security

security

TeamPCP Supply Chain Campaign: Update 006 – CERT-EU Confirms European Commission Cloud Breach, Sportradar Details Emerge, and Mandiant Quantifies Campaign at 1,000+ SaaS Environments, (Fri, Apr 3rd)

von SANSISC • 03.04.2026

This is the sixth update to the TeamPCP supply chain campaign threat intelligence report,&#x26;#xc2;&#x26;#xa0;“When the Security Scanner Became the Weapon“&#x26;#xc2;&#x26;#xa0;(v3.0, March 25, 2026).&#x26;#xc2;&#x26;#xa0;Update 005&#x26;#xc2;&#x26;#xa0;covered developments through April 1, including the first confirmed victim disclosure (Mercor AI), Wiz&#x26;#39;s post-compromise cloud enumeration findings, DPRK attribution of the axios compromise, and LiteLLM&#x26;#39;s release resumption after Mandiant&#x26;#39;s forensic audit. […]

Mehr lesen →

security

Claude Source Code Leak Highlights Big Supply Chain Missteps

von Darkreading • 03.04.2026

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.

Mehr lesen →

security

Chainguard Unveils Factory 2.0 to Automate Hardening the Software Supply Chain

von Darkreading • 03.04.2026

The rebuilt Chainguard platform adds deeper security designed to continuously reconcile open source artifacts across containers, libraries, agent skills, and GitHub Actions.

Mehr lesen →

security

CrowdStrike Next-Gen SIEM Can Now Ingest Microsoft Defender Telemetry

von Darkreading • 03.04.2026

Once CrowdStrike’s nemesis, Microsoft is now a collaborator. A shared interest in Formula 1 helped thaw the years-long fierce rivalry.

Mehr lesen →

soc

Progress ShareFile Flaws CVE-2026-2699 & CVE-2026-2701 RCE

von SOCRadar • 03.04.2026

Progress ShareFile Flaws CVE-2026-2699 & CVE-2026-2701 RCE A newly disclosed Progress ShareFile pre-auth RCE chain is drawing attention after researchers showed how CVE-2026-2699 and CVE-2026-2701 can be combined to compromise exposed Storage Zones Controller 5.x servers. The issue affects customer-managed ShareFile deployments that rely on the older 5.x branch, not every ShareFile environment. watchTowr publicly […]

Mehr lesen →

security

Geopolitische Risiken und der Druck auf Backup-Strategien

von Security Insider • 03.04.2026

Die jüngsten Eskalationen im Nahen Osten und der anhaltende Konflikt zwischen Russland und der Ukraine haben eines deutlich gemacht: Globale digitale Infrastrukturen sind verwundbar. Rechenzentren stehen heute vor einer breiteren Risikolage als noch vor wenigen Jahren.

Mehr lesen →

security

Tree Calculus

von Hackernews • 03.04.2026

Comments

Mehr lesen →

soc

CVE-2026-20093: Critical Cisco IMC Flaw Allows Unauthenticated Admin Access to UCS Servers

von SOCRadar • 03.04.2026

CVE-2026-20093: Critical Cisco IMC Flaw Allows Unauthenticated Admin Access to UCS Servers CVE-2026-20093, is an authentication bypass flaw found in the change password functionality of Cisco Integrated Management Controller (IMC). It could allow an unauthenticated, remote attacker to bypass authentication mechanisms and gain unauthorized access to the system with Administrator privileges. What Is CVE-2026-20093? CVE-2026-20093 […]

Mehr lesen →

security

Hacker knacken Mailfach des FBI-Chefs Patel

von Security Insider • 03.04.2026

FBI Direktor Kash Patel ist laut Medienberichten Opfer eines Hackerangriffs geworden. Private E Mails und Fotos sollen auf der Webseite Handala veröffentlicht worden sein. Medien berichten dass die Seite von einem russischen Server betrieben wurde.

Mehr lesen →

security

CERT-EU: European Commission hack exposes data of 30 EU entities

von BleepingComputer • 03.04.2026

The European Union’s Cybersecurity Service (CERT-EU) has attributed the European Commission cloud hack to the TeamPCP threat group, saying the resulting breach exposed the data of at least 29 other Union entities. […]

Mehr lesen →

📅 Kalender