ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
China-Nexus Hackers Exploiting VMware vCenter Environments to Deploy Web Shells and Malware Implants
A new sophisticated threat actor has emerged in the cybersecurity landscape, targeting critical infrastructure across the United States. The adversary, operating under the name WARP PANDA, has demonstrated remarkable tec
NVIDIA Triton Vulnerability Let Attackers Trigger DoS Attack Using Malicious Payload
Critical security updates have been released to fix two high-severity flaws in the Triton Inference Server that let attackers crash systems remotely from NVIDIA. Both flaws received a CVSS score of 7.5, indicating they a
Cloudflare Outage Hits Internet with 500 Internal Server Error
A major disruption swept across the internet today as Cloudflare, a critical backbone for millions of websites, reported widespread issues with its Dashboard and APIs, triggering 500 Internal Server Errors for users glob
Cacti Command Injection Vulnerability Let Attackers Execute Malicious Code Remotely
A critical command injection vulnerability in the open-source network monitoring tool Cacti allows authenticated attackers to execute arbitrary code remotely, potentially compromising the entire monitoring infrastructure
PoC Exploit Released for Critical React, Next.js RCE Vulnerability (CVE-2025-55182)
A proof-of-concept (PoC) exploit for CVE-2025-55182, a maximum-severity remote code execution (RCE) flaw in React Server Components, surfaced publicly this week, heightening alarms for developers worldwide. Dubbed “React
CVE-2025-66516 - Apache Tika core, Apache Tika parsers, Apache Tika PDF parser module: Update to CVE-2025-54988 to expand scope of artifacts affected
CVE ID : CVE-2025-66516 Published : Dec. 4, 2025, 4:17 p.m. | 31 minutes ago Description : Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers (1.13-1.28.5) modules on al
CISA Warns of OpenPLC ScadaBR File Upload Vulnerability Exploited in Attacks
Critical vulnerability has been added to CISA’s Known Exploited Vulnerabilities list, warning organizations about a dangerous file-upload flaw in OpenPLC ScadaBR systems. The vulnerability allows remote authenticated use
Critical React, Next.js flaw lets hackers execute code on servers
A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications. [...]
How strong password policies secure OT systems against cyber threats
OT environments rely on aging systems, shared accounts, and remote access, making weak or reused passwords a major attack vector. Specops Software explains how stronger password policies and continuous checks for comprom
Global Cyber Agencies Issue AI Security Guidance for Critical Infrastructure OT
The 25-page document outlines four principles for securely integrating AI with operational technology. The post Global Cyber Agencies Issue AI Security Guidance for Critical Infrastructure OT appeared first on SecurityWe
PickleScan 0-Day Vulnerabilities Enable Arbitrary Code Execution via Malicious PyTorch Models
Multiple critical zero‑day vulnerabilities in PickleScan, a popular open‑source tool used to scan machine learning models for malicious code. PickleScan is widely used in the AI world, including by Hugging Face, to check
Hackers Using Evilginx to Steal Session Cookies and Bypass Multi-Factor Authentication Tokens
A sophisticated phishing toolkit known as Evilginx is empowering attackers to execute advanced attacker-in-the-middle (AiTM) campaigns with alarming success. These attacks are engineered to steal temporary session cookie
React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability
A researcher has pointed out that only instances using a newer feature are impacted by CVE-2025-55182. The post React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability appeared first on SecurityWe
Hackers Actively Exploiting Worpress Plugin Vulnerability to Execute Remote Code
A critical remote code execution vulnerability in the Sneeit Framework WordPress plugin has come under active exploitation by threat actors, posing an immediate risk to thousands of websites worldwide. The vulnerability,
Vim for Windows Vulnerability Let Attackers Execute Arbitrary Code
A critical security vulnerability has been discovered in Vim for Windows that could allow attackers to execute malicious code on users’ computers. The vulnerability, identified as CVE-2025-66476, affects Vim versions bef
Akamai Patches HTTP Request Smuggling Vulnerability in Edge Servers
A critical HTTP request smuggling vulnerability in Akamai’s edge server infrastructure has been successfully fixed. The vulnerability, identified as CVE-2025-66373, stemmed from improper processing of HTTP requests conta
CISA Releases Five ICS Advisories Covering Vulnerabilities, and Exploits Surrounding ICS
The Cybersecurity and Infrastructure Security Agency released five critical Industrial Control Systems advisories on December 2, 2025, addressing significant security threats across industrial environments. These advisor
Critical React and Next.js Enables Remote Attackers to Execute Malicious Code
A critical security flaw in React and Next.js could let remote attackers run malicious code on servers without logging in. The issue affects React Server Components (RSC) and the “Flight” protocol used to send data betwe
King Addons flaw lets anyone become WordPress admin
Hackers are exploiting a King Addons flaw (CVE-2025-8489) that lets anyone register and instantly gain admin privileges on WordPress sites. Hackers are exploiting a critical vulnerability, tracked as CVE-2025-8489 (CVSS
Critical flaw in WordPress add-on for Elementor exploited in attacks
Attackers are exploiting a critical-severity privilege escalation vulnerability (CVE-2025-8489) in the King Addons for Elementor plugin for WordPress, which lets them obtain administrative permissions during the registra