Hackers exploiting Acrobat Reader zero-day flaw since December
Attackers have been exploiting a zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December. […]
Attackers have been exploiting a zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at least December. […]
Attackers compromised Internet-facing OT devices and caused file and display manipulation, operational disruption, and financial losses across sectors.
External Attack Surface Management ist ein Cybersicherheitsansatz, der die von außen zugänglichen digitalen Assets identifiziert, verwaltet, überwacht und absichert. Die lückenlose Transparenz der externen Angriffsfläche und deren kontinuierliche Überwachung auf Schwachstellen, Fehlkonfigurationen oder Schatten-IT tragen zur Reduzierung der Cyberrisiken eines Unternehmens bei.
Mehr gestapelte DRAM-Dies, höhere Bandbreite: CXMT will bei HBM schnell zur Konkurrenz aufholen. Ein großer Teil der Produktion soll zu HBM werden. (3D-Speicher, Halbleiterfertigung)
A new attack, dubbed GPUBreach, can induce Rowhammer bit-flips on GPU GDDR6 memories to escalate privileges and lead to a full system compromise. […]
The attack on the popular NPM package Axios is just one of many targeting maintainers and has shone a light on how threat actors can scale sophisticated social engineering campaigns.
Pro-Iran Cyberattacks on Financial Services: 144 Incidents Financial services is the #2 most targeted sector in the entire campaign, and for reasons that are deliberate, documented, and rooted in more than a decade of Iranian cyber doctrine. Between February 28 and April 6, 2026, SOCRadar tracked 1,583 verified incidents across Operation Epic Fury. Of those, […]
Attackers can exploit the bugs through prompt injection, chaining them together to escape the sandbox and execute arbitrary code. The post CrewAI Vulnerabilities Expose Devices to Hacking appeared first on SecurityWeek.
Since January 2026, CERT-UA has been tracking a series of intrusions attributed to UAC-0252 and built around SHADOWSNIFF and SALATSTEALER infostealers. The campaigns rely on well-crafted phishing lures, payload staging on legitimate infrastructure, and user-driven execution of disguised EXE files. Detect UAC-0252 Attacks Covered in CERT-UA#Adresse geschuetztPhishing Trends Q2 2025 research by […] The post […]
Device code phishing attacks that abuse the OAuth 2.0 Device Authorization Grant flow to hijack accounts have surged more than 37 times this year. […]