2026 – Seite 447 – Wolfinisoftware.de

📄

security

DarkSword: iPhone Exploit Kit Serves Spies & Thieves Alike

18. März 2026

A sophisticated iOS exploit chain leverages multiple zero-day vulnerabilities and is targeting users in Saudi Arabia, Turkey, Malaysia, and Ukraine.

Mehr lesen →

📄

security

‚Claudy Day’ Trio of Flaws Exposes Claude Users to Data Theft

A prompt injection vulnerability paired with other flaws can turn a Google search into a full attack chain that could threaten enterprise networks.

Mehr lesen →

📄

soc

CVE-2026-20643: Vulnerability in WebKit Navigation API May Bypass Same Origin Policy

Just a little over a month after fixing the actively exploited CVE-2026-Adresse geschuetzt, Apple has now issued its first Background Security Improvements release to address CVE-2026-20643, a WebKit vulnerability that could allow maliciously crafted web content to bypass the Same Origin Policy, one of the browser’s core security boundaries. The issue in the limelight adds […]

Mehr lesen →

📄

security

SideWinder Espionage Campaign Expands Across Southeast Asia

The suspected India-linked threat group targets governments, telecom, and critical infrastructure using spear-phishing, old vulnerabilities, and rapidly rotating infrastructure to maintain persistent access.

Mehr lesen →

📄

security

Researchers: Meta, TikTok Steal Personal & Financial Info When Users Click Ads

Tracking pixels let social media companies spy on their users even after they click over to advertiser sites, gleaning credit card info, geolocations, and more, according to an analysis.

Mehr lesen →

📄

security

CISA Urges Endpoint Management System Hardening After Cyberattack Against US Organization

CISA is aware of malicious cyber activity targeting endpoint management systems of U.S. organizations based on the March 11, 2026 cyberattack against U.S.-based medical technology firm Stryker Corporation, which affected their Microsoft environment.1 To defend against similar malicious cyber activity, CISA urges organizations to harden endpoint management system configurations using the recommendations and resources provided […]

Mehr lesen →

📄

soc

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2025-Adresse geschuetzt(ZCS) Cross-Site Scripting Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of […]

Mehr lesen →

📄

soc

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-Adresse geschuetzt This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities […]

Mehr lesen →

📄

soc

Observability Pipeline: Managing Telemetry at Scale

Observability began as a visibility problem. Yet, today it is framed just as much as a control challenge because teams have to manage the floods of telemetry moving daily through the business environment. Most organizations already collect large volumes of logs, metrics, events, and traces. The issue now lies in managing tons of that data […]

Mehr lesen →

📄

security

Kooperation mit Ländern und Kommunen: BSI weitet Sensorik in der Cybersicherheit aus

von BSI Presse-Meldungen •

Angesichts der angespannten Cybersicherheitslage baut das BSI die Reaktionsfähigkeit und damit auch die Resilienz Deutschlands gegen IT-Sicherheitsvorfälle weiter aus. Mit öffentlichen IT-Dienstleistern von Ländern und Kommunen wird der Einsatz der Daten-Sensorik erweitert und Echtzeitanalysen ausgebaut.

Mehr lesen →

Archiv für März 2026