security

Die Hackergruppe „CyberAv3ngers“ bedroht kritische Infrastrukturen. Seit 2020 führt sie gezielte Cyberangriffe durch, vor allem gegen industrielle Steu­erungssysteme der USA und Israel. Das US-Außenministerium bietet bis zu zehn Millionen Dollar für Hinweise auf ihre Mitglieder.

Phishing remains one of the most effective tools in the cybercriminal arsenal, especially when threat actors abuse the credibility of trusted institutions and familiar digital services to increase victim interaction. In late March 2026, CERT-UA revealed a phishing campaign tracked as UAC-0255 in which attackers impersonated the agency and attempted to infect organizations across Ukraine’s […]

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-5281 Google Dawn Use-After-Free Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of […]

Ein mutmaßlicher Cyberangriff setzt den milliardenschweren Pharma­kon­zern AstraZeneca unter Druck. Hacker der Gruppe Lapsus$ bieten Daten zum Verkauf an. Diese stammen wohl zwar aus dem Jahr 2024, scheinen jedoch echt zu sein.

The U.S. Federal Bureau of Investigation (FBI) warned Americans against using foreign-developed mobile applications, particularly those created by Chinese developers. […]

Ein KI-Pentesting-Tool hat in Standardkonfigurationen von ImageMagick kritische Sicherheitslücken aufgespürt. Workarounds schützen.

Today, most malware are called “fileless” because they try to reduce their footprint on the infected computer filesystem to the bare minimum. But they need to write s

Ask the Expert: Cybersecurity teams need to expand their field of view to include new, unique threat sources, rather than relying on past, proven threat actors.