ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
October Sees Rise in Phishing and Ransomware Attacks, Including TyKit and Google Careers Scams
October 2025 marked a notable escalation in cyber threats, with phishing campaigns and ransomware variants exploiting trusted cloud services to target corporate credentials and critical infrastructure. Attackers increasi
AI Engine WordPress Plugin Exposes 100,000 WordPress Sites to Privilege Escalation Attacks
A critical security vulnerability in the AI Engine WordPress plugin has put more than 100,000 active installations at risk of privilege escalation attacks. The flaw, tracked as CVE-2025-11749 with a CVSS score of 9.8, al
Securing critical infrastructure: Why Europe’s risk-based regulations matter
Learn how CISOs can use new European Union legislation to strengthen their cybersecurity measures. The post Securing critical infrastructure: Why Europe’s risk-based regulations matter appeared first on Microsoft Secur
HackedGPT – 7 New Vulnerabilities in GPT-4o and GPT-5 Enables 0-Click Attacks
Seven critical vulnerabilities in OpenAI’s ChatGPT, affecting both GPT-4o and the newly released GPT-5 models, that could allow attackers to steal private user data through stealthy, zero-click exploits. These flaws expl
Guide to Choosing the Best Free Backup Software for Secure, Reliable Cloud Backup
Any individual heavily depends on data as their most critical asset: from memorable photos to important work documents, everything must be safeguarded properly. Why? Simply because you can never predict what might happen
Webinar Today: Scattered Spider Exposed – Critical Takeaways for Cyber Defenders
Get practical strategies to help minimize your risk exposure, including the need for identity threat detection and mitigation. The post Webinar Today: Scattered Spider Exposed – Critical Takeaways for Cyber Defenders app
Securing the Open Android Ecosystem with Samsung Knox
Raise your hand if you’ve heard the myth, “Android isn’t secure.” Android phones, such as the Samsung Galaxy, unlock new ways of working. But, as an IT admin, you may worry about the security—after all, work data is crit
Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover
The critical vulnerability allows attackers to read arbitrary emails, including password reset messages. The post Exploited ‘Post SMTP’ Plugin Flaw Exposes WordPress Sites to Takeover appeared first on SecurityWeek.
CISA Warns of Control Web Panel OS Command Injection Vulnerability Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding a dangerous OS command injection vulnerability affecting Control Web Panel (CWP), formerly known as CentOS Web Panel. Th
CISA Warns of CWP Vulnerability Exploited in the Wild
A critical vulnerability in Control Web Panel (CWP), tracked as CVE-2025-48703, allows remote, unauthenticated command execution. The post CISA Warns of CWP Vulnerability Exploited in the Wild appeared first on SecurityW
WordPress Post SMTP Plugin Vulnerability Exposes 400,000 Websites to Account Takeover Attacks
A critical security flaw in the WordPress Post SMTP plugin has left more than 400,000 websites vulnerable to account takeover attacks. The vulnerability, identified as CVE-2025-11833, enables unauthenticated attackers to
Hackers exploit WordPress plugin Post SMTP to hijack admin accounts
Threat actors are actively exploiting a critical vulnerability in the Post SMTP plugin installed on more than 400,000 WordPress sites, to take complete control by hijacking administrator accounts. [...]
Google fixed a critical remote code execution in Android
Google’s November 2025 Android update fixes two flaws in the System component, including a critical remote code execution issue. Google’s November 2025 Android security updates addressed two vulnerabilities impacting the
Critical RCE Vulnerability in Popular React Native NPM Package Exposes Developers to Attacks
A critical remote code execution (RCE) vulnerability tracked as CVE-2025-11953 in the @react-native-community/cli NPM package. With nearly 2 million weekly downloads, this package powers the command-line interface for Re
Critical Flaw in Popular React Native NPM Package Exposes Developers to Attacks
Arbitrary command/code execution has been demonstrated through the exploitation of CVE-2025-11953 on Windows, macOS and Linux. The post Critical Flaw in Popular React Native NPM Package Exposes Developers to Attacks app
Hackers Can Exploit Microsoft Teams Vulnerabilities to Manipulate Messages and Alter Notifications
Critical vulnerabilities in Microsoft Teams, a platform central to workplace communication for over 320 million users worldwide, enable attackers to impersonate executives and tamper with messages undetected. These vulne
Critical React Native CLI Flaw Exposed Millions of Developers to Remote Attacks
Details have emerged about a now-patched critical security flaw in the popular "@react-native-community/cli" npm package that could be potentially exploited to run malicious operating system (OS) commands under certain c
Hackers Stolen Over $100 Million by Exploiting Balancer DeFi Protocol
Hackers have successfully stolen more than $100 million by exploiting a critical vulnerability in the Balancer protocol. Balancer, a leading DeFi platform known for its automated market-making pools, confirmed that only
Apple Patches 19 WebKit Vulnerabilities
Apple has released iOS 26.1 and macOS Tahoe 26.1 with patches for over 100 vulnerabilities, including critical flaws. The post Apple Patches 19 WebKit Vulnerabilities appeared first on SecurityWeek.
Ransomware Defense Using the Wazuh Open Source Platform
Ransomware is malicious software designed to block access to a computer system or encrypt data until a ransom is paid. This cyberattack is one of the most prevalent and damaging threats in the digital landscape, affectin