Datenschutz und -sicherung sind vor allem im Zuge der aktuellen Entwicklungen und neuen Gefahren aus dem Cyberraum essenziell für Unternehmen. Es gilt mehr denn je DSGVO-Vorschriften einzuhalten und damit Kundenvertrauen aufrechtzuerhalten und zu gewinnen. Dieser Artikel wurde indexiert von Newsfeed…
23andme: Pleite von Gentest-Anbieter wirft Frage nach Datenschutz auf
Was passiert mit den Nutzerdaten, wenn ein Gentest-Unternehmen pleitegeht? 23andme hatte 15 Millionen Nutzer, die ihre Daten besser löschen lassen sollten. (Datenschutz, Verbraucherschutz) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: 23andme: Pleite von Gentest-Anbieter…
Cloudflare Unveils AI Labyrinth a New Approach to Exhaust AI Crawlers and Other Bots
Cloudflare has launched AI Labyrinth, an innovative tool designed to combat unauthorized web-scraping bots by redirecting them into an endless maze of AI-generated content. Introduced on March 19, 2025, this free, opt-in feature marks a significant shift in bot mitigation…
WordPress Plugin Vulnerability Exposes 200k+ Sites to Code Execution Attacks
A critical vulnerability in WP Ghost, a popular WordPress security plugin with over 200,000 active installations. The high-severity flaw, tracked as CVE-2025-26909 with a CVSS score of 9.6, allows unauthenticated attackers to exploit a Local File Inclusion (LFI) vulnerability that…
WordPress Plug-in Vulnerability Let Hackers Inject Malicious SQL Queries
A critical vulnerability in GamiPress, a popular WordPress plugin used for gamification and rewards systems on websites. The high-impact flaw, categorized as CVE-2024-13496 with a CVSS 3.1 score of 7.5, allowed unauthenticated attackers to inject malicious SQL queries that could…
FCC Conducting Investigation into Chinese Entities Placed on the Government’s Prohibited List
The Federal Communications Commission (FCC) has launched a sweeping investigation into nine Chinese technology and telecommunications companies that were previously placed on its Covered List, aiming to determine if these firms are evading U.S. restrictions. FCC Chairman Brendan Carr announced…
Clio – Real-Time Logging Tool With Locking, User Authentication, and Audit Trails
Clio has emerged as a revolutionary real-time logging solution developed by cybersecurity engineers at CyberLock Technologies in the evolving landscape of cybersecurity tools. Launched in January 2025, this sophisticated tool addresses critical gaps in traditional logging frameworks by providing comprehensive…
⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More
A quiet tweak in a popular open-source tool opened the door to a supply chain breach—what started as a targeted attack quickly spiraled, exposing secrets across countless projects. That wasn’t the only stealth move. A new all-in-one malware is silently…
Privacy Aware Bots, (Mon, Mar 24th)
Staring long enough at honeypot logs, I am sure you will come across one or the other “oddity.” Something that at first does not make any sense, but then, in some way, does make sense. After looking at the Next.js…
23andMe’s genes not strong enough to avoid Chapter 11
CEO steps down after multiple failed attempts to take the DNA testing company private Beleaguered DNA testing biz 23andMe – hit by a massive cyber attack in 2023 – is filing for bankruptcy protection in the US following years of…
Webinar Tomorrow: Which Security Testing Approach is Right for You?
Understand whether BAS, Automated Penetration Testing, or the combined approach of Adversarial Exposure Validation (AEV) aligns best with your organization’s unique security needs. The post Webinar Tomorrow: Which Security Testing Approach is Right for You? appeared first on SecurityWeek. This…
Report: Fortune 500 employee-linked account exposure
A backbone of our economy, Fortune 500 companies employ more than 31 million people worldwide. According to data analyzed by the Enzoic research team, over the past three years of 2022, 2023, and 2024, more than three million employee-linked accounts…
⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More
A quiet tweak in a popular open-source tool opened the door to a supply chain breach—what started as a targeted attack quickly spiraled, exposing secrets across countless projects. That wasn’t the only stealth move. A new all-in-one malware is silently…
IT Security News Hourly Summary 2025-03-24 15h : 14 posts
14 posts were published in the last hour 13:35 : Nur noch HTTPS erlaubt: Cloudflare blockiert unverschlüsselten HTTP-Traffic 13:34 : Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) 13:34 : ⚡ THN Weekly Recap: GitHub Supply Chain…
Nur noch HTTPS erlaubt: Cloudflare blockiert unverschlüsselten HTTP-Traffic
Den Start macht Cloudflare mit seiner eigenen API. Entwickler müssen ihre Anwendungen gegebenenfalls aktualisieren, um Ausfälle zu vermeiden. (HTTP, API) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Nur noch HTTPS erlaubt: Cloudflare blockiert unverschlüsselten…
Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927)
A critical vulnerability (CVE-2025-29927) in the open source Next.js framework can be exploited by attackers to bypass authorization checks and gain unauthorized access to web pages they should no have access to (e.g., the web app’s admin panel). Vercel –…
⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More
A quiet tweak in a popular open-source tool opened the door to a supply chain breach—what started as a targeted attack quickly spiraled, exposing secrets across countless projects. That wasn’t the only stealth move. A new all-in-one malware is silently…
Android SafetyCore und Android System Key Verifier – sind diese Apps sicher? | Offizieller Blog von Kaspersky
Wie und warum Android SafetyCore Bilder scannt und wie man die App entfernt. Dieser Artikel wurde indexiert von Offizieller Blog von Kaspersky Lesen Sie den originalen Artikel: Android SafetyCore und Android System Key Verifier – sind diese Apps sicher? |…
[UPDATE] [hoch] GNU Emacs: Schwachstelle ermöglicht Codeausführung
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in GNU Emacs ausnutzen, um beliebigen Programmcode auszuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [UPDATE] [hoch] GNU Emacs: Schwachstelle ermöglicht Codeausführung
[UPDATE] [mittel] Red Hat Enterprise Linux (python-tornado): Schwachstelle ermöglicht Denial of Service
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat Enterprise Linux ausnutzen, um einen Denial of Service Angriff durchzuführen. Dieser Artikel wurde indexiert von BSI Warn- und Informationsdienst (WID): Schwachstellen-Informationen (Security Advisories) Lesen Sie den originalen Artikel: [UPDATE] [mittel]…
Key Cybersecurity Themes for 2025
Cyber threats are evolving faster than ever, and security leaders can’t afford to fall behind. That’s why we created the 2025 Fortra State of Cybersecurity Survey—to provide valuable insights that help SOCs,… The post Key Cybersecurity Themes for 2025 appeared first on…
CleanStack: Dual-Stack Solution to Defend Against Memory Corruption Attacks
CleanStack is a novel stack protection mechanism designed to combat memory corruption attacks, which have long been a significant threat to software systems. These attacks exploit vulnerabilities in low-level languages like C/C++ to execute arbitrary code or manipulate memory operations.…
Operation Red Card: Authorities Arrest 300+ Linked to Cyber Attacks
An INTERPOL-led operation, dubbed “Operation Red Card,” has resulted in the arrest of over 306 individuals suspected of involvement in various cyber crimes across seven African countries. This operation, conducted from November 2024 to February 2025, targeted mobile banking, investment,…
Getting to Know Julio Lemus
Julio, can you tell us a bit about yourself? My name is Julio Lemus and I’m from Guatemala, but am currently living in Panamá. I’m part of the Check Point team for LATAM, covering the territory of Panamá, Venezuela, and…