ARTIKEL SUCHE
Threat Feed QueryDurchsuche alle aggregierten Security-Artikel nach Schlagworten, CVE-IDs und Quellen.
SAP Patches Critical NetWeaver Vulnerabilities
The critical-severity NetWeaver flaws could be exploited for remote code execution and privilege escalation. The post SAP Patches Critical NetWeaver Vulnerabilities appeared first on SecurityWeek.
Ex-WhatsApp Security Chief Sues Meta Over Vulnerabilities, Retaliation
Attaullah Baig has filed a lawsuit against Meta and its executives, accusing them of retaliation over critical cybersecurity failures. The post Ex-WhatsApp Security Chief Sues Meta Over Vulnerabilities, Retaliation appea
How a Faulty Windows Driver Can Cause a System Crash and Blue Screen of Death
A recent analysis of a Windows kernel-memory dump has provided a detailed look into a DRIVER_POWER_STATE_FAILURE, a critical error that results in a Blue Screen of Death (BSOD). The investigation reveals how a single mal
SAP fixes maximum severity NetWeaver command execution flaw
SAP has addressed 21 new vulnerabilities affecting its products, including three critical severity issues impacting the NetWeaver software solution. [...]
SAP Security Patch Day September 2025 – 21 Vulnerabilities and 4 Critical One’s Patched
As part of its scheduled security maintenance, SAP released its September 2025 Patch Day notes, addressing a total of 21 new vulnerabilities and providing updates to four previously released security advisories. Among th
Magento and Adobe SessionReaper Vulnerability Exposes Thousands Of Online Stores to Attacks
Adobe has issued an emergency security patch for a critical vulnerability in its Magento and Adobe Commerce platforms, dubbed “SessionReaper”. The vulnerability is considered one of the most severe in Magento’s history,
Progress OpenEdge AdminServer Vulnerability Let Attackers Execute Remote Code
A critical security vulnerability has been discovered in Progress OpenEdge, a platform for developing and deploying business applications. The flaw, identified as CVE-2025-7388, allows for remote code execution (RCE) and
Researchers Bypassed Web Application Firewall With JS Injection with Parameter Pollution
Cybersecurity researchers have demonstrated a sophisticated technique for bypassing Web Application Firewalls (WAFs) using JavaScript injection combined with HTTP parameter pollution, exposing critical vulnerabilities in
PoC Exploit Released for ImageMagick RCE Vulnerability – Update Now
A proof-of-concept (PoC) exploit has been released for a critical remote code execution (RCE) vulnerability in ImageMagick 7’s MagickCore subsystem, specifically affecting the blob I/O (BlobStream) implementation. Securi
Australian Authorities Uncovered Activities and Careers of Ransomware Criminal Groups
Ransomware has emerged as one of the most devastating cybercrime threats in the contemporary digital landscape, with criminal organizations operating sophisticated billion-dollar enterprises that target critical infrastr
Czech cyber agency NUKIB flags Chinese espionage risks to critical infrastructure
Czech cybersecurity agency NUKIB warns of Chinese cyber threats to critical infrastructure, citing the cyberespionage group APT31 and risky devices. The Czech Republic’s National Cyber and Information Security Agency (NU
Czech cyber agency warns against Chinese tech in critical infrastructure
The Czech Republic's National Cyber and Information Security Agency (NUKIB) is instructing critical infrastructure organizations in the country to avoid using Chinese technology or transferring user data to servers locat
10 Best Cloud Penetration Testing Companies in 2025
As more businesses migrate their infrastructure to the cloud, cloud penetration testing has become a critical service. Unlike traditional network tests, cloud pentesting focuses on unique attack vectors such as misconfig
Critical Argo CD API Vulnerability Exposes Repository Credentials
A critical vulnerability has been discovered in Argo CD that allows API tokens with limited permissions to access sensitive repository credentials. The flaw in the project details API endpoint exposes usernames and passw
Critical SAP S/4HANA flaw CVE-2025-42957 under active exploitation
Experts warn of an actively exploited vulnerability, tracked as CVE-2025-42957 (CVSS score: 9.9), in SAP S/4HANA software. A critical command injection vulnerability, tracked as CVE-2025-42957 (CVSS score of 9.9), in SAP
CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation
Federal Civilian Executive Branch (FCEB) agencies are being advised to update their Sitecore instances by September 25, 2025, following the discovery of a security flaw that has come under active exploitation in the wild
How to Close the AI Governance Gap in Software Development
Widespread adoption of AI coding tools accelerates development—but also introduces critical vulnerabilities that demand stronger governance and oversight. The post How to Close the AI Governance Gap in Software Developme
Don’t let outdated IGA hold back your security, compliance, and growth
Identity Governance & Administration (IGA) is critical to keeping data secure, ensuring only the right people have access to the right resources. But legacy IGA is slow, costly, and code-heavy. Learn from tenfold why Mod
Critical SAP S/4HANA vulnerability now exploited in attacks
A critical SAP S/4HANA code injection vulnerability is being leveraged in attacks in the wild to breach exposed servers, researchers warn. [...]
Critical SAP S/4HANA Vulnerability Actively Exploited to Fully Compromise Your SAP System
A critical vulnerability in SAP S/4HANA is being actively exploited in the wild, allowing attackers with low-level user access to gain complete control over affected systems. The vulnerability, tracked as CVE-2025-42957,