soc

📅 Kalender

< July 2026 >
Mo
Di
Mi
Do
Fr
Sa
So
12
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
security

TeamPCP’s Checkmarx GitHub Actions Attack: What You Need to Know

TeamPCP’s Checkmarx GitHub Actions Attack: What You Need to Know A supply chain incident becomes far more dangerous when it stops looking like a single breach and starts behaving like a multiplier. That is what made the TeamPCP campaign stand out in March 2026. The compromise of Checkmarx GitHub Actions and developer tooling became one […]

Mehr lesen →
security

CVE-2026-3055: NetScaler Memory Disclosure Puts SAML-Enabled Edge Devices at Risk

CVE-2026-3055: NetScaler Memory Disclosure Puts SAML-Enabled Edge Devices at Risk Citrix has released fixes for two NetScaler vulnerabilities that security teams should review right away: CVE-2026-3055 and CVE-2026-4368. The first is a critical memory overread issue while the second is a race condition that can cause user session mix-ups. Both matter because NetScaler ADC and […]

Mehr lesen →
security

U.S. State and Local Government Under Ransomware: 2025–2026 Trend Analysis

U.S. State and Local Government Under Ransomware: 2025–2026 Trend Analysis U.S. state and local government organizations remain under growing pressure from ransomware, making the issue a major cybersecurity and public service concern in 2025 and 2026. From city administrations and county offices to school districts, courts, and public safety agencies, these institutions rely on connected […]

Mehr lesen →
security

U.S. Institutions and the Dark Web: What’s Being Sold and Who’s Buying?

U.S. Institutions and the Dark Web: What’s Being Sold and Who’s Buying? The modern Dark Web has evolved from a fragmented collection of independent hackers into a highly sophisticated, industrialized economy. The Dark Web market features established business practices, including specialized labor (such as Initial Access Brokers or malware developers), escrow systems, vendor reputation scores, […]

Mehr lesen →
security

AstraZeneca Data Breach: What You Need to Know

AstraZeneca Data Breach: What You Need to Know A newly surfaced Dark Web post is drawing attention to an alleged AstraZeneca data breach linked to the LAPSUS$ threat group. Based on the materials reviewed, the claim goes beyond a routine leak post and suggests possible exposure of internal code repositories, access-related data, cloud and infrastructure […]

Mehr lesen →
security

CVE-2025-32975: Quest KACE SMA SSO Authentication Bypass Enables Admin Takeover

CVE-2025-32975: Quest KACE SMA SSO Authentication Bypass Enables Admin Takeover Quest KACE Systems Management Appliance (SMA) has a maximum-severity vulnerability, CVE-2025-32975, that allows an attacker to bypass authentication in the product’s SSO authentication handling. An unauthenticated attacker can potentially impersonate legitimate users and work toward full administrative takeover. Reporting in March 2026 tied suspicious, real-world […]

Mehr lesen →