abyss – Seite 2 – Wolfinisoftware.de

soc

CVE-2026-4670 & CVE-2026-5174: MOVEit Automation Flaws Enable Auth Bypass and Privilege Escalation

05.05.2026

CVE-2026-4670 & CVE-2026-5174: MOVEit Automation Flaws Enable Auth Bypass and Privilege Escalation Progress Software has disclosed and patched two vulnerabilities in MOVEit Automation, its managed file transfer automation and workflow engine. CVE-2026-4670 is an authentication bypass, and CVE-2026-5174 is a privilege escalation issue tied to improper input validation. The issues relate to MOVEit Automation’s service […]

Mehr lesen →

soc

CVE-2026-41940: Critical cPanel & WHM Authentication Bypass Exposes Hosting Servers to Admin Takeover

30.04.2026

A newly disclosed CVE-2026-Adresse geschuetzt& WHM has put internet-facing hosting infrastructure under urgent scrutiny. The flaw carries a CVSS score of 9.8 and can let an unauthenticated remote attacker bypass authentication and gain administrative access, while cPanel’s advisory says the issue affects cPanel software, including DNSOnly, across all versions after 11.40. For […] The post […]

Mehr lesen →

security

Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months

30.04.2026

The authentication bypass flaw allows attackers to gain administrative access to vulnerable servers. The post Critical cPanel & WHM Vulnerability Exploited as Zero-Day for Months appeared first on SecurityWeek.

Mehr lesen →

security

China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks

25.04.2026

Dubbed GopherWhisper, the group relies on multiple Go-based backdoors alongside custom loaders and injectors. The post China-Linked APT GopherWhisper Abuses Legitimate Services in Government Attacks appeared first on SecurityWeek.

Mehr lesen →

security

Chinese APT Abuses Multiple Cloud Tools to Spy on Mongolia

24.04.2026

The threat actor gave itself plenty of options to support command and control, tapping Microsoft Outlook, Slack, Discord, and file.io for online espionage.

Mehr lesen →

security

New GopherWhisper APT group abuses Outlook, Slack, Discord for comms

23.04.2026

A previously undocumented state-backed threat actor named GopherWhisper is using a Go-based custom toolkit and legitimate services like Microsoft 365 Outlook, Slack, and Discord in attacks against government entities. […]

Mehr lesen →

gaming

News: James Cameron – Nach 34 Jahren kehrte ein fast vergessener Sci-Fi-Klassiker in 4K zurück, doch warum hat das so lange gedauert?

12.04.2026

An The Abyss von James Cameron heranzukommen, ist kein leichtes Unterfangen. Jetzt steht aber endlich ein Re-Release auf Blu-ray in 4K an!

Mehr lesen →

gaming

News: Crimson Desert – Was die Entwickler noch an Updates in Reserve haben, dürfte selbst bei den größten Fans für Staunen sorgen

10.04.2026

Pearl Abyss hat die Roadmap bis Juni 2026 für Crimson Desert veröffentlicht und die sind ziemlich ambitioniert.

Mehr lesen →

security

Fortinet Issues Emergency Patch for FortiClient Zero-Day

06.04.2026

The authentication bypass flaw, tracked as CVE-2026-35616, is the latest in a series of Fortinet vulnerabilities that have been exploited in the wild.

Mehr lesen →

security

Application Control Bypass for Data Exfiltration, (Tue, Mar 31st)

31.03.2026

In case of a cyber incident, most organizations fear more of data loss (via exfiltration) than regular data encryption because they have a good backup policy in place. If exfiltration happened, it means a total loss of control of the stolen data with all the consequences (PII, CC numbers, â€¦).

Mehr lesen →

Tag: abyss