ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Lies-in-the-Loop Attack Turns AI Safety Dialogs into Remote Code Execution Attack
A newly discovered attack technique has exposed a critical weakness in artificial intelligence code assistants by weaponizing their built-in safety features. The attack, known as Lies-in-the-Loop, manipulates the trust u
WatchGuard Patches Firebox Zero-Day Exploited in the Wild
The critical-severity bug in the Fireware OS’s iked process leads to unauthenticated remote code execution. The post WatchGuard Patches Firebox Zero-Day Exploited in the Wild appeared first on SecurityWeek.
Multiple Exim Server Vulnerabilities Let Attackers Seize Control of the Server
Security researchers at the National Institute of Standards and Technology (NIST) have uncovered critical security flaws in the Exim mail server. That could allow remote attackers to take complete control of vulnerable s
CVE-2025-68613
Currently trending CVE - Hype Score: 14 - n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, and 1.122.0 contain a critical Remote Code Execution (RCE) vulne
125,000 IPs WatchGuard Firebox Devices Exposed to Internet Vulnerable to 0-day RCE Attacks
The Shadowserver Foundation identified approximately 125,000 WatchGuard Firebox firewall devices worldwide at risk due to a critical vulnerability actively exploited. The flaw, tracked as CVE-2025-14733, enables unauthen
Critical RCE flaw impacts over 115,000 WatchGuard firewalls
Over 115,000 WatchGuard Firebox devices exposed online remain unpatched against a critical remote code execution (RCE) vulnerability actively exploited in attacks. [...]
CVE-2025-11544 - Sharp Display Solutions Projector Firmware Tampering Vulnerability
CVE ID : CVE-2025-11544 Published : Dec. 22, 2025, 6:15 a.m. | 39 minutes ago Description : Improper Validation of Integrity Check Value vulnerability in Sharp Display Solutions projectors allows a attacker may create
CVE-2025-12049 - Sharp Display Solutions Media Player MP-01 Authentication Bypass
CVE ID : CVE-2025-12049 Published : Dec. 22, 2025, 5:16 a.m. | 1 hour, 39 minutes ago Description : Missing Authentication for Critical Function vulnerability in Sharp Display Solutions Media Player MP-01 All Verisons
CVE-2025-11543 - Sharp Display Solutions Projector Firmware Tampering Vulnerability
CVE ID : CVE-2025-11543 Published : Dec. 22, 2025, 5:16 a.m. | 1 hour, 39 minutes ago Description : Improper Validation of Integrity Check Value vulnerability in Sharp Display Solutions projectors allows a attacker ma
CVE-2025-11541 - Sharp Display Solutions Projector Stack-Based Buffer Overflow Vulnerability
CVE ID : CVE-2025-11541 Published : Dec. 22, 2025, 5:16 a.m. | 1 hour, 39 minutes ago Description : Stack-based Buffer Overflow vulnerability in Sharp Display Solutions projectors allows a attacker may execute arbitra
CVE-2025-11540 - Sharp Display Solutions Projector Path Traversal Vulnerability
CVE ID : CVE-2025-11540 Published : Dec. 22, 2025, 5:16 a.m. | 1 hour, 39 minutes ago Description : Path Traversal vulnerability in Sharp Display Solutions projectors allows a attacker may access and read any files wi
100+ Cisco Secure Email Devices Exposed to Zero‑Day Exploited in the Wild
Security researchers have identified at least 120 Cisco Secure Email Gateway and Cisco Secure Email and Web Manager devices vulnerable to a critical zero-day flaw that attackers are actively exploiting in the wild. The v
Russia was behind a destructive cyber attack on a water utility in 2024, Denmark says
Denmark has blamed Russia for a destructive cyberattack on a water utility, calling it part of Moscow’s hybrid campaign against Western critical infrastructure. Denmark has accused Russia of orchestrating destructive cyb
CVE-2025-68613 - n8n Vulnerable to Remote Code Execution via Expression Injection
CVE ID : CVE-2025-68613 Published : Dec. 19, 2025, 11:15 p.m. | 1 hour, 36 minutes ago Description : n8n is an open source workflow automation platform. Versions starting with 0.211.0 and prior to 1.120.4, 1.121.1, an
Apache Log4j Vulnerability Allow Attackers to Intercept Sensitive Log Data
Apache Logging Services has disclosed a critical security vulnerability in Log4j Core that exposes applications to potential interception of log data. The flaw resides in the Socket Appender component. It affects version
CVE-2025-66580 - Dive has Cross-Site Scripting vulnerability that can escalate to Remote Code Execution
CVE ID : CVE-2025-66580 Published : Dec. 19, 2025, 5:15 p.m. | 1 hour, 36 minutes ago Description : Dive is an open-source MCP Host Desktop Application that enables integration with function-calling LLMs. A critical S
Over 25,000 FortiCloud SSO devices exposed to remote attacks
Internet security watchdog Shadowserver has found over 25,000 Fortinet devices exposed online with FortiCloud SSO enabled, amid ongoing attacks targeting a critical authentication bypass vulnerability. [...]
Iranian Nation-State APT Targeting Networks and Critical Infrastructure Organizations
Iranian state-sponsored threat actors, commonly tracked as “Prince of Persia,” have resurfaced with a sophisticated cyberespionage campaign targeting global critical infrastructure and private networks. Active since the
Ransomware Attack 2025 Recap – From Critical Data Extortion to Operational Disruption
The ransomware landscape in 2025 has reached new heights, evolving from a cybersecurity issue into a strategic threat to national security and global economic stability. This year saw a 34%-50% surge in attacks compared
Denmark blames Russia for destructive cyberattack on water utility
Danish intelligence officials blamed Russia for orchestrating cyberattacks against Denmark's critical infrastructure, as part of Moscow's hybrid attacks against Western nations. [...]