Beyond the Zero-Day: See Your Network Like an Attacker | Webinar with HD Moore
Assume the breach. Zero-days keep shipping, AI is writing exploits faster than anyone patches, and „patch everything in time“ stopped working years ago. Stop betting…
Weiterlesen →VS Code zero-day lets hackers steal GitHub tokens in one click
A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication tokens by…
Weiterlesen →Acer working to patch max severity zero-days in Wave 7 routers
Acer is working to address two maximum-severity zero-day vulnerabilities affecting its Wave 7 mesh routers. […]
Weiterlesen →Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited
Google on Monday released patches for 124 security vulnerabilities impacting its Android operating system for the month of June 2026, including one high-severity flaw in…
Weiterlesen →AI-built ransomware toolkit automates EDR evasion, AD discovery
A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade endpoint detection and response (EDR) solutions. […]
Weiterlesen →CISA flags two-year-old Oracle flaw as actively exploited in attacks
CISA has ordered government agencies to secure their systems against a high-severity Oracle WebLogic Server vulnerability that was patched two years ago and is now…
Weiterlesen →Microsoft Threatening Security Researcher
An anonymous security researcher called “Nightmare Eclipse” has been publishing a series of significant security exploits against Microsoft Windows—including one that breaks BitLocker. Microsoft has…
Weiterlesen →Google fixes one actively exploited Android zero-day, 124 flaws
Google has released the June 2026 Android security patches to address 124 vulnerabilities, including one zero-day flaw exploited in targeted attacks. […]
Weiterlesen →Microsoft’s Zero-Day Legal Threats Spark Backlash
After a disgruntled security researcher published several zero-day exploits in recent weeks, Microsoft seemingly indicated criminal charges were in order.
Weiterlesen →Codeausführung möglich: kritische Lücke in Windows Server wird aktiv ausgenutzt
Im großen Mai-Patchpaket war die Lücke in Windows Netlogon behoben worden, nun nutzen Angreifer sie aus. Admins sollten dringend patchen.
Weiterlesen →Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts
Threat actors are attempting to actively exploit a critical security flaw impacting WP Maps Pro, a WordPress plugin that has had over 15,000 sales on…
Weiterlesen →Version 1.0: cPanel und WHM – Aktiv ausgenutzte Schwachstelle ermöglicht Umgehen der Authentifizierung
Weiterlesen →Charter Communications data breach affects 4.9 million accounts
The ShinyHunters extortion gang stole personal information from 4.9 million accounts after hacking the U.S. telecom giant Charter Communications in early April, according to data…
Weiterlesen →Sechs Zero-Days in sechs Wochen offengelegt: Microsoft reagiert mit Drohung
Microsoft hadert mit veröffentlichten Beweisen ungepatchter Sicherheitslücken. Der Konzern droht jetzt rechtliche Schritte an.
Weiterlesen →Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal
Microsoft has come out strongly in favor of Coordinated Vulnerability Disclosure (CVD), urging the research community to share their findings and give affected vendors an…
Weiterlesen →Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code
A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an authenticated user to execute arbitrary code under…
Weiterlesen →New Gogs zero-day flaw lets hackers get remote code execution
An unpatched zero-day vulnerability in the Gogs self-hosted Git service can allow attackers to gain remote code execution (RCE) on Internet-facing instances. […]
Weiterlesen →Carnival Cruise confirms data breach affecting nearly 6 million people
Carnival Corporation, the world’s largest cruise line operator, has confirmed a data breach affecting nearly 6 million people claimed by the ShinyHunters extortion gang in…
Weiterlesen →CISA gives feds 4 days to patch actively exploited cPanel plugin flaw
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given U.S. federal agencies four days to secure their servers against a critical vulnerability in the…
Weiterlesen →Charter confirms data breach after ShinyHunters extortion threat
U.S. telecommunications giant Charter Communications has confirmed it suffered a data breach after the ShinyHunters extortion group threatened to leak stolen data unless a ransom…
Weiterlesen →KnowledgeDeliver flaw exploited as a zero-day to install web shells
Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell. […]
Weiterlesen →Microsoft Patches SharePoint RCE Flaw CVE-2026-45659 Across Server Versions
Microsoft has rolled out updates to fix a remote code execution vulnerability impacting SharePoint that could be exploited by bad actors in attacks without requiring…
Weiterlesen →7-Eleven data breach exposes personal information of 185,000 people
The ShinyHunters extortion gang stole the personal information of over 183,000 people after hacking the systems of convenience store chain giant 7-Eleven in April, according…
Weiterlesen →CISA orders feds to patch actively exploited Drupal vulnerability
CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management system (CMS)…
Weiterlesen →KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike
A now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) popular in Japan, was exploited as a zero-day to deliver the…
Weiterlesen →Update #1: Schwerwiegende Sicherheitslücken in Cisco Adaptive Security Appliance – aktiv ausgenutzt – Updates verfügbar
26. September 2025 Beschreibung Cisco hat Informationen zu einer vermutlich bereits seit einigen Monaten laufenden Angriffskampagne veröffentlicht. Im Rahmen dieser Kampagne haben Angreifer:innen, denen bereits…
Weiterlesen →Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities (KEV)…
Weiterlesen →First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups
Authorities in Europe and North America have announced the dismantling of a criminal virtual private network (VPN) service used by criminal actors to obscure the…
Weiterlesen →Verizon DBIR: Healthcare Fends Off Increased Social Engineering Attacks
Ransomware and vendor breaches persist, but the 2026 Data Breach Investigations Report (DBIR) highlights how evolving social engineering tactics make the sector more vulnerable.
Weiterlesen →Trend Micro warns of Apex One zero-day exploited in the wild
Japanese cybersecurity software company Trend Micro has addressed an Apex One zero-day vulnerability exploited in attacks targeting Windows systems. […]
Weiterlesen →Google accidentally exposed details of unfixed Chromium flaw
Google has accidentally leaked details about an unfixed issue in Chromium that keeps JavaScript running in the background even when the browser is closed, allowing…
Weiterlesen →Microsoft Warns of Two Actively Exploited Defender Vulnerabilities
Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation in the wild. The former, tracked as…
Weiterlesen →Microsoft warns of new Defender zero-days exploited in attacks
On Wednesday, Microsoft started rolling out security patches for two Defender vulnerabilities that have been exploited in zero-day attacks. […]
Weiterlesen →Kritische Sicherheitslücke in Drupal Core – Updates verfügbar
20. Mai 2026 Beschreibung In Drupal Core existiert eine SQL-Injection-Schwachstelle in der Datenbank-Abstraktions-API. Speziell gestaltete Anfragen können zu beliebigen SQL-Injections führen. Die Schwachstelle ist ausschließlich…
Weiterlesen →Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks
Drupal has released security updates for a „highly critical“ security vulnerability in Drupal Core that could be exploited by attackers to achieve remote code execution,…
Weiterlesen →Processes and Culture Top Reasons Behind Data Breaches
Government leaders revealed that, in spite of state laws meant to improve cyber hygiene, an analysis of incidents showed issues persist and visibility falls short.
Weiterlesen →GitHub Confirms Breach, 4K Internal Repos Stolen
Open source software giant GitHub confirmed a data breach this week involving the theft of thousands of repos. One threat actor — TeamPCP — took…
Weiterlesen →Hackers bypass SonicWall VPN MFA due to incomplete patching
Threat actors brute-forced VPN credentials and bypassed multi-factor authentication (MFA) on SonicWall Gen6 SSL-VPN appliances to deploy tools used in ransomware attacks. […]
Weiterlesen →Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks
Microsoft on Tuesday said it disrupted a malware-signing-as-a-service (MSaaS) operation that weaponized the company’s Artifact Signing system to deliver malicious code and conduct ransomware and…
Weiterlesen →Grafana breach caused by missed token rotation after TanStack attack
The Grafana data breach was caused by a single GitHub workflow token that slipped through the rotation process following the TanStack npm supply-chain attack last…
Weiterlesen →Microsoft Releases Mitigation for YellowKey BitLocker Bypass CVE-2026-45585 Exploit
Microsoft on Tuesday released a mitigation for a BitLocker bypass vulnerability named YellowKey following its public disclosure last week. The zero-day flaw, now tracked as…
Weiterlesen →Microsoft shares mitigation for YellowKey Windows zero-day
Microsoft has shared mitigations for YellowKey, a recently disclosed Windows BitLocker zero-day vulnerability that grants access to protected drives. […]
Weiterlesen →CISA warns of cyberattacks targeting fuel tank monitoring systems
CISA, the FBI, the NSA, the Department of Energy, and other US government partners are warning that hackers are targeting internet-exposed automatic tank gauge (ATG)…
Weiterlesen →What 345 Days of Untested Exposure Looks Like at a Bank
A two-week penetration test can leave roughly 345 days of real-world exposure unvalidated. Sprocket Security explores why continuous testing is becoming critical as attack surfaces…
Weiterlesen →CISA warns of active attacks exploiting Android, Linux bugs
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are exploiting vulnerabilities in the Linux kernel and Android operating system. […]
Weiterlesen →New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare
Cybersecurity researchers have discovered a remote denial-of-service exploit that affects major web servers, including NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora. The vulnerability…
Weiterlesen →Unpatched Windows Search URI Vulnerability Lets Attackers Steal NTLMv2 Hashes
Cybersecurity researchers have disclosed details of an unpatched issue that could be exploited to disclose a user’s NTLMv2 hash to the attacker. Like in the…
Weiterlesen →Burst Statistics: Angriffe auf kritische Lücke im populären WordPress-Plugin
Angreifer missbrauchen eine kritische Lücke im WordPress-Plugin Burst Statistics. Sie ermöglicht die Übernahme von Instanzen.
Weiterlesen →Version 1.0: Microsoft Windows IKE – Kritische Schwachstelle gefährdet Windows VPN-Server
Weiterlesen →Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw impacting Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV)…
Weiterlesen →Pakistan Spies on Afghan Finance Ministry With Xeno RAT
Despite broadly connected digital infrastructure, standard fare TTPs are enough to cause trouble for Afghanistan’s porous cybersecurity.
Weiterlesen →ISC Stormcast For Thursday, June 4th, 2026 https://isc.sans.edu/podcastdetail/9958, (Thu, Jun 4th)
Weiterlesen →Digital Fatigue: Warum wir uns nach weniger smarten Uhren sehnen sollten
Schrittzähler-Tyrannei und fehlerhafte Stress-Scores am Handgelenk: Warum der Verzicht auf die Smartwatch kein Rückschritt ist, sondern eine Möglichkeit
Weiterlesen →IBAN in Chat verraten: Hausrat mit Cyber-Schutz zahlt nicht
Fast 2000 Euro durch einen Onlinebetrug futsch – doch die Hausratversicherung zahlt trotz Cyber-Schutzbaustein nicht.
Weiterlesen →Coding Gaffe Exposes Microsoft 365 Accounts to Widespread Takeover
A disabled security setting meant to protect authentication across Android versions of key apps like Word, PowerPoint, and Excel paved the way for attackers to…
Weiterlesen →Cyber Insurance Rates Are Dropping, but Exclusions Widen
Cyber insurance coverage is slowly changing, and some policies may not provide coverage for social engineering attacks like ClickFix.
Weiterlesen →Tropical Blend: Cyber & Politics Ramp Up Across Latin America
China-linked espionage groups have attacked at least a dozen nations in the region, gathering information on maritime shipping, oil production, and other geopolitical interests.
Weiterlesen →Attackers Use AI to Automate EDR Evasion Testing
Python scripts were used to test malware against endpoint detection and response agents from Sophos, CrowdStrike, and Windows Defender.
Weiterlesen →Autonomous AI Tool Finds 2-Year-Old RCE Flaw in Redis (CVE-2026-23479)
Redis has patched a use-after-free in its blocking-client code that lets an authenticated user run arbitrary OS commands on the machine hosting the database. The…
Weiterlesen →Microsoft 365 Android Apps Let Any App Steal Account Tokens via Leftover Debug Flag
A development flag left switched on in production builds of several Microsoft 365 Android apps disabled the check that limits account-token sharing to trusted Microsoft…
Weiterlesen →Google DoubleClick Abused in New Malspam Campaign to Deliver DesckVB RAT
Cybersecurity researchers have flagged a new malspam campaign that makes use of Google’s DoubleClick domain as a way to evade detection and ultimately deliver a…
Weiterlesen →WhatsApp, Slack Notifications Could Hijack Google Gemini on Android
A single poisoned notification from WhatsApp, Slack, SMS, Signal, Instagram, or Messenger could have hijacked Google Gemini’s voice assistant on Android and made it open…
Weiterlesen →New ‚HTTP/2 Bomb‘ DoS attack crashes web servers in under a minute
A new denial-of-service (DoS) attack dubbed HTTP/2 Bomb can be launched from a single machine to take down web servers within seconds. […]
Weiterlesen →The U.S. sanctions Nobitex crypto exchange used by ransomware
The U.S. Treasury’s Office of Foreign Assets Control (OFAC) has announced sanctions against Nobitex, Iran’s largest cryptocurrency exchange, for facilitating payments related to terrorist activities.…
Weiterlesen →Chinese hackers use new Atlas RAT malware in European cyberattacks
A Chinese-speaking cybercrime group has expanded its targeting to the European space, deploying previously undocumented malware and the Atlas backdoor. […]
Weiterlesen →Global Stock Exchange Hit by Monthslong Email Campaign
A threat actor got a near-continuous view into an influential finance executive’s email inbox, thanks to clever use of legitimate, native Windows tools.
Weiterlesen →Malicious Notifications Could Trick Google Gemini Users
A prompt injection flaw in Google Gemini’s voice assistant let attackers hide malicious commands in notifications, enabling social engineering and more.
Weiterlesen →Continuing Scans for swagger.json, (Wed, Jun 3rd)
Enterprise applications often still use complex standards like SOAP for web services. The big advantage of SOAP is its tight and extensive standards, which enable…
Weiterlesen →Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)
The Fragmented State of Modern Enterprise Identity Enterprise IAM is approaching a breaking point. As organizations scale, identity becomes increasingly fragmented across thousands of applications,…
Weiterlesen →One-Click GitHub Dev Attack Lets Attackers Steal Full GitHub OAuth Tokens
Cybersecurity researchers have disclosed a one-click attack via Microsoft Visual Studio Code (VS Code) that makes it possible to steal a user’s GitHub token. „Just…
Weiterlesen →Microsofts „Project Solara“: Die Vision der agentenzentrierten Hardware
Das US-Unternehmen präsentiert neue Konzepte, wie es sich künftige Benutzeroberflächen vorstellt
Weiterlesen →Der Herr der Märchen? Elon Musks Visionen im Realitätscheck
Von selbstfahrenden Autos bis zur Mars-Stadt: Die New York Times hat 602 Versprechen von Elon Musk seziert. Das Ergebnis ist ernüchternd
Weiterlesen →Palantir ohne Blackbox: Neo4j kündigt offene Alternative an
Aus dem Zusammenschluss der Datenanalyseplattform Neo4j und der Polizeisoftware Hume von GraphAware soll eine offene Alternative zu Palantir entstehen.
Weiterlesen →Bundesbeauftragte: Informationsfreiheit soll ins Grundgesetz
Neben einem Transparenzgesetz brauche es verfassungsrechtliche Absicherung des Anspruchs auf staatliche Informationen, fordert Louisa Specht-Riemenschneider.
Weiterlesen →Angreifer können SolarWinds Web Help Desk lahmlegen
Mehrere Sicherheitslücken gefährden SolarWinds Web Help Desk. Ein Sicherheitspatche ist verfügbar.
Weiterlesen →Gemeinsamer Sicherheitshinweis (BfV und BSI) – Auskundschaftung schlecht geschützter PV-Anlagen durch staatliche Cyberakteure
Weiterlesen →Fitness-Fakes: Social-Media-Anzeigen führen in betrügerische Shops für Sportnahrung
Sie bedienen sich an Grafiken und Produktfotos bekannter Marken-Shops für Sportnahrung. Daraus basteln sie optisch ansprechende Shops und locken ihre Opfer mit Anzeigen auf Social-Media-Portalen…
Weiterlesen →AI Used to Decrypt Medieval Ciphers
Researchers are using machine learning algorithms to decrypt historical pencil-and-paper ciphers.
Weiterlesen →Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners Spread via Pirated Content
Cybersecurity researchers have flagged a new campaign targeting Minecraft players via YouTube to spread malware capable of gaining control of victims‘ systems. The Minecraft-focused malware-as-a-service…
Weiterlesen →Google adds Android protection against AI deepfake scam calls
Google is introducing a new Android security feature that will detect and flag phone calls in which scammers use artificial intelligence to impersonate a user’s…
Weiterlesen →Police dismantles 9 crime groups in illegal streaming crackdown
European and international law enforcement agencies have dismantled nine organized crime groups and arrested 29 suspects in a major crackdown on illegal streaming operations. […]
Weiterlesen →Playstation im Rausch: „Lara Croft“, „Wolverine“, „Onimusha“ und neues „God of War“
Die State of Play am Dienstagabend war ein Feuerwerk an Neuankündigungen, aber auch die Ankündigung eines verrückten Gaming-Herbstes
Weiterlesen →Über 100 NGOs laufen Sturm gegen Einsatz von KI-Alterserkennung bei minderjährigen Asylsuchenden
Die Menschenrechtsorganisationen weisen etwa darauf hin, dass das Trauma einer Flucht das Gesicht eines Kindes tiefgreifend verändern kann
Weiterlesen →TU-Professor: In kommenden Jahren „deutlich mehr Robotik im Alltag“
Robotik-Branche trifft sich in Wien: Humanoide Roboter im Fokus
Weiterlesen →EU-Parlament verabschiedet sich von Google als Standard-Suchmaschine
Stattdessen soll das europäische Qwant zum Einsatz kommen. Parallel dazu treibt die KI-Flut auch der Google-Alternative DuckDuckGo immer mehr User zu
Weiterlesen →Anthropics KI-Modell Mythos: Zugriff soll deutlich ausgeweitet werden
In „Project Glasswing“ dürften Verantwortliche von sicherheitsrelevanter Software mit der KI Mythos nach Schwachstellen suchen. Nun auch in Deutschland.
Weiterlesen →Linux App Summit 2026: Treffen der Linux-Desktop-Avantgarde
Die Linux-Desktop-Community diskutierte auf dem Linux App Summit 2026, wie man Linux-Systeme sicherer, robuster und komfortabler machen kann.
Weiterlesen →MS Build 2026: Windows soll sicherer werden
Neben den KI-Ergänzungen für Entwickler bringt Microsoft auch für Windows-Nutzer Verbesserungen etwa bei der Sicherheit.
Weiterlesen →Sicherheitsmechanismen in IBM WebSphere Application Server umgehbar
Es sind wichtige Sicherheitsupdates für IBM WebSphere Application Server und Business Automation Workflow erschienen.
Weiterlesen →Version 1.0: F5 BIG-IP – Aktive Ausnutzung einer Schwachstelle im Access Policy Manager
Weiterlesen →Kompromittierte axios npm-Pakete verbreiten Schadsoftware
31. März 2026 Beschreibung Die weit verbreitete JavaScript-Bibliothek axios (HTTP-Client mit über 300 Millionen wöchentlichen Downloads auf npm) wurde durch kompromittierte Paketversionen als Angriffsvektor missbraucht.…
Weiterlesen →ISC Stormcast For Wednesday, June 3rd, 2026 https://isc.sans.edu/podcastdetail/9956, (Wed, Jun 3rd)
Weiterlesen →Over 116,000 Minecraft systems infected in WeedHack malware campaign
A large-scale malware campaign dubbed WeedHack is targeting Minecraft players and has infected more than 116,000 systems since January. […]
Weiterlesen →USA sanktionieren größte iranische Kryptobörse
Über die Plattform sollen Hunderte Millionen Dollar für die iranische Zentralbank und die Islamischen Revolutionsgarden abgewickelt worden sein
Weiterlesen →Nächstes Wettrennen: Microsoft stellt neuen Quantenchip Majorana 2 vor
Die Existenz der verwendeten Majorana-Teilchen gilt in der Wissenschaft allerdings als nicht zweifelsfrei nachgewiesen
Weiterlesen →Der Anfang der KI-Agenten-Ära ist vielleicht das Ende des PCs
Der private Rechner als eigenes IT-Reich passt immer weniger in die Zukunftsvision vieler Konzerne
Weiterlesen →Android: Google vereinfacht sicheren Transfer von Passkeys und Passwörtern
Mit dem Juni-Update der Play-System-Dienste für Android können Nutzer Passwörter und Passkeys nun sicher zwischen verschiedenen Passwortmanagern austauschen.
Weiterlesen →Securing AI Agents Before They Go Rogue Is Next to Impossible
High-autonomy agents with broad permissions and unfettered access are a recipe for disaster, and enterprises need to act now before they become the next horror…
Weiterlesen →China Uses Dual-Method Cyberattack on Czech Orgs
China is stealing data from high-value targets via a sneaky, double-layer spear-phishing campaign that includes the Azureveil malware.
Weiterlesen →DriveSurge Hijacks Thousands of Sites for ClickFix, FakeUpdate Attacks
A sneaky, wide-scale IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones that deliver malware.
Weiterlesen →