25 years after Shaolin Soccer came out, spinoff Kung Fu Soccer is confirmed to be getting a theatrical release in North America.
CVE-2026-45659 erlaubt einem angemeldeten Nutzer mit einfachem Benutzerkonto die Remotecodeausführung auf SharePoint-Servern. Microsoft bewertet den Deserialisierungsfehler mit CVSS 8.8 und hat Updates für drei Versionen bereitgestellt. Der Eintrag fehlte zunächst im Sammelpaket des Mai-Patchday und wurde am 26.05.2026 nachgereicht.
SharePoint access often means access to the keys of the kingdom, something attackers and defenders understand all too well.
Over 1,300 Microsoft SharePoint servers exposed online remain unpatched against a spoofing vulnerability that was exploited as a zero-day and is still being abused in ongoing attacks. […]
Microsoft presst im April 2026 ganze 165 neue CVEs in seinen Patchday. Acht davon sind kritisch. Angreifer nutzen eine SharePoint-Sicherheitslücke bereits aus, ein Defender-Fehler gilt als öffentlich bekannt. Zählt man Chromium und weiteren Fremdcode hinzu, sind es 247 Einträge.
Notification This report is provided „as is“ for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse any commercial product or service referenced in this bulletin or otherwise. This document is marked TLP:CLEAR–Recipients may share this information […]
Parasitic SharePoint Exploits We are seeing attacks against SharePoint itself and attempts to exploit backdoors left behind by attackers. https://isc.sans.edu/diary/Parasitic%20Sharepoint%20Exploits/32148 Cisco ISE Vulnerability Exploited A recently patched vulnerability in Cisco ISE is now being exploited. The Zero Day Initiative has released a blog detailing the exploit chain to obtain code execution as an unauthenticated user. […]
SharePoint Servers Exploited via 0-day CVE-2025-53770 Late last week, CodeWhite found a new remote code execution exploit against SharePoint. This vulnerability is now actively exploited. https://isc.sans.edu/diary/Critical+Sharepoint+0Day+Vulnerablity+Exploited+CVE202553770+ToolShell/32122/ Veeam Voicemail Phishing Attackers appear to impersonate VEEAM in recent voicemail-themed phishing attempts. https://isc.sans.edu/diary/Veeam%20Phishing%20via%20Wav%20File/32120 Passkey Phishing Attack A currently active phishing attack takes advantage of the ability to use […]