security

security

Google now offers up to $1.5 million for some Android exploits

von BleepingComputer • 05.05.2026

Google overhauls its Android and Chrome vulnerability rewards programs, offering bounties of up to $1.5 million for the most difficult exploits while scaling back payouts for flaws that artificial intelligence (AI) has made easier to find. […]

Mehr lesen →

soc

Critical, High-Severity Vulnerabilities Patched in Apache MINA, HTTP Server

von SecurityWeek • 05.05.2026

The most severe of these security defects could allow remote attackers to execute arbitrary code. The post Critical, High-Severity Vulnerabilities Patched in Apache MINA, HTTP Server appeared first on SecurityWeek.

Mehr lesen →

soc

Karakurt Ransomware Negotiator Sentenced to Prison

von SecurityWeek • 05.05.2026

Deniss Zolotarjovs was directly involved in extortion strategies and in negotiations with victim companies. The post Karakurt Ransomware Negotiator Sentenced to Prison appeared first on SecurityWeek.

Mehr lesen →

security

Karakurt extortion gang ‘cold case’ negotiator gets 8.5 years in prison

von BleepingComputer • 05.05.2026

A Latvian national extradited to the United States was sentenced to 8.5 years in prison for his „cold case“ negotiator role in the Russian Karakurt ransomware group. […]

Mehr lesen →

security

CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs

von BleepingComputer • 05.05.2026

A new version of the CloudZ remote access tool (RAT) is deploying a previously unseen malicious plugin called Pheno that hijacks the Microsoft Phone Link connection to steal sensitive codes from mobile devices. […]

Mehr lesen →

security

Ab Juni laufen Secure-Boot-Zertifikate im ab – was Sie jetzt wissen müssen!

von Security Insider • 05.05.2026

Ab Juni 2026 laufen zentrale Secure-Boot-Zertifikate aus. Unternehmen müssen deshalb jetzt prüfen, ob neue Zertifikate nicht nur importiert, sondern auf Clients und Servern auch wirklich vollständig aktiviert wurden.

Mehr lesen →

soc

CVE-2026-4670 & CVE-2026-5174: MOVEit Automation Flaws Enable Auth Bypass and Privilege Escalation

von SOCRadar • 05.05.2026

CVE-2026-4670 & CVE-2026-5174: MOVEit Automation Flaws Enable Auth Bypass and Privilege Escalation Progress Software has disclosed and patched two vulnerabilities in MOVEit Automation, its managed file transfer automation and workflow engine. CVE-2026-4670 is an authentication bypass, and CVE-2026-5174 is a privilege escalation issue tied to improper input validation. The issues relate to MOVEit Automation’s service […]

Mehr lesen →

security

When everyone has AI and the company still learns nothing

von Hackernews • 05.05.2026

Comments

Mehr lesen →

security

Microsoft Edge: Passwörter landen als Klartext im SpeicherAlert3heise Security

von Heise Security Ticker • 05.05.2026

Microsoft Edge: Passwörter landen als Klartext im SpeicherAlert3heise Security Quelle: Heise Security Ticker

Mehr lesen →

security

Vimeo-Datenleck: 119.000 E-Mail-Adressen betroffenheise Security

von Heise Security Ticker • 05.05.2026

Vimeo-Datenleck: 119.000 E-Mail-Adressen betroffenheise Security Quelle: Heise Security Ticker

Mehr lesen →

📅 Kalender