soc

📅 Kalender

< July 2026 >
Mo
Di
Mi
Do
Fr
Sa
So
12
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
soc

CVE-2026-35273 in Oracle PeopleSoft PeopleTools EMHub Under Active Exploitation

CVE-2026-35273 in Oracle PeopleSoft PeopleTools EMHub Under Active Exploitation Oracle has disclosed CVE-2026-35273, a critical Remote Code Execution (RCE) zero-day vulnerability in Oracle PeopleSoft Enterprise PeopleTools, affecting the Updates Environment Management component (often referenced as Environment Management / EMHub). Multiple reports cite active exploitation in the wild, with activity attributed to ShinyHunters. This post covers […]

Mehr lesen →
soc

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-35273 Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) […]

Mehr lesen →
soc

Electronic Warfare, Drones, and Cyber: Inside Modern Hybrid Warfare

Electronic Warfare, Drones, and Cyber: Inside Modern Hybrid Warfare Electronic warfare, drone warfare, and cyber operations all depend on the same foundation, the electromagnetic spectrum and the digital networks built on top of it. Anyone who can contest that foundation can blind sensors, hijack platforms, and corrupt the data that physical systems rely on to […]

Mehr lesen →
soc

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-10520 Ivanti Sentry OS Command Injection Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 26-04: Prioritizing Security Updates […]

Mehr lesen →
soc

Dark Web Profile: Tengu Ransomware (Shisa)

Dark Web Profile: Tengu Ransomware (Shisa) Despite a measured public persona, Tengu Ransomware operates as a financially motivated, well-organized threat. First observed in late 2025, the group emerged as a Ransomware-as-a-Service (RaaS) operation combining a double-extortion model, a lean custom toolset, and disciplined affiliate management. In fewer than six months of activity, it claimed approximately […]

Mehr lesen →
soc

ServiceNow Breach: Customer Data Exposed Through Unauthenticated API Access

ServiceNow Breach: Customer Data Exposed Through Unauthenticated API Access In early June 2026, ServiceNow notified impacted customers about malicious activity involving unauthorized access to customer instance data, now documented under KB3067321. In this blog post, we will outline what is known about the ServiceNow breach, affected instances, reported API exposure, and recommended response steps. What […]

Mehr lesen →
soc

Ivanti Sentry’s CVE-2026-10520 Enables Root RCE

Ivanti Sentry’s CVE-2026-Adresse geschuetztRoot RCE CVE-2026-10520 is a critical OS command injection vulnerability in Ivanti Sentry that can allow a remote, unauthenticated attacker to execute commands as root on vulnerable appliances. The issue is reachable over the network with no credentials or user interaction, and it carries a critical severity score. Ivanti has released […]

Mehr lesen →
soc

June 2026 Patch Tuesday: 206 Vulnerabilities, Three Zero-Days Including HTTP/2 Bomb Flaw (CVE-2026-49160)

June 2026 Patch Tuesday: 206 Vulnerabilities, Three Zero-Days Including HTTP/2 Bomb Flaw (CVE-2026-49160) Microsoft released its June 2026 Patch Tuesday security updates, resolving a total of 206 vulnerabilities across Windows and a wide range of Microsoft products and components. This month’s release includes three publicly disclosed zero-day vulnerabilities, one of which is linked to the […]

Mehr lesen →
soc

SAP Security Patch Day June 2026: Critical CVE-2026-44748 SAML Flaw Could Allow Full Authentication Bypass

SAP Security Patch Day June 2026: Critical CVE-2026-44748 SAML Flaw Could Allow Full Authentication Bypass On June 9, 2026, SAP released its monthly security updates, which included 15 new Security Notes addressing vulnerabilities across several SAP products. SAP Security Patch Day June 2026 updates cover a broad range of vulnerability types that could put SAP […]

Mehr lesen →