeting a Microsoft SharePoint zero-day vulnerability chain. [...]</body></html>
CrushFTP zero-day actively exploited at least since July 18
<html><body>Hackers exploit CrushFTP zero-day, tracked as CVE-2025-54309, to gain admin access via HTTPS when DMZ proxy is off. Threat actors are exploiting a zero-day vulnerability, tracked as CVE-2025-54309 (CVSS score
Hacker nutzen Sicherheitslücke in Microsoft SharePoint-Servern
<html><body> <p>Microsoft warnt vor Zero-Day-Lücke in SharePoint. Behörden und Unternehmen sollten Server jetzt dringend überprüfen und absichern.</p></body></html>
Microsoft Fix Targets Attacks on SharePoint Zero-Day
<html><body>On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch comes amid r
Patch ToolShell SharePoint zero-day immediately, says Microsoft
<html><body><p>Organisations running on-premise instances of <a href="https://www.techtarget.com/searchcontentmanagement/definition/Microsoft-SharePoint-201" target="_blank" rel="noopener">Microsoft’s SharePo
U.S. CISA urges to immediately patch Microsoft SharePoint flaw adding it to its Known Exploited Vulnerabilities catalog
<html><body>U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft SharePoint flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) add
U.S. CISA urges to immediately patch Microsoft SharePoint flaw adding it to its Known Exploited Vulnerabilities catalog
<html><body>U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft SharePoint flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) add
Microsoft issues emergency patches for SharePoint zero-days exploited in “ToolShell” attacks
<html><body>Microsoft patched an exploited SharePoint flaw (CVE-2025-53770) and disclosed a new one, warning of ongoing attacks on on-prem servers. Microsoft released emergency SharePoint updates for two zero-day flaws,
SharePoint zero-day CVE-2025-53770 actively exploited in the wild
<html><body>Microsoft warns of ongoing active exploitation of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770. Microsoft warns of a SharePoint zero-day vulnerability, tracked as CVE-2025-53770 (CVSS score
Microsoft Released Emergency Security Update to Patch Critical SharePoint 0-Day Vulnerability
<html><body><p>Microsoft has issued an urgent security advisory addressing critical zero-day vulnerabilities in on-premises SharePoint Server that attackers are actively exploiting. The vulnerabilities, assigned as CVE-
Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks
<html><body>Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 that have compromised services worldwide in "ToolShell" attacks. [...
Singapore warns China-linked group UNC3886 targets its critical infrastructure
<html><body>Singapore says China-linked group UNC3886 targeted its critical infrastructure by hacking routers and security devices. Singapore accused China-linked APT group UNC3886 of targeting its critical infrastructur
Weekly Cybersecurity Newsletter: Chrome 0-Day, VMware Flaws Patched, Fortiweb Hack, Teams Abuse, and More
<html><body><p>It’s been a busy seven days for security alerts. Google is addressing another actively exploited zero-day in Chrome, and VMware has rolled out key patches for its own set of vulnerabilities. We’ll also bre
Microsoft SharePoint zero-day exploited in RCE attacks, no patch available
<html><body>A critical zero-day vulnerability in Microsoft SharePoint, tracked as CVE-2025-53770, has been actively exploited since at least July 18th, with no patch available and at least 85 servers already compromised
SQL Injection (SQLi)
<html><body><section class="section main-article-chapter" data-menu-title="Was ist eine SQL Injection (SQLi)?"> <h2 class="section-title"><i class="icon" data-icon="1"></i>Was ist eine SQL Inject
New CrushFTP 0-Day Vulnerability Exploited in the Wild to Gain Access to Servers
<html><body><p>A critical zero-day flaw in the CrushFTP managed file-transfer platform was confirmed after vendor and threat-intelligence sources confirmed active exploitation beginning on 18 July 2025 at 09:00 CST. Trac
New CrushFTP zero-day exploited in attacks to hijack servers
<html><body>CrushFTP is warning that threat actors are actively exploiting a zero-day vulnerability tracked as CVE-2025-54309, which allows attackers to gain administrative access via the web interface on vulnerable serv
CrushFTP zero-day exploited in attacks to gain admin access on servers
<html><body>CrushFTP is warning that threat actors are actively exploiting a zero-day vulnerability tracked as CVE-2025-54309, which allows attackers to gain administrative access via the web interface on vulnerable serv
VMware fixes four ESXi zero-day bugs exploited at Pwn2Own Berlin
<html><body><p>VMware fixed four vulnerabilities in VMware ESXi, Workstation, Fusion, and Tools that were exploited as zero-days during the Pwn2Own Berlin 2025 hacking contest in May 2025. [...]</p></body></html>