Sieben Anzeichen dafür, dass Ihr Cybersecurity-Framework überarbeitet werden muss
CSO Online 30.12.2025 04:00
Cybersecurity ist kein Nice-to-have, sondern ein Muss.
Cybersicherheits-Frameworks sind die Richtlinien, mit denen sich Unternehmen vor Cyberangriffen schützen. Ein typisches Framework beschreibt die notwendigen Schritte, um
(g+) Security 2026: Was Firmen aus den Cyberattacken 2025 lernen sollten
Golem 29.12.2025 12:30
Ein Jahresrückblick auf die größten Cyberangriffe und was sie für das kommende Jahr bedeuten. Eine Analyse von Steffen Zahn (Security, Wirtschaft)
React2Shell: Anatomy of a max-severity flaw that sent shockwaves through the web
CSO Online 29.12.2025 10:58
The React 19 library for building application interfaces was hit with a remote code vulnerability, React2Shell, about a month ago. However, as researchers delve deeper into the bug, the larger picture gradually unravels.
The vulnerability enables unauthenticated remote code execution through React Server Components, allowing attackers to execute arbitrary code on affected servers via a crafted request. In other words, a foundational web framework feature quietly became an initial access vector.
MongoDB Vulnerability CVE-2025-14847 Under Active Exploitation Worldwide
The Hacker News 29.12.2025 09:46
A recently disclosed security vulnerability in MongoDB has come under active exploitation in the wild, with over 87,000 potentially susceptible instances identified across the world.
The vulnerability in question is CVE-2025-14847 (CVSS score: 8.7), which allows an unauthenticated attacker to remotely leak sensitive data from the MongoDB server memory. It has been codenamed MongoBleed.
"A flaw