The threat actor behind the exploitation of vulnerable Craft Content Management System (CMS) instances has shifted its tactics to target Magento CMS and misconfigured Docker instances. The activity has been…
Threat actors are piling on the zero-day vulnerabilities in SharePoint, including at least three Chinese nation-state cyber-espionage groups. – Read More
The operators of the popular and prolific malware wasted no time in regrouping after an FBI takedown in May, and they’re back to their old tricks. – Read More
How a new international standard is shaping the future of responsible AI development and deployment. – Read More
The Windows banking trojan known as Coyote has become the first known malware strain to exploit the Windows accessibility framework called UI Automation (UIA) to harvest sensitive information. “The new…
US bleach and cleaning product giant Clorox has filed a $380 million lawsuit against IT services provider Cognizant, alleging the company’s helpdesk staff handed over network passwords to cybercriminals who…
The FBI, CISA, Department of Health and Human Services (HHS), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have issued a joint cybersecurity advisory warning of an emerging ransomware…
Security experts have been talking about Kerberoasting for over a decade, yet this attack continues to evade typical defense methods. Why? It’s because existing detections rely on brittle heuristics and…
Die Südwestdeutsche Medienholding (SWMH) wurde gehackt. Aller Verlagshäuser sind betroffen. MacroEcon – shutterstock.com Die Südwestdeutsche Medienholding (SWMH), zu der auch die “Süddeutsche Zeitung” gehört, ist eines der größten Verlagshäuser in…
Google has announced the launch of a new initiative called OSS Rebuild to bolster the security of the open-source package ecosystems and prevent software supply chain attacks. “As supply chain…
Model context protocol (MCP) is quickly growing in popularity as a means for enabling AI assistants to connect and communicate with a range of data sources, tools, and services that…
Microsoft hat drei chinesische Hackergruppen identifiziert, die für die Angriffe über die Sicherheitslücke in SharePoint verantwortlich sein sollen. FOTOGRIN – shutterstock.com Bei den aktuellen Cyberattacken auf zahlreiche Unternehmen und Behörden…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two security flaws impacting SysAid IT support software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), on July 22, 2025, added two Microsoft SharePoint flaws, CVE-2025-49704 and CVE-2025-49706, to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence…
Tools für Dynamic und Static Application Security Testing helfen Entwicklern, ihren Quellcode zu härten. Wir zeigen Ihnen die besten Tools zu diesem Zweck. Chim | shutterstock.com Die Softwarelieferkette – respektive…