31.12.2025

CSO Online 31.12.2025 04:00
Cybercrime hat sich zur organisierten Industrie mit Arbeitsteilung gewandelt.
DC Studio – Shutterstock.com

The Hacker News 30.12.2025 16:28
The Cyber Security Agency of Singapore (CSA) has issued a bulletin warning of a maximum-severity security flaw in SmarterTools SmarterMail email software that could be exploited to achieve remote code execution.
The vulnerability, tracked as CVE-2025-52691, carries a CVSS score of 10.0. It relates to a case of arbitrary file upload that could enable code execution without requiring any

Golem 30.12.2025 11:15
Xploras Smartwatches für Kinder sollen Eltern Sicherheit geben, doch Forscher haben schwere Lücken gefunden. Angreifbar waren über 1,5 Millionen Uhren. (Sicherheitslücke, GPS)

Heise Security 30.12.2025 08:12
Forscher konnten Nachrichten mitlesen, Standorte fälschen und beliebige Uhren übernehmen – demonstriert aus der Perspektive einer kinderfressenden Waldhexe.

CSO Online 30.12.2025 07:00
Every day has the potential to be a bad day for a CSO. However, the second Tuesday of each month – Patch Tuesday – is almost guaranteed to be one of those days, though with any luck it’s merely troublesome, not catastrophic.
In 2025, however, some of them gave CSOs heartburn: Microsoft issued mitigations for 1,246 CVEs, including 158 rated critical. Forty-one of them were zero days, and researchers at Tenable estimate that elevation of privilege vulnerabilities accounted for about 38.3% of all Patch Tuesday vulnerabilities in 2025, followed by remote code execution flaws at about 30%.