security

soc

CVE-2025-32975: Quest KACE SMA SSO Authentication Bypass Enables Admin Takeover

23.03.2026

CVE-2025-32975: Quest KACE SMA SSO Authentication Bypass Enables Admin Takeover Quest KACE Systems Management Appliance (SMA) has a maximum-severity vulnerability, CVE-2025-32975, that allows an attacker to bypass authentication in the product’s SSO authentication handling. An unauthenticated attacker can potentially impersonate legitimate users and work toward full administrative takeover. Reporting in March 2026 tied suspicious, real-world […]

Mehr lesen →

soc

Crunchyroll Alleged Data Breach: What Do Users Need to Know?

23.03.2026

Crunchyroll Alleged Data Breach: What Do Users Need to Know? Reports of a possible Crunchyroll (A popular anime streaming platform) data breach have drawn attention after claims surfaced that a threat actor may have accessed user-related data and internal support information. Crunchyroll has not publicly confirmed the full scope of those claims, so the story […]

Mehr lesen →

security

Box of Secrets: Discreetly modding an apartment intercom to work with Apple Home

23.03.2026

Comments

Mehr lesen →

security

Microsoft Exchange Online service change causes email access issues

23.03.2026

Microsoft is working to address an ongoing service issue that has intermittently prevented some users from accessing their cloud-based Exchange Online mailboxes via Outlook mobile and Mac desktop clients since Thursday. […]

Mehr lesen →

security

Cloud-Schutz mit statischen Rate-Limits stößt an Grenzen

23.03.2026

Der IT-Service-Provider Quipu setzte gegen DDoS-Angriffe zunächst auf Cloud-Standardmechanismen mit statischen Rate-Limits. Das Problem: Legitime Nutzer wurden ausgesperrt, während Angreifer die Services des Unternehmens mit Tausenden Bots beeinträchtigten. Die Lösung: eine integrierte WAAP-Plattform mit WAF, API-Schutz, Bot-Management und Layer-7-DDoS.

Mehr lesen →

soc

QNAP Patches Four Vulnerabilities Exploited at Pwn2Own

23.03.2026

The flaws could allow attackers to access sensitive information, execute code, or cause unexpected behavior.

The post QNAP Patches Four Vulnerabilities Exploited at Pwn2Own appeared first on SecurityWeek.

Mehr lesen →

security

I built an AI receptionist for a mechanic shop

23.03.2026

Comments

Mehr lesen →

soc

Tycoon 2FA Fully Operational Despite Law Enforcement Takedown

23.03.2026

Attack volumes are back to pre-disruption levels, and the adversary tactics have remained unchanged.

The post Tycoon 2FA Fully Operational Despite Law Enforcement Takedown appeared first on SecurityWeek.

Mehr lesen →

security

Sicherheitspatches: Schadcode-Attacken auf Atlassian Bamboo möglich

23.03.2026

Angreifer können Anwendungen von Atlassian attackieren. Im schlimmsten Fall kann Schadcode Systeme kompromittieren.

Mehr lesen →

security

NIST-Standards ebnen Weg zu quantensicheren Enklaven

23.03.2026

Während Hardware-Hersteller ihre Trusted Execution Environments für Post-Quantum-Kryptografie vorbereiten, fehlt es an praxisreifen Software-Lösungen. Souveräne Schlüsselverwaltung statt Hyperscaler-Lock-in und die Integration der NIST-Standards FIPS 206 und FIPS 207 sind der Schlüssel zu produktiven, quantensicheren Confidential-Computing-Umgebungen.

Mehr lesen →

📅 Kalender