ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Multiple Apache OpenOffice Vulnerabilities Leads to Memory Corruption and Unauthorized Content Loading
Apache OpenOffice has released version 4.1.16, addressing seven critical security vulnerabilities that enable unauthorized remote document loading and memory corruption attacks. These flaws represent a significant securi
GitHub Copilot and Visual Studio Vulnerabilities Allow Attacker to Bypass Security Feature
Microsoft has disclosed two critical security vulnerabilities in GitHub Copilot and Visual Studio that could allow attackers to bypass essential security features. Both vulnerabilities were released on November 11, 2025,
Australia’s spy chief warns of China-linked threats to critical infrastructure
Australia’s spy chief warns China-linked actors are probing critical infrastructure and preparing for cyber sabotage and espionage. Australia’s intelligence chief Mike Burgess warned that China-linked threat actors are p
New UK laws to strengthen critical infrastructure cyber defenses
The United Kingdom has introduced new legislation to boost cybersecurity defenses for hospitals, energy systems, water supplies, and transport networks against cyberattacks, linked to annual damages of nearly £15 billion
Hackers exploited Citrix, Cisco ISE flaws in zero-day attacks
An advanced threat actor exploited the critical vulnerabilities "Citrix Bleed 2" (CVE-2025-5777) in NetScaler ADC and Gateway, and CVE-2025-20337 affecting Cisco Identity Service Engine (ISE) as zero-days to deploy custo
APT-C-08 Hackers Exploiting WinRAR Vulnerability to Attack Government Organizations
The advanced persistent threat group APT-C-08, also known as Manlinghua or BITTER, has launched a sophisticated campaign targeting government organizations across South Asia by exploiting a critical directory traversal v
Microsoft Investigating Teams Issue that Disables Users from Opening Apps
Microsoft has confirmed it is investigating a significant issue affecting Microsoft Teams for Education, which is particularly impacting users’ ability to access critical features such as assignments and grades. The prob
Active Directory Under Siege: Why Critical Infrastructure Needs Stronger Security
Active Directory remains the authentication backbone for over 90% of Fortune 1000 companies. AD's importance has grown as companies adopt hybrid and cloud infrastructure, but so has its complexity. Every application, use
Microsoft Fixes 63 Security Flaws, Including a Windows Kernel Zero-Day Under Active Attack
Microsoft on Tuesday released patches for 63 new security vulnerabilities identified in its software, including one that has come under active exploitation in the wild. Of the 63 flaws, four are rated Critical and 59 are
Tor Browser 15.0.1 Released With Fix for Multiple Security Vulnerabilities
Tor Browser 15.0.1 is now available for download, bringing essential security patches and bug fixes to users across all platforms. The latest release includes critical security updates from Firefox 140.5.0esr, addressing
Synology patches critical BeeStation RCE flaw shown at Pwn2Own Ireland 2025
Synology fixed a critical BeeStation RCE flaw (CVE-2025-12686) shown at Pwn2Own, caused by unchecked buffer input allowing code execution. Synology patched a critical remote code execution (RCE) flaw, tracked as CVE-2025
Synology fixes BeeStation zero-days demoed at Pwn2Own Ireland
Synology has addressed a critical-severity remote code execution (RCE) vulnerability in BeeStation products that was demonstrated at the recent Pwn2Own hacking competition. [...]
SAP fixed a maximum severity flaw in SQL Anywhere Monitor
SAP fixed 19 security issues, including a critical flaw in SQL Anywhere Monitor with hardcoded credentials that could enable remote code execution. SAP addressed 19 security vulnerabilities, including a critical flaw in
Hackers abuse Triofox antivirus feature to deploy remote access tools
Hackers exploited a critical vulnerability and the built-in antivirus feature in Gladinet's Triofox file-sharing and remote-access platform to achieve remote code execution with SYSTEM privileges. [...]
SAP fixes hardcoded credentials flaw in SQL Anywhere Monitor
SAP has released its November security updates that address multiple security vulnerabilities, including a maximum severity flaw in the non-GUI variant of the SQL Anywhere Monitor and a critical code injection issue in t
Critical Triofox Vulnerability Exploited in the Wild
A threat actor has exploited the issue to create a new administrator account and then used the account to execute remote access tools. The post Critical Triofox Vulnerability Exploited in the Wild appeared first on Secur
Patch now: Samsung zero-day lets attackers take over your phone
A critical vulnerability that affects Samsung mobile devices was exploited in the wild to distribute LANDFALL spyware.
Synology BeeStation 0-Day Vulnerability Let Remote Attackers Execute Arbitrary Code
Synology has released an urgent security update addressing a critical remote code execution vulnerability in BeeStation OS that allows unauthenticated attackers to execute arbitrary code on affected devices. The vulnerab
Weaponized NuGet Packages Inject Time-Delayed Destructive Payloads to Attack ICS Systems
A sophisticated supply chain attack has emerged, targeting industrial control systems through compromised .NET packages. The threat landscape shifted on November 5, 2025, when researchers identified nine malicious NuGet
SAP Patches Critical Flaws in SQL Anywhere Monitor, Solution Manager
Hardcoded credentials in SQL Anywhere Monitor could allow attackers to execute arbitrary code on vulnerable deployments. The post SAP Patches Critical Flaws in SQL Anywhere Monitor, Solution Manager appeared first on Sec