ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Zero-Day-Lücke betrifft 235 Qualcomm-Chipsets
Google hat eine gefährliche Sicherheitslücke in einer Open-Source-Komponente von Qualcomm gemeldet, die in Android-Geräten verwendet wird und bereits aktiv ausgenutzt wird.
Hackers Allegedly Selling Exploit for Windows Remote Desktop Services 0-Day Flaw
A threat actor is allegedly selling a zero-day exploit for a Windows Remote Desktop Services privilege escalation vulnerability, tracked as CVE-2026-21533, for a staggering $220,000 on a dark web forum. This highly price
PoC Exploit Released Cisco SD-WAN 0-Day Vulnerability Exploited in the Wild
A public proof-of-concept (PoC) exploit has been released for CVE-2026-20127, a maximum-severity zero-day vulnerability in Cisco Catalyst SD-WAN Controller and SD-WAN Manager that has been actively exploited in the wild
Android Update Patches Exploited Qualcomm Zero-Day
An integer overflow or wraparound in the Qualcomm graphics component, the bug leads to memory corruption. The post Android Update Patches Exploited Qualcomm Zero-Day appeared first on SecurityWeek.
Android gets patches for Qualcomm zero-day exploited in attacks
Google has released security updates to patch 129 Android security vulnerabilities, including an actively exploited zero-day flaw in a Qualcomm display component. [...]
Chinesische Hacker missbrauchen Dell-Sicherheitslücke seit 2024
Bereits seit 2024 nutzen chinesische Hacker eine maximal kritische Zero-Day-Sicherheitslücke in Dell RecoverPoint for Virtual Machines aus. Diese ermöglicht Angreifern unbefugten Zugriff mit Root-Rechten. Nutzer sollten
MSHTML Framework 0-Day Exploited by APT28 Hackers Before Feb 2026’s Patch Tuesday Update
A zero-day vulnerability in the Microsoft HTML (MSHTML) framework was actively exploited in the wild. The vulnerability, tracked as CVE-2026-21513, allows attackers to bypass security features and execute arbitrary files
Russia-linked APT28 exploited MSHTML zero-day CVE-2026-21513 before patch
Russia-linked APT28 reportedly exploited MSHTML zero-day CVE-2026-21513 before Microsoft patched it, a high-severity bypass flaw. Akamai reports that Russia-linked APT28 may have exploited CVE-2026-21513 CVSS score of 8.
CISA Warns of RESURGE Malware Exploiting 0-Days to Breach Ivanti Connect Secure Devices
A newly discovered malware variant named RESURGE is actively targeting Ivanti Connect Secure devices by exploiting a critical zero-day vulnerability, prompting the U.S. Cybersecurity and Infrastructure Security Agency (C
CISA warns that RESURGE malware can be dormant on Ivanti devices
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released new details about RESURGE, a malicious implant used in zero-day attacks exploiting CVE-2025-0282 to breach Ivanti Connect Secure devices. [...
Hackers abused Cisco SD-WAN zero-day since 2023 to gain full admin control
Cisco SD-WAN vulnerability CVE-2026-20127 has been exploited since 2023 to gain unauthenticated admin access. A critical Cisco SD-WAN vulnerability, tracked as CVE-2026-20127 (CVSS score of 10.0), has been actively explo
Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers
Already added to CISA’s KEV catalog, the flaw allows attackers to bypass authentication and gain administrative privileges. The post Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers appear
Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access
A newly disclosed maximum-severity security flaw in Cisco Catalyst SD-WAN Controller (formerly vSmart) and Catalyst SD-WAN Manager (formerly vManage) has come under active exploitation in the wild as part of malicious ac
7 Zero-Day-Schwachstellen in Open-Source-Lösung von Oracle
Oracle VirtualBox ist von sieben kritischen Zero-Day-Schwachstellen betroffen, darunter haben fünf ihren Ursprung im VMSVGA-Grafiktreiber. Diese Sicherheitslücken könnten es Angreifern ermöglichen, Berechtigungen z
Critical Cisco SD-WAN 0-Day Vulnerability Exploited Since 2023 to Gain Root Access
Cisco has disclosed a critical zero-day vulnerability in its Catalyst SD-WAN products that threat actors have exploited since 2023 to bypass authentication and achieve root access. Tracked as CVE-2026-20127, the flaw aff
Critical Cisco SD-WAN bug exploited in zero-day attacks since 2023
Cisco is warning that a critical authentication bypass vulnerability in Cisco Catalyst SD-WAN, tracked as CVE-2026-20127, was actively exploited in zero-day attacks that allowed remote attackers to compromise controllers
Google schützt Chrome mit Update vor aktiven Angriffen
Google hat eine kritische Zero-Day-Schwachstelle in Chrome behoben, die bereits aktiv von Angreifern ausgenutzt wird. Der Fehler ermöglicht das Ausführen schädlichen Codes durch manipulierte CSS-Inhalte. Nutzer sollten
PoC Exploit Released for Grandstream GXP1600 VoIP Phones RCE Vulnerability
A critical zero-day vulnerability, tracked as CVE-2026-2329, is affecting Grandstream’s GXP1600 series VoIP desk phones. The issue is an unauthenticated stack-based buffer overflow that can be exploited remotely to achie
PoC Released for Critical Chrome 0-day Vulnerability Exploited in the Wild
A public proof-of-concept exploit has been released for CVE-2026-2441, a critical use-after-free zero-day vulnerability in Google Chrome’s Blink CSS engine that Google confirmed is being actively exploited in the wild. S
16 Zero-Day Vulnerabilities in Popular PDF Platforms Enable Code Execution and Data Exfiltration
16 zero-day vulnerabilities, including critical OS Command Injection, DOM-based XSS, SSRF, and Path Traversal flaws across Apryse WebViewer (formerly PDFTron) and Foxit PDF cloud services, affecting millions of enterpris