2026 – Seite 243 – Wolfinisoftware.de

📄

security

Attempts to Exploit Exposed „Vite“ Installs (CVE-2025-30208), (Thu, Apr 2nd)

von SANSISC • 02. April 2026

From its GitHub repo: „Vite (French word for „quick“, pronounced /vi?t/, like „veet“) is a new breed of frontend build tooling that significantly improves the frontend development experience“ [https://github.com/vitejs/vite].

Mehr lesen →

📄

soc

CVE-2026-5281: Chrome WebGPU Zero-Day Exploited In The Wild

von SOCRadar •

CVE-2026-5281: Chrome WebGPU Zero-Day Exploited In The Wild Google patched CVE-2026-5281, a high-severity use-after-free (CWE-416) vulnerability in Dawn, Chromium’s WebGPU implementation. The company has confirmed exploitation in the wild, and CISA added it to the Known Exploited Vulnerabilities (KEV) catalog with a remediation deadline for federal agencies. This post breaks down what CVE-2026-5281 is, who […]

Mehr lesen →

📄

security

Open-Source-CMS von Cloudflare: EmDash fordert WordPress heraus

von Heise Online •

EmDash ist ein neues Content-Management-System mit TypeScript- und Astro-Basis. Plug-ins sollen dort sicher innerhalb einer Sandbox laufen.

Mehr lesen →

📄

security

Bank Trojan ‚Casbaneiro‘ Worms Through Latin America

von Darkreading •

Augmented Marauder’s multipronged banking-Trojan cyber campaigns are targeting Spanish speakers, evading detection, and replicating rapidly.

Mehr lesen →

📄

soc

BLACKNET-00: The Ransomware-as-a-Service Platform That Weaponizes Mediocrity

von SOCRadar •

BLACKNET-00: The Ransomware-as-a-Service Platform That Weaponizes Mediocrity How a Custom Ransomware Builder Collapses the Technical Barrier Between Script Kiddies and Enterprise-Grade Ransomware Operations Executive Summary A threat actor named Infrastructure Destruction Squad announced BLACKNET-00 via Telegram, a fully GUI-driven ransomware builder that requires zero programming knowledge to operate. Featuring layered encryption (AES-256, RSA, ChaCha20), a […]

Mehr lesen →

📄

security

Wie funktioniert eigentlich ein Open-Source-Projekt – ein Blick in Kubernetes

von Heise Online •

Kubernetes ist eines der größten Open-Source-Projekte, unterstützt von Tausenden Contributors. Wie der Einstieg gelingen kann, beschreibt Mario Fahlandt.

Mehr lesen →

📄

security

CISA Adds One Known Exploited Vulnerability to Catalog

von CISA Current Activity •

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-3502 TrueConf Client Download of Code Without Integrity Check Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited […]

Mehr lesen →