17.12.2025

CSO Online 16.12.2025 23:54
A Russian state-sponsored cyberespionage group has been targeting energy companies and critical infrastructure providers by exploiting misconfigurations in network-edge devices.
The group has been operating since at least 2021 and has exploited device misconfigurations before but also known vulnerabilities such as CVE-2022-26318 in WatchGuard Firebox and XTM appliances, CVE-2021-26084 and CVE-2023-22518 in Confluence or CVE-2023-2753 in Veeam Backup.

Golem 16.12.2025 14:40
Schon 1994 ist RC4 an die Öffentlichkeit gelangt und wird seitdem für Angriffe auf Active-Directory-Netzwerke genutzt. Das soll sich ändern. (Microsoft, Server-Applikationen)

The Hacker News 16.12.2025 12:27
Amazon's threat intelligence team has disclosed details of a "years-long" Russian state-sponsored campaign that targeted Western critical infrastructure between 2021 and 2025.
Targets of the campaign included energy sector organizations across Western nations, critical infrastructure providers in North America and Europe, and entities with cloud-hosted network infrastructure. The activity has

The Hacker News 16.12.2025 10:58
Threat actors have begun to exploit two newly disclosed security flaws in Fortinet FortiGate devices, less than a week after public disclosure.
Cybersecurity company Arctic Wolf said it observed active intrusions involving malicious single sign-on (SSO) logins on FortiGate appliances on December 12, 2025. The attacks exploit two critical authentication bypasses (CVE-2025-59718 and CVE-2025-59719

Heise Security 16.12.2025 09:59
Sicherheitspatches schließen mehrere Lücken in HPE ProLiant. Server sind aber nur unter bestimmten Bedinungen angreifbar.

Heise Security 16.12.2025 07:43
Die CISA warnt vor laufenden Angriffen auf Schwachstellen in Apples iOS und macOS sowie auf Gladinet CentreStack und Triofox.