Seite wählen

17.07.2026

Sicherheitsforscher loben Samsung für den Umgang mit gemeldeten Schwachstellen

Heise Security 17.07.2026 03:04
Eine Sicherheitsfirma hat in vier Jahren 176 Lücken in vorinstallierten Samsung-Apps gemeldet. Samsung hat alle umgehend behoben. Die Experten sind begeistert.

n8n Token Exchange Flaw Could Let Attackers Log In as Users From Another Issuer

The Hacker News 16.07.2026 13:33
n8n, the workflow automation platform, handed out the wrong accounts at login. On Enterprise instances configured to trust more than one external token issuer, it matched an incoming JWT to a local user on the sub claim alone and ignored iss.

A valid token from issuer A carrying a sub that belongs to someone under issuer B logged you in as them. Their password never

CISA urges immediate SharePoint hardening as exploits mount

CSO Online 16.07.2026 12:06
The US Cybersecurity and Infrastructure Security Agency (CISA) has urged organizations to immediately secure Microsoft SharePoint deployments after warning that three vulnerabilities affecting the on-premises collaboration platform are being actively exploited.
A recent advisory from the federal cybersecurity watchdog asked administrators to patch vulnerable servers, review Microsoft’s mitigation guidance, and assume that internet-facing SharePoint instances remain attractive targets for attackers seeking an initial foothold into enterprise environments.

Have I Been Pwned: 821.100 Datensätze von Messgerätehersteller Fluke ergänzt

Heise Security 16.07.2026 09:25
Das Have-I-Been-Pwned-Projekt hat 821.100 Kontodaten des Messgeräteherstellers Fluke zur Datenhalde hinzugefügt.

Webkonferenztool Zoom: Kontoübernahme aus dem Netz möglich

Heise Security 16.07.2026 07:38
Zoom hat mehrere Sicherheitslücken in der Webkonferenzsoftware geschlossen. Sie ermöglichen etwa Kontoübernahme aus dem Netz.

Zoom Patches Critical Windows Flaw That Could Enable Account Takeover

The Hacker News 16.07.2026 07:22
Zoom has released security updates for a critical security flaw impacting Zoom Workplace for Windows that could facilitate account takeover.

The vulnerability, tracked as CVE-2026-53412 (CVSS score: 9.8), affects Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows.

"Improper Input Validation in Zoom Desktop Client for Windows, Zoom VDI Client for