Seite wählen

10.02.2026

9

Anthropic’s DXT poses “critical RCE vulnerability” by running with full system privileges

CSO Online 10.02.2026 03:19
When LayerX Security published a report on Monday describing what it called “a critical zero-click RCE vulnerability in [Anthropic’s] Claude Desktop Extensions (DXT) that allows a malicious Google Calendar invite to silently compromise an entire system,” analysts, consultants, security leaders, and even Anthropic didn’t dispute the facts. 
But the revelation did reignite the debate about whether it is the responsibility of AI vendors to ship buttoned-down secure products, or if it’s the CISOs’ responsibility to change settings to fit their business environment.

9

SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers

The Hacker News 09.02.2026 14:42
Microsoft has revealed that it observed a multi‑stage intrusion that involved the threat actors exploiting internet‑exposed SolarWinds Web Help Desk (WHD) instances to obtain initial access and move laterally across the organization's network to other high-value assets.
That said, the Microsoft Defender Security Research Team said it's not clear whether the activity weaponized recently

9

Schadcode-Lücke in FortiClient EMS kann PCs kompromittieren

Heise Security 09.02.2026 13:29
Ein wichtiges Update schließt eine kritische Sicherheitslücke in FortiClient Endpoint Management Server (EMS).

9

Gartner-Prognose: Die sechs wichtigsten Cybersicherheits-Trends für 2026

CSO Online 09.02.2026 09:49
Lesen Sie, mit welchen Cybersecurity-Trends sich Unternehmen in diesem Jahr beschäftigen sollten.
Auch im Jahr 2026 bleibt die Cybersicherheitslage angespannt. Doch was sind die wichtigsten Themen, Risiken und Chancen, mit denen sich Security-Entscheider aktuell befassen sollten?

9

Datenabfluss vermutet: Cyberangriff trifft EU-Kommission

Golem 09.02.2026 08:04
Hackern ist ein Cyberangriff auf die EU-Kommission gelungen. Angriffspunkt war ein System zur Verwaltung mobiler Endgeräte – vermutlich von Ivanti. (Cybercrime, Cyberwar)

9

BeyondTrust Fixes Critical Pre-Auth RCE Vulnerability in Remote Support and PRA

The Hacker News 09.02.2026 08:03
BeyondTrust has released updates to address a critical security flaw impacting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could result in remote code execution.
"BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability," the company