ShinyHunters Uses Oracle Zero-Day to Rampage Higher Ed
A major bug in Oracle’s ERP software disproportionately affected American universities, and hackers have capitalized by stealing gobs of data.
Weiterlesen →Maine disables data breach notification portal after fake disclosures
Maine has taken its public data breach reporting portal offline after fraudulent breach disclosures were published on the state’s website, prompting a review of procedures…
Weiterlesen →LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution
Cybersecurity researchers have disclosed details of three now-patched security flaws impacting LangGraph, including a critical vulnerability chain that could result in remote code execution. LangGraph…
Weiterlesen →CISA orders feds to patch actively exploited Ivanti flaw by Sunday
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch an actively exploited Ivanti Sentry flaw within three days, as mandated by…
Weiterlesen →Pharma giant Novo Nordisk discloses breach of clinical trials data
Danish pharmaceutical giant Novo Nordisk, the world’s largest producer of insulin, disclosed a data breach affecting patient information from some clinical trials. […]
Weiterlesen →Oracle mitigates PeopleSoft zero-day exploited in data theft attacks
Oracle is warning about a critical PeopleSoft Suite zero-day vulnerability tracked as CVE-2026-35273 that allows unauthenticated remote code execution, with the flaw actively exploited in ShinyHunter…
Weiterlesen →Maine breach portal abused to publish fake data breach disclosures
In an unusual misinformation campaign, fraudulent data breach disclosures were submitted to Maine’s official breach portal and publicly posted before their legitimacy could be verified,…
Weiterlesen →ShinyHunters Exploits Oracle PeopleSoft Zero-Day (CVE-2026-35273) to Breach Universities
The ShinyHunters extortion crew exploited an unpatched flaw in Oracle PeopleSoft to break into enterprise systems, steal data, and demand payment to keep it private.…
Weiterlesen →Coupang hit with record $409 million data breach fine in Korea
The Personal Information Protection Commission (PIPC), South Korea’s data protection regulator, has fined e-commerce giant Coupang a record 624.6 billion won (roughly $409 million) following…
Weiterlesen →Nottingham University data breach affects over 450,000 students
The University of Nottingham confirmed on Wednesday that a hacking group gained access to its student records system in a breach affecting both current students…
Weiterlesen →Microsoft patches Exchange Server zero-day exploited in attacks
Microsoft has patched an actively exploited Exchange Server vulnerability that allows threat actors to execute arbitrary JavaScript code in cross-site scripting (XSS) attacks targeting Outlook…
Weiterlesen →Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows
The anonymous security researcher going by the name Chaotic Eclipse (aka Nightmare-Eclipse) has released a proof-of-concept (PoC) exploit for yet another Microsoft Defender zero-day named…
Weiterlesen →Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs
Microsoft on Tuesday released fixes for a record 206 security vulnerabilities impacting its software portfolio, including three flaws that have been publicly disclosed at the…
Weiterlesen →Microsoft patches YellowKey, GreenPlasma, MiniPlasma zero-days
On Tuesday, Microsoft patched two zero-day vulnerabilities that let attackers gain SYSTEM privileges on fully patched Windows systems, and a third one that grants access…
Weiterlesen →Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS
Cybersecurity researchers have flagged half a dozen vulnerabilities in protobuf.js, a JavaScript and TypeScript implementation of Protocol Buffers (Protobuf), that, if successfully exploited, could result…
Weiterlesen →Veeam Backup & Replication RCE Flaw Lets Domain Users Run Remote Code
Veeam has released security patches to address a critical flaw in its Backup & Replication software that could result in remote code execution. Tracked as…
Weiterlesen →Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild – Patch Now
Google has released security updates to address 74 vulnerabilities, including one that has come under active exploitation in the wild. The high-severity vulnerability, tracked as…
Weiterlesen →New Veeam vulnerability exposes backup servers to RCE attacks
Veeam has released security updates to patch a critical Backup & Replication security flaw that can be exploited to gain remote code execution (RCE) on…
Weiterlesen →Microsoft June 2026 Patch Tuesday fixes 3 zero-day, 200 flaws
Today is Microsoft’s June 2026 Patch Tuesday, with security updates for 200 flaws and three publicly disclosed zero-day vulnerabilities. […]
Weiterlesen →Google patches new Chrome zero-day flaw exploited in the wild
Google has released emergency updates to patch another Chrome zero-day vulnerability that has been exploited in the wild, the fifth such flaw patched since the…
Weiterlesen →CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-day
CISA has ordered U.S. government agencies to secure their Check Point Remote Access VPN and Mobile Access deployments against a critical vulnerability exploited in zero-day…
Weiterlesen →Version 1.0: Check Point Remote Access VPN und Mobile Access – Aktiv ausgenutzte Schwachstelle ermöglicht Aufbau von VPN-Sessions ohne Authentifizierung
Weiterlesen →Check Point VPN Flaw Exploited Since Early May
A newly discovered, critical zero-day vulnerability is under attack; a Qilin ransomware affiliate has been blamed for at least one incident.
Weiterlesen →SoFi confirms third-party data breach at Hong Kong subsidiary
SoFi Hong Kong is warning that it suffered a data breach after hackers gained access to a database at a third-party vendor containing customer information.…
Weiterlesen →⚡ Weekly Recap: Instagram Account Hacks, Android Zero-Day, GitHub Worm and More
Monday again. The weekend was meant to be quiet. It wasn’t. Last week had poisoned packages, a broken AI helper, and a worm tearing through…
Weiterlesen →Check Point links VPN zero-day attacks to Qilin ransomware gang
Israeli cybersecurity company Check Point has released security updates to patch a critical flaw affecting Remote Access VPN and Mobile Access deployments, which was exploited…
Weiterlesen →Gogs patches critical zero-day enabling remote code execution
Gogs has patched a critical security zero-day flaw that can allow attackers to compromise Internet-facing instances and access any repositories (including private ones). […]
Weiterlesen →Oxford University discloses data breach after careers platform hack
The University of Oxford disclosed a new data breach last week after being informed by its third-party provider, Group GTI, that its CareerConnect career services…
Weiterlesen →Update #1: Schwerwiegende Sicherheitslücken in Cisco Adaptive Security Appliance – aktiv ausgenutzt – Updates verfügbar
26. September 2025 Beschreibung Cisco hat Informationen zu einer vermutlich bereits seit einigen Monaten laufenden Angriffskampagne veröffentlicht. Im Rahmen dieser Kampagne haben Angreifer:innen, denen bereits…
Weiterlesen →AI Agent Uncovers 21 Zero-Days in FFmpeg; Chrome Patches Record 429 Bugs
Two things landed within days of each other this week. A security startup reported 21 previously unknown vulnerabilities in FFmpeg, the media library inside almost…
Weiterlesen →CISA Adds Actively Exploited SolarWinds Serv-U DoS Flaw to KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting SolarWinds Serv-U multi-protocol file server software to its Known Exploited…
Weiterlesen →Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available
Cisco has warned that a high-severity security flaw impacting Catalyst SD-WAN Manager has come under active exploitation. The vulnerability, tracked as CVE-2026-20245, carries a CVSS…
Weiterlesen →Hackers Exploit Critical Everest Forms Pro WordPress Plugin Flaw to Take Over Sites
Threat actors are actively exploiting a critical security flaw in Everest Forms Pro, a WordPress plugin with about 4,000 active installations, to execute arbitrary code,…
Weiterlesen →Cisco warns of unpatched SD-WAN zero-day exploited in attacks
On Thursday, Cisco warned of a high-severity, unpatched zero-day in the Cisco Catalyst SD-WAN Manager (tracked as CVE-2026-20245) actively exploited in attacks enabling root privilege escalation.…
Weiterlesen →Kritische Sicherheitslücke in Drupal Core – Updates verfügbar
20. Mai 2026 Beschreibung In Drupal Core existiert eine SQL-Injection-Schwachstelle in der Datenbank-Abstraktions-API. Speziell gestaltete Anfragen können zu beliebigen SQL-Injections führen. Die Schwachstelle ist ausschließlich…
Weiterlesen →DentaQuest data breach exposed info of 2.6 million accounts
A data breach at the dental benefits administrator DentaQuest has reportedly exposed the sensitive data of 2.6 million accounts. […]
Weiterlesen →Beyond the Zero-Day: See Your Network Like an Attacker | Webinar with HD Moore
Assume the breach. Zero-days keep shipping, AI is writing exploits faster than anyone patches, and „patch everything in time“ stopped working years ago. Stop betting…
Weiterlesen →VS Code zero-day lets hackers steal GitHub tokens in one click
A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication tokens by…
Weiterlesen →Acer working to patch max severity zero-days in Wave 7 routers
Acer is working to address two maximum-severity zero-day vulnerabilities affecting its Wave 7 mesh routers. […]
Weiterlesen →Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited
Google on Monday released patches for 124 security vulnerabilities impacting its Android operating system for the month of June 2026, including one high-severity flaw in…
Weiterlesen →AI-built ransomware toolkit automates EDR evasion, AD discovery
A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade endpoint detection and response (EDR) solutions. […]
Weiterlesen →CISA flags two-year-old Oracle flaw as actively exploited in attacks
CISA has ordered government agencies to secure their systems against a high-severity Oracle WebLogic Server vulnerability that was patched two years ago and is now…
Weiterlesen →Microsoft Threatening Security Researcher
An anonymous security researcher called “Nightmare Eclipse” has been publishing a series of significant security exploits against Microsoft Windows—including one that breaks BitLocker. Microsoft has…
Weiterlesen →Google fixes one actively exploited Android zero-day, 124 flaws
Google has released the June 2026 Android security patches to address 124 vulnerabilities, including one zero-day flaw exploited in targeted attacks. […]
Weiterlesen →Microsoft’s Zero-Day Legal Threats Spark Backlash
After a disgruntled security researcher published several zero-day exploits in recent weeks, Microsoft seemingly indicated criminal charges were in order.
Weiterlesen →Codeausführung möglich: kritische Lücke in Windows Server wird aktiv ausgenutzt
Im großen Mai-Patchpaket war die Lücke in Windows Netlogon behoben worden, nun nutzen Angreifer sie aus. Admins sollten dringend patchen.
Weiterlesen →Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts
Threat actors are attempting to actively exploit a critical security flaw impacting WP Maps Pro, a WordPress plugin that has had over 15,000 sales on…
Weiterlesen →Version 1.0: cPanel und WHM – Aktiv ausgenutzte Schwachstelle ermöglicht Umgehen der Authentifizierung
Weiterlesen →Charter Communications data breach affects 4.9 million accounts
The ShinyHunters extortion gang stole personal information from 4.9 million accounts after hacking the U.S. telecom giant Charter Communications in early April, according to data…
Weiterlesen →Friday Squid Blogging: Squid-Inspired Fluid Pump
This fluid pump was inspired by the way squids propel themselves through the water. As usual, you can also use this squid post to talk…
Weiterlesen →China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
Instead of hiding on the laptops and servers defenders watch most closely, a China-nexus group spent close to a decade hidden inside the Linux login…
Weiterlesen →Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing
Google on Friday said it’s pursuing legal action against a Chinese cybercrime network, accusing it of using its Gemini artificial intelligence (AI) agent to send…
Weiterlesen →Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit
Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer…
Weiterlesen →phpBB forum fixes auth bypass bug lurking for a decade
A 10-year-old authentication bypass vulnerability discovered in the phpBB forum software allows an attacker to log in as any user, including administrators. […]
Weiterlesen →Youtube Premium wird erheblich teurer
Das Abopreis für Einzelpersonen steigt um zwei Euro pro Monat, der für Familien um sechs Euro. Die Preise gelten auch für Bestandskunden
Weiterlesen →Claude Fable 5 Doesn’t Change the Mythos Security Story
Stay cool: Mythos 5 is an upgrade over Mythos Preview while Fable 5 is Mythos "made safe for general use," Anthropic explained.
Weiterlesen →ISC Stormcast For Friday, June 12th, 2026 https://isc.sans.edu/podcastdetail/9970, (Fri, Jun 12th)
Weiterlesen →Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code
Cybersecurity researchers have described what they say is a new class of attack that can trick artificial intelligence (AI) coding agents into running arbitrary code…
Weiterlesen →Early Warning Signs of Supply-Chain Attacks Live in the Dark Web
GitHub access sales, leaked repositories, and stolen API keys can all become supply-chain attack footholds. Flare explores how underground forums expose early signals tied to…
Weiterlesen →Over 400 Arch Linux packages compromised to push rootkit, infostealer
More than 400 packages in the Arch User Repository (AUR) are distributing a Linux rootkit and infostealer malware targeting credentials and access tokens. […]
Weiterlesen →Ukrainian national pleads guilty to role in Conti ransomware operation
A Ukrainian national extradited from Ireland to the United States last year has pleaded guilty to conspiracy charges tied to the Conti ransomware operation. […]
Weiterlesen →Störung bei Facebook-Konzern Meta
Nutzer berichteten von Problemen, unter anderem Facebook und Instagram zu erreichen. Von Meta heißt es, man arbeite an einer Lösung
Weiterlesen →Pokémon Go: Spielerdaten werden zur Navigation von Militärdrohnen genutzt
Spieler wurden aufgefordert, 360-Grad-Aufnahmen ihrer Umgebung anzufertigen, selbst im Inneren ihrer Wohnung. Die Daten landeten bei einer Firma, die für das US-Militär arbeitet
Weiterlesen →Aufblasbarer Elon Musk am Times Square erinnert an die heiße Luft der KI-Blase
Eine Protestaktion in New York ruft den Investoren die Deepfake-Missbrauchsdarstellungen von Kindern durch Musks KI-Tool Grok ins Gedächtnis
Weiterlesen →Bernie Sanders’ AI Sovereign Wealth Fund Plan
Let no one accuse Bernie Sanders of ducking the big questions. Writing in the New York Times last week, the senator asked: “Will the future…
Weiterlesen →Europol Disrupts AudiA6 Crypto Laundering Service Used by Ransomware Gangs
Authorities in Europe have disrupted AudiA6, a cryptocurrency laundering service used by ransomware gangs and cybercriminal networks. Europol, in a statement issued Thursday, said the…
Weiterlesen →INTERPOL Operation Takes Down Sniper Dz Phishing Platform, Arrests Administrator
An INTERPOL-led operation last month resulted in the disruption of Sniper Dz, a decade-long phishing-as-a-service (PhaaS) platform, Group-IB said Thursday. The effort, codenamed Operation Ramz,…
Weiterlesen →Rethinking MDR as Attackers and Defenders Embrace AI
For most of the past decade, managed detection and response was the answer to a real problem. Security teams couldn’t staff around the clock, couldn’t…
Weiterlesen →Over 73,000 French govt employees affected in Tchap messenger breach
The French government revealed that a recent breach of its Tchap encrypted messaging platform affects the accounts of over 73,000 employees in the French public sector. […]
Weiterlesen →Microsoft fixes Windows update failures linked to WUSA installer
Microsoft has fixed a known issue that caused Windows updates released since May 2025 to fail when installed via the Windows Update Standalone Installer (WUSA)…
Weiterlesen →Börsengänge, Deals und Partnerschaften: Das KI-Geldkarussell dreht sich weiter
Space X und xAI gehen an die Börse, OpenAI und Anthropic wollen folgen. Google bekommt Geld von Apple und gibt es bei Elon Musk wieder…
Weiterlesen →Einige deutsche Firmen sehen KI als Ersatz für Hochschulabschluss
Ifo-Umfrage: 20 Prozent der Unternehmen, die künstliche Intelligenz einsetzen, halten es für leicht oder sehr leicht, die Absolventen durch weniger qualifizierte Beschäftigte zu ersetzen
Weiterlesen →USA: Unschuldiger wird festgenommen, weil KI ihn zu „93 Prozent“ für Täter hält
Ein 52-jähriger Mann in Florida wurde der versuchten Kindesentführung verdächtigt. Die Polizisten glaubten der KI und ignorierten alle Gegenbeweise
Weiterlesen →Analyse belegt: Das Trump Phone ist ein goldlackiertes HTC-Gerät
iFixit hat das eins mit dem Versprechen „Made in USA“ beworbene Device auseinandergenommen und findet einen in China produzierten Ableger des HTC U24 Pro
Weiterlesen →iPhone-Klau-Krise: Apple arbeitet mit Londoner Polizei zusammen
Zunehmend werden Handys direkt bei der Benutzung entwendet, damit sie noch im ungesperrten Zustand sind. In London gibt es dagegen nun ein Projekt mit Apple.
Weiterlesen →Fable 5: Anthropic stoppt verdeckte Eingriffe
Nach Kritik an heimlich manipulierten Antworten rudert Anthropic zurück: Die Schranken von Fable 5 werden sichtbar – auf Kosten von mehr Fehlalarmen.
Weiterlesen →Angriffswelle auf Arch Linux: Hunderte Paketbeschreibungen mit Malware im AUR
Arch Linux wehrt sich gegen eine Angriffswelle, die massenweise Paketbeschreibungen im inoffiziellen Arch User Repository mit Malware verseucht hat.
Weiterlesen →Phishing Attack Volume Down 20%, but Risk Still Rising
Hackers are valuing quality over quantity, using AI to upgrade their phishing attacks rather than multiply them.
Weiterlesen →Japanese energy firm loses drive with data of 10.9 million clients
Kyushu Electric Power Co., Inc. has disclosed a physical security incident that affects private data of more than 10 million customers. […]
Weiterlesen →Apple vs. Google: Wenn aus Konkurrenten enge Verbündete werden
Die beiden Firmen ziehen mittlerweile sowohl strategisch als auch politisch am selben Strang. Der KI-Deal rund um Siri und Gemini ist dafür der nächste große…
Weiterlesen →Cybercrime: Kryptomixer „AudiA6“ stillgelegt, zwei Verantwortliche festgenommen
Strafverfolgungsbehörden haben in Georgien zwei mutmaßliche Betreiber des Kryptomixers „AudiA6“ festgenommen und mehrere Dienste stillgelegt.
Weiterlesen →New Attacks Trick OpenClaw AI Agent Into Running Code and Leaking Secrets
Two security teams have shown, in separate research published this week, that OpenClaw, the popular self-hosted AI agent, can be driven to run attacker-controlled code…
Weiterlesen →Segmentation Works for OT If Operators Are Paying Attention
Operational technology security remains as difficult as ever, with even the best practice recommendation falling short.
Weiterlesen →ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Code Patch + 28 New Stories
It’s been one of those weeks. You expect the usual noise: recycled malware, sloppy attacks, another easy target getting hit. Instead, there’s a supply chain…
Weiterlesen →Cybersecurity Stars Awards 2026: Winners Announced Across 95 Categories
Most good security work is invisible by design. Today is the exception. The 2026 Cybersecurity Stars Awards winners are announced across 95 subcategories in four…
Weiterlesen →The Gentlemen Ransomware Claims 478 Victims, Can Spread Like a Worm
A new analysis of The Gentlemen operation has revealed that the financially motivated threat group initially operated as an affiliate responsible for conducting double extortion…
Weiterlesen →Why AI-driven threats are exposing the limits of MSP security stacks
AI-driven attacks are exposing the limits of fragmented MSP security stacks and slow response workflows. Kaseya breaks down why integrated security, automation, and recovery are…
Weiterlesen →Authorities dismantle ‚AudiA6‘ ransomware crypto-laundering service
Law enforcement has dismantled the “AudiA6” cryptocurrency service allegedly used by ransomware actors and other cybercriminals to launder more than $380 million. […]
Weiterlesen →Xbox streicht rund 1000 Stellen und will Spielestudios schließen
Die Xbox-Chefin macht steigende Hardwarepreise für die Krise verantwortlich. Kritiker werfen dem Management Heuchelei vor
Weiterlesen →OpenAI und Anthropic sind im Krieg und die Nerven liegen blank
Ein Preiskampf um Marktanteile, gestresste Führungskräfte und geschönte Bilanzen: Vor den angepeilten Börsengängen fahren die KI-Giganten die Ellenbogen aus
Weiterlesen →Premiere: Autonome Seedrohne rettet abgeschossene Apache-Piloten
Nachdem ein Apache-Hubschrauber von einer billigen Shahed-Drohne getroffen wurde, spürte ein unbemanntes Wasserfahrzeug die beiden Piloten auf und nahm sie an Bord
Weiterlesen →FreeBSD: Rechteausweitungslücke mit augenzwinkerndem Codenamen
Auch in FreeBSD haben IT-Forscher eine Sicherheitslücke gefunden, die die Rechteausweitung ermöglicht. Name: „Bumsrakete[tm]“.
Weiterlesen →Betrügerische Jobangebote: Wie Haargummi, Kugelschreiber & Co. in die Falle locken
Die Masche ist nicht neu, die Tarnung schon. Werbeanzeigen für einfache Home-Office-Tätigkeiten mit guter Bezahlung sollen Interesse wecken. Nach der Registrierung auf einer Plattform wird…
Weiterlesen →Enhanced License Plate Tracking
The surveillance company Leonardo wants more data: A surveillance company plans to add sensors to automatic license plate readers (ALPRs) that would mean the devices,…
Weiterlesen →GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks
GitHub has announced what it said are „breaking changes“ coming to npm version 12, one of which turns off install scripts by default to combat…
Weiterlesen →OceanLotus Hits Vietnam Investors With SPECTRALVIPER in FireAnt Attack
The Vietnam-aligned threat actor known as OceanLotus has been attributed to two distinct campaigns that targeted domestic entities and stock investors with a backdoor known…
Weiterlesen →AI Broke Vulnerability Management. That’s Why CISOs Are Moving Budget to BAS.
For thirty years, vulnerability management ran on a buffer: the months between when a vulnerability was found and when someone could figure out how to…
Weiterlesen →Microsoft fixes BitLocker recovery bug on Windows Server 2025
Microsoft has resolved a known issue causing some Windows Server 2025 devices to boot into BitLocker recovery after installing the April 2026 security update. […]
Weiterlesen →Anthropic-Chef: Regierungen sollten riskante KI stoppen können
In Bereichen wie Cybersicherheit, Biowaffen und möglichen Verlust der Kontrolle über die Systeme
Weiterlesen →