security

📅 Kalender

< February 2026 >
Mo
Di
Mi
Do
Fr
Sa
So
1
2345
6
7
8
9
10111213
14
15
16
1718
19
20
21
22
23
2425
26
27
28
security

MAR-10478915-1.v1 Citrix Bleed

06.04.2026

   Notification This report is provided „as is“ for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse any commercial product or service referenced in this bulletin or otherwise. This document is marked TLP:CLEAR–Recipients may share this […]

Mehr lesen →
soc

CVE-2026-3910: Chrome V8 Zero-Day Used for In-the-Wild Attacks

06.04.2026

Chrome zero-days continue to pose a major risk for cyber defenders. Earlier this year, Google patched CVE-2026-2441, the first actively exploited Chrome zero-day of 2026. Now, another emergency update has been released, fixing two more flaws already exploited in the wild, CVE-2026-3910 in Chrome’s V8 JavaScript and WebAssembly engine and CVE-2026-3909, an out-of-bounds write bug […]

Mehr lesen →
security

MAR-10454006.r5.v1 SUBMARINE, SKIPJACK, SEASPRAY, WHIRLPOOL, and SALTWATER Backdoors

06.04.2026

   Notification This report is provided „as is“ for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse any commercial product or service referenced in this bulletin or otherwise. This document is marked TLP:CLEAR–Recipients may share this […]

Mehr lesen →
soc

CVE-2026-21262: SQL Server Zero-Day Fixed in Microsoft’s March Patch Tuesday Release

06.04.2026

The beginning of 2026 has brought a wave of zero-day vulnerabilities affecting Microsoft products, including the actively exploited Windows Desktop Window Manager flaw (CVE-2026-20805), the Microsoft Office zero-day (CVE-2026-21509) that prompted an out-of-band fix, and the Windows Notepad RCE bug (CVE-2026-20841). Microsoft’s March Patch Tuesday release keeps defenders busy again, this time shifting attention to […]

Mehr lesen →
security

MAR-10430311-1.v1 Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475

06.04.2026

   Notification This report is provided „as is“ for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse any commercial product or service referenced in this bulletin or otherwise. This document is marked TLP:CLEAR–Recipients may share this […]

Mehr lesen →
soc

SOC Prime Launches DetectFlow Enterprise To Enhance Security Data Pipelines with Agentic AI

06.04.2026

BOSTON, MA — March 12, 2026 — SOC Prime today announced the release of DetectFlow Enterprise, a solution that brings real-time threat detection to the ingestion layer, turning data pipelines into detection pipelines. Running tens of thousands of Sigma detections on live Kafka streams with millisecond MTTD using Apache Flink, DetectFlow Enterprise enables security teams […]

Mehr lesen →
security

Infamous Chisel Malware Analysis Report

06.04.2026

Infamous Chisel–A collection of components associated with Sandworm designed to enable remote access and exfiltrate information from Android phones. Executive Summary Infamous Chisel is a collection of components targeting Android devices. This malware is associated with Sandworm activity. It performs periodic scanning of files and network information for exfiltration. System and application configuration files are […]

Mehr lesen →
soc

SIEM vs Log Management: Observability, Telemetry, and Detection

06.04.2026

Security teams are no longer short on data. They are drowning in it. Cloud control plane logs, endpoint telemetry, identity events, SaaS audit trails, application logs, and network signals keep expanding, while the SOC is still expected to deliver faster detection and cleaner investigations. That is why SIEM vs log management is not just a […]

Mehr lesen →
security

MAR-10459736.r1.v1 WHIRLPOOL Backdoor

06.04.2026

   Notification This report is provided „as is“ for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse any commercial product or service referenced in this bulletin or otherwise. This document is marked TLP:CLEAR–Recipients may share this […]

Mehr lesen →
soc

CVE-2026-21385: Google Patches Qualcomm Zero-Day Exploited in Targeted Android Attacks

06.04.2026

Steady cadence of Android zero-days marked as exploited in the wild makes its path to 2026. Following CVE-2025-Adresse geschuetzt-2025-48572, two Android Framework bugs Google flagged for active exploitation, defenders keep seeing the same familiar pattern. Mobile-chain vulnerabilities can move fast from limited attacks to real enterprise risk when patching lags.  In March 2026, that […] […]

Mehr lesen →