ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Critical MobSF 0-Day Exposes Systems to Stored XSS & ZIP of Death Attacks
<html><body><p>The Mobile Security Framework (MobSF), a widely utilized tool, contains two critical zero-day vulnerabilities. These vulnerabilities, designated as CVE-2025-46335 and CVE-2025-46730, impact all versions of
Experts warn of a second wave of attacks targeting SAP NetWeaver bug CVE-2025-31324
<html><body><p>Threat actors launch second wave of attacks on SAP NetWeaver, exploiting webshells from a recent zero-day vulnerability. In April, ReliaQuest researchers warned that a zero-day vulnerability, tracked as CV
Android fixes 47 vulnerabilities, including one zero-day. Update as soon as you can!
<html><body><p>Google has patched 47 Android vulnerabilities in its May update, including an actively exploited FreeType vulnerability.</p></body></html>
Zero-day attacks on browsers and smartphones drop, says Google
<html><body><p>Cybercriminals are having less success targeting end-user technology with zero-day attacks, said Google's security team this week.</p></body></html>
Commvault Confirms 0-Day Exploit Allowed Hackers Access to Its Azure Environment
<html><body><p>Commvault, a leading provider of data protection solutions, has confirmed that a nation-state threat actor breached its Azure environment in February by exploiting a zero-day vulnerability. The company dis
CISA Warns SAP 0-day Vulnerability Exploited in the Wild
<html><body><p>CISA has added a critical SAP NetWeaver vulnerability to its Known Exploited Vulnerabilities (KEV) catalog on April 29, 2025. The zero-day flaw, tracked as CVE-2025-31324, carries a maximum CVSS score of
U.S. CISA adds SAP NetWeaver flaw to its Known Exploited Vulnerabilities catalog
<html><body><p>U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SAP NetWeaver flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added S
Google Warns of 75 Zero-Day Vulnerabilities Exploited in the Wild
<html><body><p>Google’s Threat Intelligence Group (GTIG) has revealed that 75 zero-day vulnerabilities were exploited in the wild during 2024, highlighting both evolving attacker tactics and shifting targets in the globa
Google Threat Intelligence Group (GTIG) tracked 75 actively exploited zero-day flaws in 2024
<html><body><p>Google tracked 75 zero-day flaws exploited in 2024, down from 98 in 2023, according to its Threat Intelligence Group’s latest analysis. In 2024, Google tracked 75 exploited zero-day vulnerabilities, down f
Google: 97 zero-days exploited in 2024, over 50% in spyware attacks
<html><body><p>Google's Threat Intelligence Group (GTIG) says attackers exploited 75 zero-day vulnerabilities in the wild last year, over 50% of which were linked to spyware attacks. [...]</p></body></html>
SAP NetWeaver 0-Day Vulnerability Exploited in the Wild to Deploy Webshells
<html><body><p>SAP released an emergency out-of-band patch addressing CVE-2025-31324, a critical zero-day vulnerability in SAP NetWeaver Visual Composer with the highest possible CVSS score of 10.0. This vulnerability s
Ransomware Defense Playbook for CISOs in 2025
<html><body><p>Ransomware has evolved into one of the most formidable threats to organizations worldwide, and 2025 marks a new era of both complexity and consequence. Attackers are no longer lone hackers but sophisticate
Attackers chained Craft CMS zero-days attacks in the wild
<html><body><p>Orange Cyberdefense’s CSIRT reported that threat actors exploited two vulnerabilities in Craft CMS to breach servers and steal data. Orange Cyberdefense’s CSIRT warns that threat actors chained two Craft C
400+ SAP NetWeaver Devices Vulnerable to 0-Day Attacks that Exploited in the Wild
<html><body><p>Security researchers have identified 454 SAP NetWeaver systems vulnerable to a critical zero-day vulnerability that has been actively exploited in the wild. The vulnerability, tracked as CVE-2025-31324, al
Craft CMS RCE exploit chain used in zero-day attacks to steal data
<html><body><p>Two vulnerabilities impacting Craft CMS were chained together in zero-day attacks to breach servers and steal data, with exploitation ongoing, according to CERT Orange Cyberdefense. [...]</p></body></html>
JPCERT warns of DslogdRAT malware deployed in Ivanti Connect Secure
<html><body><p>Researchers identified a new malware, named DslogdRAT, deployed after exploiting a now-patched flaw in Ivanti Connect Secure (ICS). JPCERT/CC researchers reported that a new malware, dubbed DslogdRAT, and
SAP NetWeaver zero-day allegedly exploited by an initial access broker
<html><body><p>A zero-day in SAP NetWeaver is potentially being exploited, putting thousands of internet-facing applications at risk. Researchers warn that a zero-day vulnerability, tracked as CVE-2025-31324 (CVSS score
SAP fixes suspected Netweaver zero-day exploited in attacks
<html><body><p>SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw actively exploited to hijack servers. [...]</p></body></html>
Hackers Exploited Ivanti Connect Secure 0-Day to Install DslogdRAT & Web Shell
<html><body><p>Recent attacks against Japanese organizations have revealed sophisticated hackers exploiting a zero-day vulnerability in Ivanti Connect Secure VPN appliances. The attacks, occurring around December 2024, l
Threat Actors Turn More Sophisticated & Exploiting Zero-Day Vulnerabilities – Google Warns
<html><body><p>Cybersecurity defenders face increasingly sophisticated adversaries as threat actors continue evolving their methods to circumvent modern defense systems. According to the newly released M-Trends 2025 repo