ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
Critical flaw SessionReaper in Commerce and Magento platforms lets attackers hijack customer accounts
Adobe fixed a critical flaw in its Commerce and Magento Open Source platforms that allows an attacker to take over customer accounts. Adobe addressed a critical vulnerability, tracked as CVE-2025-54236 (aka SessionReaper
CyberVolk Ransomware Attacking Windows System in Critical Infrastructure and Scientific Institutions
CyberVolk ransomware first emerged in May 2024, rapidly evolving into a sophisticated threat aimed at government agencies and critical infrastructure in countries perceived as hostile to Russian interests. Leveraging a d
Amp’ed RF BT-AP 111 Bluetooth Access Point Vulnerability Let Attackers Gain Full Admin Access
A critical security vulnerability has been discovered in the Amp’ed RF BT-AP 111 Bluetooth Access Point, exposing organizations to significant security risks through an unauthenticated administrative interface. The devic
Can I have a new password, please? The $400M question.
Scattered Spider didn't need a zero-day to breach Clorox. They just phoned the help desk—convincing agents to reset passwords & MFA without proper checks. The result: $380M in damages. Learn from Specops Software why cal
DarkSamural APT Group Malicious LNK and PDF Files to Steal Critical Data
Security researchers have observed a sophisticated campaign in recent weeks targeting critical infrastructure and government entities across South Asia. Dubbed the DarkSamural operation, this attack chain leverages decep
Apple CarPlay Exploited To Gain Root Access By Executing Remote Code
At the recent DefCon security conference, researchers demonstrated a critical exploit chain that allows attackers to gain root access on vehicle infotainment systems by targeting Apple CarPlay. The multi-stage attack, na
Microsoft Fixes 80 Flaws — Including SMB PrivEsc and Azure CVSS 10.0 Bugs
Microsoft on Tuesday addressed a set of 80 security flaws in its software, including one vulnerability that has been disclosed as publicly known at the time of release. Of the 80 vulnerabilities, eight are rated Critical
Apple iPhone Air and iPhone 17 Feature A19 Chips With Spyware-Resistant Memory Safety
Apple on Tuesday revealed a new security feature called Memory Integrity Enforcement (MIE) that's built into its newly introduced iPhone models, including iPhone 17 and iPhone Air. MIE, per the tech giant, offers "always
Microsoft Warns of Active Directory Domain Services Vulnerability, Let Attackers Escalate Privileges
Microsoft has issued an updated warning for a critical security vulnerability in Active Directory Domain Services, tracked as CVE-2025-21293. This flaw could permit an attacker who has already gained initial access to a
Critical Microsoft Office Vulnerabilities Let Attackers Execute Malicious Code
Microsoft has released patches for two significant vulnerabilities in Microsoft Office that could allow attackers to execute malicious code on affected systems. The flaws, tracked as CVE-2025-54910 and CVE-2025-54906, we
Critical SAP NetWeaver Vulnerability Let Attackers Execute Arbitrary Code And Compromise System
A critical vulnerability CVE-2025-42922 has been discovered in SAP NetWeaver that allows an authenticated, low-privileged attacker to execute arbitrary code and achieve a full system compromise. The flaw resides in the D
Google Chrome 140.0.7339.127 / 140.0.7339.128 korrigiert eine kritische Sicherheitslücke
Gestern Abend wurde für den Google Chrome ein wichtiges Sicherheitsupdate auf die Version 140.0.7339.127 / 140.0.7339.128 bereitgestellt. Hier wurden zwei Sicherheitslücken korrigiert. Eine davon wurde als „Critical“ CV
Chrome Security Update Patches Critical Remote Code Execution Vulnerability
Google has issued an urgent security update for the Chrome browser on Windows, Mac, and Linux, addressing a critical vulnerability that could allow attackers to execute arbitrary code remotely. Users are strongly advised
Adobe Commerce Flaw CVE-2025-54236 Lets Hackers Take Over Customer Accounts
Adobe has warned of a critical security flaw in its Commerce and Magento Open Source platforms that, if successfully exploited, could allow attackers to take control of customer accounts. The vulnerability, tracked as CV
SAP Patches Critical NetWeaver (CVSS Up to 10.0) and Previously Exploited S/4HANA Flaws
SAP on Tuesday released security updates to address multiple security flaws, including three critical vulnerabilities in SAP Netweaver that could result in code execution and the upload arbitrary files. The vulnerabiliti
SAP September 2025 Patch Day fixed 4 critical flaws
SAP issues 21 new and 4 updated security notes, fixing critical NetWeaver flaws enabling RCE and privilege escalation. SAP this week issued 21 new and four updated security notes as part of the company’s September Patch
Adobe Patches Critical ColdFusion and Commerce Vulnerabilities
Adobe has patched nearly two dozen vulnerabilities across nine of its products with its September 2025 Patch Tuesday updates. The post Adobe Patches Critical ColdFusion and Commerce Vulnerabilities appeared first on Secu
Adobe patches critical SessionReaper flaw in Magento eCommerce platform
Adobe is warning of a critical vulnerability (CVE-2025-54236) in its Commerce and Magento Open Source platforms that researchers call SessionReaper and describe as one of " the most severe" flaws in the history of the pr
Critical Ivanti Endpoint Manager Vulnerabilities Let Attackers Execute Remote Code
Ivanti has released security updates to address two high-severity vulnerabilities in its Endpoint Manager (EPM) software that could allow remote code execution. The vulnerabilities, tracked as CVE-2025-9712 and CVE-2025-
What is crisis communication?
<p>Crisis communication is a strategic approach to corresponding with people and organizations during a disruptive event. When a crisis occurs, proactive, quick, detailed communication is critical; a crisis communication