ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Microsoft Patch Tuesday security updates for May 2025 fixed 5 actively exploited zero-days
<html><body><p>Microsoft Patch Tuesday security updates for May 2025 addressed 75 security flaws across multiple products, including five zero-day flaws. Microsoft Patch Tuesday security updates addressed 75 security vul
Fortinet fixed actively exploited FortiVoice zero-day
<html><body><p>Fortinet fixed a critical remote code execution zero-day vulnerability actively exploited in attacks targeting FortiVoice enterprise phone systems. Fortinet released security updates to address a critical
SAP patches second zero-day flaw exploited in recent attacks
<html><body><p>SAP has released patches to address a second vulnerability exploited in recent attacks targeting SAP NetWeaver servers as a zero-day. [...]</p></body></html>
Windows DWM 0-Day Vulnerability Allows Attackers to Escalate Privileges
<html><body><p>Microsoft has patched a critical zero-day vulnerability in the Windows Desktop Window Manager (DWM) Core Library, tracked as CVE-2025-30400, which was actively exploited in the wild to grant attackers SYST
Windows Ancillary for WinSock 0-Day Vulnerability Let Attackers Escalate Privileges
<html><body><p>Microsoft has patched an actively exploited zero-day vulnerability in the Windows Ancillary Function Driver for WinSock (afd.sys) as part of its May 2025 Patch Tuesday release. Tracked as CVE-2025-32709, t
Ivanti fixes EPMM zero-days chained in code execution attacks
<html><body><p>Ivanti warned customers today to patch their Ivanti Endpoint Manager Mobile (EPMM) software against two security vulnerabilities chained in attacks to gain remote code execution. [...]</p></body></html>
Microsoft Patch Tuesday May 2025: 72 Vulnerabilities Fixed, Including 5 Actively Exploited Zero-Day
<html><body><p>Microsoft has released its Patch Tuesday updates for May 2025, addressing a total of 78 vulnerabilities across its product ecosystem, with five identified as actively exploited zero-day flaws. The updates
Microsoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flaws
<html><body><p>Today is Microsoft's May 2025 Patch Tuesday, which includes security updates for 72 flaws, including five actively exploited and two publicly disclosed zero-day vulnerabilities. [...]</p></body></html>
Fortinet fixes critical zero-day exploited in FortiVoice attacks
<html><body><p>Fortinet released security updates to patch a critical remote code execution vulnerability exploited as a zero-day in attacks targeting FortiVoice enterprise phone systems. [...]</p></body></html>
May Patch Tuesday brings five exploited zero-days to fix
<html><body><p>Microsoft fixes five exploited, and two publicly-disclosed, zero-days in the fifth Patch Tuesday update of 2025.</p></body></html>
APT group exploited Output Messenger Zero-Day to target Kurdish military operating in Iraq
<html><body><p>A Türkiye-linked group used an Output Messenger zero-day to spy on Kurdish military targets in Iraq, collecting user data since April 2024. Since April 2024, the threat actor Marbled Dust (aka Sea Turtle,
SAP May 2025 Patch Tuesday – Patch for Actively Exploited 0-day & 15 Vulnerabilities
<html><body><p>SAP’s May 2025 Security Patch Day includes an urgent update to the previously released emergency patch for a critical zero-day vulnerability (CVE-2025-31324) that continues to see active exploitation acros
Hackers Exploiting Output Messenger 0-Day Vulnerability to Deploy Malicious Payloads
<html><body><p>Microsoft Threat Intelligence has identified a sophisticated cyber espionage campaign targeting Kurdish military entities in Iraq. The threat actor, known as Marbled Dust, has been exploiting a zero-day vu
Output Messenger flaw exploited as zero-day in espionage attacks
<html><body><p>A Türkiye-backed cyberespionage group exploited a zero-day vulnerability to attack Output Messenger users linked to the Kurdish military in Iraq. [...]</p></body></html>
Marbled Dust leverages zero-day in Output Messenger for regional espionage
<html><body><p>Since April 2024, the threat actor that Microsoft Threat Intelligence tracks as Marbled Dust has been observed exploiting user accounts that have not applied fixes to a zero-day vulnerability (CVE-2025-279
SAP NetWeaver Vulnerability Exploited in Wild by Chinese Hackers
<html><body><p>A critical vulnerability in SAP NetWeaver Application Server has become the latest target for Chinese state-sponsored threat actors, with researchers confirming active exploitation in the wild. The zero-da
SonicWall fixed SMA 100 flaws that could be chained to execute arbitrary code
<html><body><p>SonicWall addressed three SMA 100 flaws, including a potential zero-day, that could allow remote code execution if chained. SonicWall patches three SMA 100 vulnerabilities (CVE-2025-32819, CVE-2025-32820,
Play ransomware affiliate leveraged zero-day to deploy malware
<html><body><p>The Play ransomware gang exploited a high-severity Windows Common Log File System flaw in zero-day attacks to deploy malware. The Play ransomware gang has exploited a Windows Common Log File System flaw, t
Play ransomware exploited Windows logging flaw in zero-day attacks
<html><body><p>The Play ransomware gang has exploited a high-severity Windows Common Log File System flaw in zero-day attacks to gain SYSTEM privileges and deploy malware on compromised systems. [...]</p></body></html>
Windows 0-Day Vulnerability Exploited in Wild to Deploy Play ransomware
<html><body><p>Threat actors linked to the Play ransomware operation exploited a zero-day vulnerability in Microsoft Windows prior to its patching on April 8, 2025. The vulnerability, tracked as CVE-2025-29824, affects t