29.10.2025

The Hacker News 28.10.2025 19:16
A group of academic researchers from Georgia Tech, Purdue University, and Synkhronix have developed a side-channel attack called TEE.Fail that allows for the extraction of secrets from the trusted execution environment (TEE) in a computer's main processor, including Intel's Software Guard eXtensions (SGX) and Trust Domain Extensions (TDX) and AMD's Secure Encrypted Virtualization with Secure

The Hacker News 28.10.2025 16:33
Cybersecurity researchers have disclosed details of a new Android banking trojan called Herodotus that has been observed in active campaigns targeting Italy and Brazil to conduct device takeover (DTO) attacks.
"Herodotus is designed to perform device takeover while making first attempts to mimic human behaviour and bypass behaviour biometrics detection," ThreatFabric said in a report shared with

Heise Security 28.10.2025 12:35
Das BSI hat eine Checkliste für Privatanwender veröffentlicht, die Hilfestellung zu Maßnahmen bei geknackten Zugängen liefert.

Heise Security 28.10.2025 10:26
Die Entwickler der Backuplösung Proxmox Backup Server haben Sicherheitslücken geschlossen. Bislang gibt es keine Berichte zu Attacken.

Heise Security 28.10.2025 09:20
Eine aktualisierte Docker-Desktop-Version schließt unter anderem eine DLL-Hijacking-Lücke im Windows-Installer.

The Hacker News 28.10.2025 08:22
The zero-day exploitation of a now-patched security flaw in Google Chrome led to the distribution of an espionage-related tool from Italian information technology and services provider Memento Labs, according to new findings from Kaspersky.
The vulnerability in question is CVE-2025-2783 (CVSS score: 8.3), a case of sandbox escape which the company disclosed in March 2025 as having come under