soc

📅 Kalender

< July 2026 >
Mo
Di
Mi
Do
Fr
Sa
So
12
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
soc

CVE-2026-49975: HTTP/2 Bomb Attack Can Knock Web Servers Offline in Seconds

A newly disclosed denial-of-service vulnerability, tracked as CVE-2026-49975, shows how long-known HTTP/2 weaknesses can still be chained into a highly effective modern attack. SecurityWeek reports that researchers at Calif demonstrated an HTTP/2 Bomb exploit capable of knocking major web servers offline within seconds by combining a compression bomb with a Slowloris-style hold that prevents the […]

Mehr lesen →
soc

2026 FIFA World Cup Threat Landscape: The Kickoff for Cybercriminals

2026 FIFA World Cup Threat Landscape: The Kickoff for Cybercriminals The fraud and threat ecosystem targeting the 2026 FIFA World Cup is already live, with thousands of phishing domains, active credential theft campaigns, and nation-state actors in position months before the first match. Starting June 11, the FIFA World Cup 2026 will unite fans, teams, […]

Mehr lesen →
soc

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-28318 SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant […]

Mehr lesen →
soc

CVE-2026-20230: Cisco Unified CM WebDialer SSRF Can Lead to Root-Level Compromise

CVE-2026-20230: Cisco Unified CM WebDialer SSRF Can Lead to Root-Level Compromise Cisco has released fixes for CVE-2026-20230, an unauthenticated remote vulnerability affecting Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (SME). The flaw is an SSRF issue that can be chained into an arbitrary file write on the underlying operating system, […]

Mehr lesen →
soc

Dark Web Profile: Vect Ransomware

Dark Web Profile: Vect Ransomware Most new ransomware operations spend their first months in the shadows, courting affiliates one at a time on closed forums. Vect did the opposite. Within four months of its December 31, 2025 debut on a Russian-language cybercrime forum, the group had published its first 25 victims across five continents, formalized […]

Mehr lesen →
soc

HTTP/2 Bomb: How Default Configurations Open a New DoS Vector

HTTP/2 Bomb: How Default Configurations Open a New DoS Vector A newly disclosed Denial-of-Service (DoS) technique dubbed HTTP/2 Bomb can crash or stall servers that run default HTTP/2 configurations across several widely deployed stacks. The technique chains two behaviors that are individually familiar to defenders: header-related amplification and Slowloris-style connection holding. Combined, they can exhaust […]

Mehr lesen →
soc

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-45247 Mirasvit Full Page Cache Warmer Deserialization of Untrusted Data Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing […]

Mehr lesen →
soc

CVE-2025-48595: June 2026 Android Security Update Fixes Framework Zero-Day

CVE-2025-48595: June 2026 Android Security Update Fixes Framework Zero-Day Google’s June 2026 Android Security Bulletin includes a fix for an Android Framework elevation of privilege zero-day tracked as CVE-2025-48595. Google noted the issue “may be under limited, targeted exploitation,” which raises the priority for teams managing Android fleets. The bulletin ships two patch levels, 2026-06-01 […]

Mehr lesen →
soc

Top 10 Cyber Threat Actors Targeting Brazil

Top 10 Cyber Threat Actors Targeting Brazil Brazil enters the second half of 2026 as Latin America’s undisputed top cybercrime target. With a general election approaching in October 2026 and a booming digital economy built on platforms like Pix, the country is increasingly vulnerable. Understanding who is behind these attacks is not a passive exercise. […]

Mehr lesen →
soc

Top 10 Dark Web Search Engines

Top 10 Dark Web Search Engines This guide compares the top Dark Web search engines active in 2026 for safer, privacy-focused research and secure access to hidden services. The Dark Web search engines that security researchers and threat intelligence teams rely on most include: Ahmia, Torch, Haystak, DuckDuckGo, OnionLand, Deep Search, VormWeb, Tor66, and Excavator.The […]

Mehr lesen →