Nachrichtenarchiv

CSO Online 27.02.2026 21:36
Network admins with Juniper PTX series routers in their environments are being warned to patch immediately, because a newly-discovered critical vulnerability could lead to an unauthenticated threat actor running code with root privileges.
The hole is “especially dangerous, because these devices often sit in the middle of the network, not on the fringes,” said Piyush Sharma, CEO of Tuskira. “If an attacker gains control of a PTX, the impact is bigger than a single device compromise because it can become a traffic vantage point and a control point at the same time. This opens the door to the stealthy interception of data flows, controller redirected traffic, or easy pivots into adjacent networks.”

The Hacker News 27.02.2026 17:59
The Shadowserver Foundation has revealed that over 900 Sangoma FreePBX instances still remain infected with web shells as part of attacks that exploited a command injection vulnerability starting in December 2025.
Of these, 401 instances are located in the U.S., followed by 51 in Brazil, 43 in Canada, 40 in Germany, and 36 in France.
The non-profit entity said the compromises are likely

Infosecurity Magazine 27.02.2026 11:45
The UK government says its new Vulnerability Monitoring Service has cut unresolved security flaws by 75% and reduced cyber-attack fix times from nearly two months to just over a week

Heise Security 27.02.2026 08:22
Wichtige Sicherheitsupdates schließen mehrere Lücken in verschiedenen Anwendungen von IBM.

CSO Online 27.02.2026 07:00
Ransomware attackers are switching tactics in favor of more stealthy infiltration, as the threat of public exposure of sensitive corporate data is becoming the main mechanism of extortion.
Picus Security’s annual red-teaming report shows attackers shifting away from loud disruption toward quiet, long-term access — or from “predatory” smash-and-grab tactics to “parasitic” silent residency.

Heise Security 27.02.2026 06:49
In Junos OS Evolved der PTX-Serie von Juniper Networks klafft eine kritische Sicherheitslücke. Ein ungeplantes Update schließt sie.

Infosecurity Magazine 26.02.2026 09:30
The US and allies are urging Cisco Catalyst SD-WAN customers to hunt for signs of exploitation

Heise Security 26.02.2026 08:38
Im npm-Ökosystem kursiert eine neue Malware, die Anmeldedaten und CI-Secrets stiehlt und sich selbstständig weiterverbreitet.

Golem 26.02.2026 07:59
Eine Hackergruppe dringt seit 2023 über eine Sicherheitslücke in Cisco-Systemen in Netzwerkinfrastrukturen ein. Einen Patch gibt es erst jetzt. (Sicherheitslücke, Cisco)

Heise Security 26.02.2026 07:50
Angreifer nutzen eine kritische Schwachstelle in Cisco Catalyst SD-WAN Controller aus. Cisco patcht noch weitere Produkte wie Nexus 9000.

Heise Security 26.02.2026 07:40
Im Automatisierungs-Tool n8n klaffen elf Sicherheitslücken. Davon gelten drei als kritisches Risiko. Admins sollten rasch aktualisieren.

The Hacker News 26.02.2026 06:13
A newly disclosed maximum-severity security flaw in Cisco Catalyst SD-WAN Controller (formerly vSmart) and Catalyst SD-WAN Manager (formerly vManage) has come under active exploitation in the wild as part of malicious activity that dates back to 2023.
The vulnerability, tracked as CVE-2026-20127 (CVSS score: 10.0), allows an unauthenticated remote attacker to bypass authentication and obtain

Heise Security 25.02.2026 22:06
Ein unbekannter Cyberkrimineller dringt mittels des KI-Chatbots von Anthropic in mexikanische Behördennetzwerke ein. Das folgt einem besorgniserregenden Trend.

The Hacker News 25.02.2026 17:46
Google on Wednesday disclosed that it worked with industry partners to disrupt the infrastructure of a suspected China-nexus cyber espionage group tracked as UNC2814 that breached at least 53 organizations across 42 countries.
"This prolific, elusive actor has a long history of targeting international governments and global telecommunications organizations across Africa, Asia, and the Americas,"

The Hacker News 25.02.2026 17:00
Cybersecurity researchers have disclosed multiple security vulnerabilities in Anthropic's Claude Code, an artificial intelligence (AI)-powered coding assistant, that could result in remote code execution and theft of API credentials.
"The vulnerabilities exploit various configuration mechanisms, including Hooks, Model Context Protocol (MCP) servers, and environment variables – executing

Heise Security 25.02.2026 13:50
Unter anderem VMware Cloud Foundation ist verwundbar. Admins sollten die verfügbaren Sicherheitsupdates installieren.

Heise Security 25.02.2026 13:33
Der Rüstungskonzern L3Harris sammelt auch Zero-Day-Exploits für ausgewählte Regierungen. Ein Manager hat solche an einen Russen verkauft und muss nun in Haft.

The Hacker News 25.02.2026 12:43
Cybersecurity researchers have discovered four malicious NuGet packages that are designed to target ASP.NET web application developers to steal sensitive data.
The campaign, discovered by Socket, exfiltrates ASP.NET Identity data, including user accounts, role assignments, and permission mappings, as well as manipulates authorization rules to create persistent backdoors in victim applications.

Heise Security 25.02.2026 12:32
In Trend Micros Apex One haben die Entwickler Codeschmuggel-Lücken geschlossen. IT-Verantwortliche sollten zügig updaten.

Golem 25.02.2026 11:50
Hacker haben einen Weg gefunden, VMware-Instanzen über eine alte Sicherheitslücke zu attackieren. Hinweise auf Attacken mehren sich. (Sicherheitslücke, Virtualisierung)

Heise Security 25.02.2026 11:20
Vier kritische Sicherheitslecks stopft Solarwinds mit dem aktuellen Serv-U-Update. Angreifer können betroffene Systeme kompromittieren.

Infosecurity Magazine 25.02.2026 10:30
A former general manager of a US defense contractor has been sentenced after selling zero days to Russia

The Hacker News 25.02.2026 08:49
A 39-year-old Australian national who was previously employed at U.S. defense contractor L3Harris has been sentenced to a little over seven years in prison for selling eight zero-day exploits to Russian exploit broker Operation Zero in exchange for millions of dollars.
Peter Williams pleaded guilty to two counts of theft of trade secrets in October 2025. In addition to the jail term, Williams

Heise Security 25.02.2026 08:48
Dells Fernwartungstools Repository Manager und Wyse Management Suite sind verwundbar. Sicherheitsupdates schließen mehrere Lücken.

The Hacker News 25.02.2026 07:04
SolarWinds has released updates to address four critical security flaws in its Serv-U file transfer software that, if successfully exploited, could result in remote code execution.
The vulnerabilities, all rated 9.1 on the CVSS scoring system, are listed below –

CVE-2025-40538 – A broken access control vulnerability that allows an attacker to create a system admin user and execute arbitrary