Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM Semeru Runtime ausnutzen, um einen Denial of Service Angriff durchzuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [UPDATE] [mittel] IBM…
Microsoft Reduces Windows 11 24H2 Restore Point Retention from 90 to 60 Days
In a significant change for Windows 11 users, Microsoft has announced that, beginning with the June 2025 security update (KB5060842), system restore points in Windows 11 version 24H2 will now be retained for up to 60 days, down from the…
Steel Giant Nucor Suffers Cyberattack, IT Systems Breached
Nucor Corporation, the largest steel producer and recycler in North America, has confirmed it suffered a significant cybersecurity breach that disrupted operations across multiple facilities and led to the theft of limited company data. The incident, first disclosed in a…
Largest DDoS Attack to Date
It was a recently unimaginable 7.3 Tbps: The vast majority of the attack was delivered in the form of User Datagram Protocol packets. Legitimate UDP-based transmissions are used in especially time-sensitive communications, such as those for video playback, gaming applications,…
CoinMarketCap Doodle Image Vulnerability Triggered Malicious Code Through an API Call
CoinMarketCap, one of the world’s leading cryptocurrency data platforms, experienced a security vulnerability on June 20, 2025, when a doodle image on their homepage contained malicious code that triggered unauthorized API calls, resulting in unexpected pop-ups for users. The company’s…
Critical Meshtastic Vulnerability Let Attackers to Decrypt Private Messages
A critical security vulnerability has been discovered in Meshtastic firmware that could allow attackers to decrypt private messages sent between devices. The flaw, assigned a CVSS score of 9.5 out of 10, affects all versions above 2.5.0 and stems from…
Critical Citrix NetScaler bug fixed, upgrade ASAP! (CVE-2025-5777)
Citrix has fixed a critical vulnerability (CVE-2025-5777) in NetScaler ADC and NetScaler Gateway reminiscent of the infamous and widely exploited CitrixBleed flaw. The vulnerabilities have been privately disclosed and there is no indication that they are under active exploitation. Nevertheless,…
⚡ Weekly Recap: Chrome 0-Day, 7.3 Tbps DDoS, MFA Bypass Tricks, Banking Trojan and More
Not every risk looks like an attack. Some problems start as small glitches, strange logs, or quiet delays that don’t seem urgent—until they are. What if your environment is already being tested, just not in ways you expected? Some of…
Google Adds Multi-Layered Defenses to Secure GenAI from Prompt Injection Attacks
Google has revealed the various safety measures that are being incorporated into its generative artificial intelligence (AI) systems to mitigate emerging attack vectors like indirect prompt injections and improve the overall security posture for agentic AI systems. “Unlike direct prompt…
BSI: Menschen schützen sich immer weniger vor Cyberkriminalität
Cybersicherheitsmonitor 2025: Trotz hoher Bedrohungslage verwenden Menschen zum Schutz vor Cyberkriminalität weniger Maßnahmen als in den Vorjahren. Dieser Artikel wurde indexiert von IT-News Cybersicherheit – silicon.de Lesen Sie den originalen Artikel: BSI: Menschen schützen sich immer weniger vor Cyberkriminalität
Öffnen reicht: Winrar-Lücke lässt Angreifer Schadcode ausführen
Die neue Beta-Version von Winrar schließt eine gefährliche Sicherheitslücke. Angreifer können aus der Ferne Schadcode zur Ausführung bringen. (Sicherheitslücke, Virus) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Öffnen reicht: Winrar-Lücke lässt Angreifer Schadcode ausführen
Zyxel Devices Hit by Active Exploits Targeting CVE-2023-28771 Vulnerability
Zyxel users beware: A critical remote code execution flaw (CVE-2023-28771) in Zyxel devices is under active exploitation by a Mirai-like botnet. GreyNoise observed a surge on June 16, targeting devices globally. This article has been indexed from Hackread – Latest…
Hackers Allegedly Selling Intelbras Router 0-Day Exploit on Dark Web Forums
A threat actor has reportedly put up for sale a previously unknown, or “zero-day,” exploit targeting Intelbras routers on dark web forums, raising significant concerns among cybersecurity professionals and end users. The alleged exploit leverages an undisclosed vulnerability, potentially enabling…
⚡ Weekly Recap: Chrome 0-Day, 7.3 Tbps DDoS, MFA Bypass Tricks, Banking Trojan and More
Not every risk looks like an attack. Some problems start as small glitches, strange logs, or quiet delays that don’t seem urgent—until they are. What if your environment is already being tested, just not in ways you expected? Some of…
IT Security News Hourly Summary 2025-06-23 12h : 17 posts
17 posts were published in the last hour 10:4 : [NEU] [hoch] IBM Spectrum Protect: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen 10:4 : [NEU] [niedrig] Red Hat Enterprise Linux (mpfr): Schwachstelle ermöglicht Denial of Service 10:4 : [NEU] [mittel] Red Hat…
Packprogramm: Winrar-Schwachstelle ermöglicht Ausführung von Schadcode
Die neue Beta-Version von Winrar schließt eine gefährliche Sicherheitslücke. Angreifer können aus der Ferne Schadcode einschleusen und ausführen. (Sicherheitslücke, Virus) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Packprogramm: Winrar-Schwachstelle ermöglicht Ausführung von Schadcode
The best password manager for families in 2025: Expert tested and reviewed
The best password managers provide security, privacy, and ease of use for a reasonable price. I tested the best ones to help you find what’s best for your family. This article has been indexed from Latest stories for ZDNET in…
Taiwan Is Rushing to Make Its Own Drones Before It’s Too Late
Unmanned vehicles are increasingly becoming essential weapons of war. But with a potential conflict with China looming large, Taiwan is scrambling to build a domestic drone industry from scratch. This article has been indexed from Security Latest Read the original…
ConnectUnwise: Threat actors abuse ConnectWise as builder for signed malware
Since March 2025 there has been a noticeable increase in infections and fake applications using validly signed ConnectWise samples. We reveal how bad signing practices allow threat actors to abuse this legitimate software to build and distribute their own signed…
Windows Screencast Snipping Tool Allow Users to Export Captures as GIF
Microsoft has begun rolling out a significant update to the Windows Snipping Tool that enables users to export screen recordings as GIF files, marking a notable enhancement to the productivity toolkit available on Windows 11. The new functionality, designated as…
SparkKitty Attacks iOS and Android Devices in Wild Via App Store and Google Play
Cybersecurity researchers have uncovered a sophisticated new spyware campaign called SparkKitty that has successfully infiltrated both Apple’s App Store and Google Play Store, marking a significant escalation in mobile malware distribution through official channels. This Trojan spy represents the latest…
US Braces for Cyberattacks After Joining Israel-Iran War
Iranian hackers are expected to intensify cyberattacks against the US after the recent air strikes on Iran’s nuclear sites. The post US Braces for Cyberattacks After Joining Israel-Iran War appeared first on SecurityWeek. This article has been indexed from SecurityWeek…
Closing the Gap Between AI Ambition and Enterprise Reality
Even when infrastructure improves, enterprises still face a fundamental hurdle: AI systems don’t behave like traditional software. The post Closing the Gap Between AI Ambition and Enterprise Reality appeared first on Security Boulevard. This article has been indexed from Security…
⚡ Weekly Recap: Chrome 0-Day, 7.3 Tbps DDoS, MFA Bypass Tricks, Banking Trojan and More
Not every risk looks like an attack. Some problems start as small glitches, strange logs, or quiet delays that don’t seem urgent—until they are. What if your environment is already being tested, just not in ways you expected? Some of…