Security RSS

Heise Security News (alert)

• Warten auf Sicherheitspatch: Self-hosted-Git-Service Gogs ist verwundbar (29.05.2026 08:58)
• Oracle CSPU: 35 Sicherheitsupdates im Mai (29.05.2026 07:51)
• Chrome-Update schließt 151 Sicherheitslecks – davon 22 kritische (29.05.2026 06:07)
• Sicherheitsupdate: Veeam Backup & Replication unter Linux und Windows angreifbar (28.05.2026 14:55)
• Warnung vor Malware aufgrund von Lieferkettenangriffen (28.05.2026 08:44)
• IBM-Software wie HTTP Server ist für DoS- und Schadcode-Attacken anfällig (28.05.2026 08:03)

CyberSecurityNews (The Hacker News)

• PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation (30.05.2026 06:41)
• ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface (29.05.2026 18:07)
• Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit (29.05.2026 14:39)
• New Russia-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks (29.05.2026 11:31)
• What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks (29.05.2026 10:30)
• Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets (29.05.2026 09:11)
• Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels (29.05.2026 05:57)
• Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code (28.05.2026 17:24)
• Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer (28.05.2026 15:26)
• Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal (28.05.2026 13:53)
• ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More (28.05.2026 13:33)
• New AI Usage Report: Enterprise AI Risk Is Heavily Concentrated Among a Small Group of AI "Power users" (28.05.2026 11:30)