Security RSS

Heise Security News (alert)

• Websites kompromittierbar: Lücken in WordPress-Plug-in WP Ultimate CSV Importer (01.04.2025 12:24)
• Reparierter Sicherheitspatch schließt Schadcode-Lücke in IBM App Connect (01.04.2025 09:47)
• IBM InfoSphere Information Server: Unbefugte Zugriffe möglich (31.03.2025 09:59)
• Sicherheitslücken Gitlab: Heruntergestufte Admins behalten weitreichende Rechte (28.03.2025 10:45)
• Storage-Appliances: Dell schließt unzählige Sicherheitslücken in Unity-Serien (28.03.2025 09:00)
• Firefox: Mozilla schließt kritische Sandbox-Lücke in Windows-Version (28.03.2025 06:42)

CyberSecurityNews (The Hacker News)

• Over 1,500 PostgreSQL Servers Compromised in Fileless Cryptocurrency Mining Campaign (01.04.2025 17:08)
• Enterprise Gmail Users Can Now Send End-to-End Encrypted Emails to Any Platform (01.04.2025 15:34)
• Lucid PhaaS Hits 169 Targets in 88 Countries Using iMessage and RCS Smishing (01.04.2025 14:18)
• Apple Backports Critical Fixes for 3 Recent 0-Days Impacting Older iOS and macOS Devices (01.04.2025 11:28)
• Nearly 24,000 IPs Target PAN-OS GlobalProtect in Coordinated Login Scan Campaign (01.04.2025 11:17)
• New Case Study: Global Retailer Overshares CSRF Tokens with Facebook (01.04.2025 11:03)
• China-Linked Earth Alux Uses VARGEIT and COBEACON in Multi-Stage Cyber Intrusions (01.04.2025 11:03)
• Apple Fined €150 Million by French Regulator Over Discriminatory ATT Consent Practices (01.04.2025 05:47)
• Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp (31.03.2025 16:41)
• Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images (31.03.2025 12:04)
• ⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More (31.03.2025 11:25)
• 5 Impactful AWS Vulnerabilities You're Responsible For (31.03.2025 11:00)