Tag: software
-
Check Point erweitert globale Präsenz mit neuem deutschen Point of Presence für <>
Check Point Software Technologies beschleunigt die Expansion seines Web-Application- and API-Protection (WAAP)-Angebots mit der Einführung neuer in wichtigen strategischen Märkten. Das Unternehmen gibt die Aktivierung eines neuen PoP in Deutschland bekannt, wodurch die WAAP-Abdeckung weiter ausgebaut und ein schnellerer, regionsspezifischer Schutz für Cloud-Anwendungen und APIs ermöglicht wird. Diese jüngste […] First seen on netzpalaver.de Jump…
-
Supply Chain Attacks Spotted in GitHub Actions, Gravity Forms, npm
Researchers discovered backdoors, poisoned code, and malicious commits in some of the more popular tool developers, jeopardizing software supply chains. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/supply-chain-attacks-github-actions-gravity-forms-npm
-
Cybersicherheitsausgaben wachsen langsamer
Die Ausgaben steigen weltweit, in Deutschland aber mit leichter Delle. PeopleImages.com Yuri AViele Unternehmen haben bereits realisiert, wie wichtig Investitionen in Cybersicherheit sind und erhöhen dementsprechend ihre Ausgaben soweit es das Budget zulässt.Diese Entwicklung spiegelt sich auch im neuen Forcast von Gartner wider. Wie das Analystenhaus in seinem aktuellen Bericht ‘Forecast: Information Security, Worldwide, 2023-2029,…
-
Ermittler stoppen Erpresser-Software von Blacksuit/Royal
Die Angreifer verschlüsseln Daten nicht nur, sondern stehlen diese vorher.Fast 200 Opfer und ein Millionenschaden: Internationalen Ermittlern ist ein Schlag gegen weltweit agierende cyberkriminelle Erpresser gelungen. Die technische Infrastruktur der Gruppierung Blacksuit/Royal sei identifiziert und beschlagnahmt worden, teilte das Landeskriminalamt (LKA) Niedersachsen mit. Durch das Abschalten der Server wurden demnach die Kommunikation, die Verbreitung der…
-
CISA Adds PaperCut NG/MF CSRF Vulnerability to KEV Catalog Amid Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security vulnerability impacting PaperCutNG/MF print management software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild.The vulnerability, tracked as CVE-2023-2533 (CVSS score: 8.4), is a cross-site request forgery (CSRF) bug that could First seen on thehackernews.com…
-
Windows auf veraltete libcurl-Bibliotheken in Programmen überprüfen
Ich hatte es schon mal im Blog: Microsoft liefert die cURL-Bibliothek häufiger mit veralteten Versionen, die Sicherheitslücken aufweisen, aus. Auch Software-Pakete kommen mit uralten libcurl-Dateien daher. Wie kann ich prüfen, ob da irgendwelche Altlasten auf meinen Systemen schlummern? Was sind … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/07/29/software-und-die-veralteten-libcurl-bibliotheken/
-
Researchers flag flaw in Google’s AI coding assistant that allowed for ‘silent’ code exfiltration
The findings are part of a growing list of instances where “agentic” AI software has taken actions that are more akin to a malicious hacker than a helpful AI assistant. First seen on cyberscoop.com Jump to article: cyberscoop.com/google-gemini-cli-prompt-injection-arbitrary-code-execution/
-
ArmouryLoader Bypasses Security Protections to Inject Malicious Code
ArmouryLoader and other malicious code loaders have become essential tools for introducing Trojan-type payloads into hacked systems in the ever-changing world of cyberattacks. First identified in 2024, ArmouryLoader exploits the ASUS Armoury Crate software by hijacking its export functions, such as freeBuffer in ArmouryA.dll, to initiate multi-stage execution chains. This loader facilitates privilege escalation, persistence,…
-
Chinese Hackers Exploit Software Vulnerabilities to Breach Targeted Systems
Tags: breach, china, cyber, exploit, flaw, hacker, network, regulation, software, technology, vulnerabilityChina’s Cyberspace Administration, Ministry of Public Security, and Ministry of Industry and Information Technology introduced the Regulations on the Management of Network Product Security Vulnerabilities (RMSV) in July 2021, mandating that software vulnerabilities exploitable flaws in code be reported to the MIIT within 48 hours of discovery. This policy prohibits researchers from publishing vulnerability details,…
-
Hackers Breach Toptal GitHub, Publish 10 Malicious npm Packages With 5,000 Downloads
Tags: access, attack, authentication, breach, github, hacker, malicious, software, supply-chain, threatIn what’s the latest instance of a software supply chain attack, unknown threat actors managed to compromise Toptal’s GitHub organization account and leveraged that access to publish 10 malicious packages to the npm registry.The packages contained code to exfiltrate GitHub authentication tokens and destroy victim systems, Socket said in a report published last week. In…
-
CISA flags PaperCut RCE bug as exploited in attacks, patch now
CISA warns that threat actors are exploiting a high-severity vulnerability in PaperCut NG/MF print management software, which can allow them to gain remote code execution in cross-site request forgery (CSRF) attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-flags-papercut-rce-bug-as-exploited-in-attacks-patch-now/
-
Sophisticated Shuyal Stealer Targets 19 Browsers, Demonstrates Advanced Evasion
A new infostealing malware making the rounds can exfiltrate credentials and other system data even from browsing software considered more privacy-focused than mainstream options. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/shuyal-stealer-targets-19-browsers-advanced-evasion
-
âš¡ Weekly Recap, SharePoint Breach, Spyware, IoT Hijacks, DPRK Fraud, Crypto Drains and More
Some risks don’t breach the perimeter”, they arrive through signed software, clean resumes, or sanctioned vendors still hiding in plain sight.This week, the clearest threats weren’t the loudest”, they were the most legitimate-looking. In an environment where identity, trust, and tooling are all interlinked, the strongest attack path is often the one that looks like…
-
Chinese ‘Fire Ant’ spies start to bite unpatched VMware instances
Tunnelling allowed lateral movement: Once inside, Fire Ant bypassed network segmentation by exploiting CVE-2022-1388 in F5 BIG-IP devices. This allowed them to deploy encrypted tunnels such as Neo-reGeorg web shells to reach isolated environments, even leveraging IPv6 to evade IPv4 filters.”The threat actor demonstrated a deep understanding of the target environment’s network architecture and policies,…
-
Wöchentlich 1286 Cyberangriffe auf deutsche Unternehmen im Q2 2025
Im von Check Point Software Technologies verzeichnet Deutschland mit 22 Prozent mehr Attacken den stärksten Zuwachs im DACH-Raum. Damit liegt die Bundesrepublik ein Prozent über dem globalen Durchschnitt. Europa ist derweil die Region mit dem größten Zuwachs an Angriffen mit ebenfalls 22 Prozent. Die wichtigsten Erkenntnisse aus Q2 2025: Deutschland verzeichnet […] First seen on…
-
Chinese ‘Fire Ant’ spies start to bite unpatched VMware instances
Tunnelling allowed lateral movement: Once inside, Fire Ant bypassed network segmentation by exploiting CVE-2022-1388 in F5 BIG-IP devices. This allowed them to deploy encrypted tunnels such as Neo-reGeorg web shells to reach isolated environments, even leveraging IPv6 to evade IPv4 filters.”The threat actor demonstrated a deep understanding of the target environment’s network architecture and policies,…
-
Microsoft’s software licensing playbook is a national security risk
The tech giant’s model is built around anticompetitive practices, the head of the Coalition for Fair Software Licensing argues. First seen on cyberscoop.com Jump to article: cyberscoop.com/microsoft-software-licensing-national-security/
-
Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
Tags: attack, cybercrime, google, group, infrastructure, mandiant, phone, ransomware, software, tactics, vmwareThe notorious cybercrime group known as Scattered Spider is targeting VMware ESXi hypervisors in attacks targeting retail, airline, and transportation sectors in North America.”The group’s core tactics have remained consistent and do not rely on software exploits. Instead, they use a proven playbook centered on phone calls to an IT help desk,” Google’s Mandiant team…
-
How to fight document fraud with the latest tech tools
In this Help Net Security video, Thomas Berndorfer, CEO of Connecting Software, explores cutting-edge technologies designed to detect and prevent document forgery and digital … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/28/detect-prevent-document-forgery-video/
-
Hackers Exploit Official Gaming Mouse Software to Spread Windows-based Xred Malware
Gaming peripheral manufacturer Endgame Gear has disclosed a security incident involving malware-infected software distributed through their official website, affecting users who downloaded the OP1w 4k v2 mouse configuration tool between June 26 and July 9, 2025. The company has issued an urgent security advisory and implemented immediate remediation measures while the investigation into the breach…
-
Microsoft Investigates Leak in Early Warning System Used by Chinese Hackers to Exploit SharePoint Vulnerabilities
Tags: breach, china, cyber, cybersecurity, exploit, flaw, government, hacker, international, law, leak, microsoft, software, vulnerabilityChinese laws requiring vulnerability disclosure to the government create transparency issues and potential conflicts for international cybersecurity efforts. Microsoft is probing whether a leak from its confidential early warning system enabled Chinese state-sponsored hackers to exploit significant flaws in its SharePoint software, leading to breaches at over 400 organizations, including the U.S. agency responsible for…
-
Supply-chain attacks on open source software are getting out of hand
Attacks affected packages, including one with ~2.8 million weekly downloads. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/07/open-source-repositories-are-seeing-a-rash-of-supply-chain-attacks/
-
Kommentar von Shachar Menashe, JFrog – Wie Shadow-ML die Sicherheit der Software gefährdet
First seen on security-insider.de Jump to article: www.security-insider.de/globaler-wettlauf-ki-sicherheitsbedenken-herausforderungen-a-48d92a7346e8ff306ca882a1ee4357a9/
-
New CastleLoader Attack Uses Cloudflare-Themed Clickfix Method to Compromise Windows Systems
A newly identified loader malware dubbed CastleLoader has emerged as a significant threat since early 2025, rapidly evolving into a distribution platform for various information stealers and remote access trojans (RATs). Leveraging sophisticated phishing tactics under T1566 and drive-by compromise methods classified as T1189, attackers masquerade as legitimate software libraries, online meeting platforms like Google…
-
Supply chain attack compromises npm packages to spread backdoor malware
Tags: attack, authentication, backdoor, control, cybercrime, cybersecurity, data, defense, email, linux, macOS, malicious, malware, mfa, phishing, software, supply-chain, threat, tool, update, vulnerability, windowsis npm JavaScript type testing utility with malware that went unnoticed for six hours. The bad news was delivered by maintainer Jordan Harband in a post on Bluesky:”Heads up that v3.3.1 of npmjs.com/is has malware in it, due to another maintainer’s account being hijacked,” he wrote.The infected version was removed by npm admins and v3.3.0…
-
AWS Client VPN for Windows Vulnerability Could Allow Privilege Escalation
Amazon Web Services has disclosed a critical security vulnerability in its Client VPN software for Windows that could allow non-administrative users to escalate their privileges to root-level access during the installation process. The vulnerability, tracked as CVE-2025-8069, affects multiple versions of the AWS Client VPN client and has been addressed in the latest software update.…