Tag: software
-
Lenovo Protection Driver Flaw Enables Privilege Escalation and Code Execution
A critical security vulnerability has been discovered in Lenovo’s protection driver software, affecting millions of users across desktop and laptop systems. The flaw, identified as CVE-2025-4657, allows local attackers with elevated privileges to execute arbitrary code through a buffer overflow exploit, posing significant security risks to enterprise and consumer environments. Vulnerability Details and Impact The…
-
JFrog bringt frischen Wind in Entwickler-Workflows mit neuem KI-Server
JFrog, bekannt für seine Software Supply Chain Plattform und führend im Bereich ‘Liquid Software”, stellt heute den neuen Model Context Protocol (MCP) Server vor. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/jfrog-bringt-frischen-wind-in-entwickler-workflows-mit-neuem-ki-server/a41433/
-
Vodafone-Vertrieb durch Cyberangriff auf Dienstleister beeinträchtigt
Bei Vodafone gibt es Probleme im Vertrieb, weil dort bestimmte Software nicht mehr benutzt werden kann. Ein Cyberangriff auf einen Dienstleister führte dazu, dass der Vodafone-Vertrieb keinen Zugriff mehr auf das zentrale Vertriebstool Vodafone Sales World hat und damit nicht … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/07/18/vodafone-vertrieb-durch-cyberangriff-auf-dienstleister-beeintraechtigt/
-
BIND 9 Vulnerabilities Enable Cache Poisoning and Service Disruption
The Internet Systems Consortium (ISC) has disclosed two critical security vulnerabilities in BIND 9, one of the most widely used DNS software implementations worldwide. Published on July 16, 2025, these vulnerabilities could allow attackers to poison DNS caches and disrupt DNS resolution services, potentially affecting millions of internet users and organizations globally. Critical Security Flaws…
-
Office-Supportende: Makro-Desaster verhindern
Das Support-Ende für Office 2016 und 2019 naht. Wie steht’s um Ihre Makro-Richtlinien?Das bevorstehende Ende des Lebenszyklus von Windows 10 hält die IT-Teams in Unternehmen derzeit auf Trab. Allerdings stehen weitere wichtige End-of-Life-Termine für Microsoft-Produkte an, die IT- und Security-Teams auf dem Zettel haben sollten.Denn im Oktober endet sowohl der Support für Office 2016 und…
-
1Password Adds MCP Server to Trelica Governance Platform
1Password this week announced it has added a Model Context Protocol (MCP) server to the Trelica governance platform for software-as-a-service (SaaS) applications it acquired earlier this year. In addition, the MCP Server for Trelica by 1Password is also being made available on the Amazon Web Services (AWS) Marketplace for artificial intelligence (AI) agents that just..…
-
Researchers warn of cyberattacks targeting key Fortinet software
Experts urged Fortinet customers to immediately apply patches or disable the affected administrative interface. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cyberattacks-fortinet-software/753334/
-
Definition SCA – Was ist eine Software Composition Analysis?
Tags: softwareFirst seen on security-insider.de Jump to article: www.security-insider.de/was-ist-software-composition-analysis-softwareentwicklung-a-38131377e2012eed0abfc2bf98042acf/
-
China-linked hackers target Taiwan chip firms in a coordinated espionage campaign
Tags: access, ai, attack, china, compliance, control, credentials, cyber, cybersecurity, detection, email, espionage, exploit, finance, framework, government, group, hacker, intelligence, international, login, monitoring, network, phishing, software, supply-chain, technology, threat, warfareInvestment banks in the crosshairs: A second group, UNK_DropPitch, targeted the financial ecosystem surrounding Taiwan’s semiconductor industry. This group conducted phishing campaigns against investment banks, focusing on individuals specializing in Taiwanese semiconductor analysis. The phishing emails purported to come from fictitious financial firms seeking collaboration opportunities.The third group, UNK_SparkyCarp, focused on credential harvesting through sophisticated…
-
UK NCSC Announces Software Vulnerability Initiative
Agency to Collaborate with External Experts on Vulnerability Research. The U.K. NCSC will collaborate with industry experts for vulnerability detection and mitigation as part of its latest Vulnerability Research Initiative. The announcement comes on the heels of funding concerns for the U.S. government-based Common Vulnerabilities and Exposures program. First seen on govinfosecurity.com Jump to article:…
-
North Korea Floods npm Registry with Malware
67 Malicious Packages, XORIndex Loader Target JavaScript Code-Sharing Platform. North Korean threat actors escalated their software supply chain attacks by uploading 67 new malicious packages to the npm Registry as part of the ongoing Contagious Interview campaign. The malware targets open-source JavaScript developers with malware loaders. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/north-korea-floods-npm-registry-malware-a-28990
-
Cracked Apps Delivering Infostealers Identified as Leading Attack Vector in June 2025
The AhnLab Security Intelligence Center (ASEC) published a thorough analysis in June 2025 that identified infostealer malware masquerading as keygens and cracked software as a primary attack vector. This malware uses advanced search engine optimization (SEO) poisoning to elevate malicious distribution sites in search results. ASEC’s automated malware collection systems, including crack monitoring, email honeypots,…
-
Nvidia-GPUs anfällig für Rowhammer-Angriffe
Cyberkriminelle könnten über einen Rowhammer-Angriff auf Nvidia-GPUs zugreifen.Nvidia hat kürzlich eine Sicherheitswarnung an Anwendungsentwickler, Computerhersteller und IT-Verantwortliche herausgegeben, dass moderne Speicherchips in Grafikprozessoren potenziell anfällig für sogenannte Rowhammer-Exploits sind. Bereits zuvor hatten kanadische Universitätsforscher nachgewiesen, dass eine Nvidia A6000 GPU mit einem ähnlichen Angriff erfolgreich kompromittiert werden kann.Bei einem Rowhammer-Angriff handelt es sich um eine…
-
Dark Partners Hacker Group Drains Crypto Wallets Using Fake AI Tools and VPN Services
The financially driven organization known as Dark Partners has been planning massive cryptocurrency theft since at least May 2025, using a complex network of more than 250 malicious domains that pose as AI tools, VPN services, cryptocurrency wallets, and well-known software brands. This is part of a rapidly developing cybercrime operation. These fake websites, distributed…
-
Gmail Message Exploit Triggers Code Execution in Claude, Bypassing Protections
A cybersecurity researcher has demonstrated how a carefully crafted Gmail message can trigger code execution through Claude Desktop, Anthropic’s AI assistant application, highlighting a new class of vulnerabilities in AI-powered systems that don’t require traditional software flaws. The exploit leverages the Model Context Protocol (MCP), which allows Claude to interact with various applications and services.…
-
AI Agents Act Like Employees With Root Access”, Here’s How to Regain Control
The AI gold rush is on. But without identity-first security, every deployment becomes an open door. Most organizations secure native AI like a web app, but it behaves more like a junior employee with root access and no manager.From Hype to High StakesGenerative AI has moved beyond the hype cycle. Enterprises are:Deploying LLM copilots to…
-
Oracle Issues Critical Update Fixing 309 Vulnerabilities Across Products
Oracle Corporation released its July 2025 Critical Patch Update, addressing a substantial 309 security vulnerabilities across its extensive product portfolio. This quarterly security release represents one of the most comprehensive patches in recent years, affecting dozens of Oracle’s enterprise software solutions and requiring immediate attention from organizations worldwide. The critical update spans Oracle’s entire technology…
-
Krass: Microsoft lässt die Cloud des US-Verteidigungsministeriums durch chinesische Software-Ingenieure warten
Es ist eine “Bombe”, die ProPublica da gerade gezündet hat. Microsoft setzt Ingenieure in China ein, um die Computersysteme der Cloud des US-Verteidigungsministeriums zu warten. Es erfolgt nur eine minimale Überwachung durch schlecht qualifiziertes amerikanisches Personal. Microsoft hat bisher alle … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/07/16/krass-microsoft-laesst-die-cloud-des-us-verteidigungsministeriums-durch-chinesische-software-ingenieure-warten/
-
Lokale Administratorkonten sind oft übersehene Schwachstellen
Specops Software, ein Unternehmen von Outpost24 und einer der führenden Anbieter für Passwortmanagement und Benutzerauthentifizierung, hat in einer aktuellen Analyse die Passwortsicherheit lokaler Administratorkonten in Unternehmensnetzwerken untersucht. Die Auswertung zeigt: Über 21 % der geprüften Konten verwenden bereits kompromittierte Passwörter. Besonders kritisch sind lokale Administratorzugänge, bei denen häufig identische oder veraltete Passwörter für mehreren Zugänge…
-
North Korean Hackers Exploit 67 Malicious npm Packages to Spread XORIndex Malware
Tags: attack, cyber, exploit, hacker, malicious, malware, north-korea, software, supply-chain, threatThe Socket Threat Research Team has discovered a new software supply chain attack that uses a malware loader called XORIndex that had not been previously reported, marking a major uptick in North Korean cyber operations. This activity builds on the Contagious Interview campaign previously detailed in June 2025, which involved the HexEval Loader. The adversaries,…
-
The SaaS Security Disconnect: Why Most Organizations Are Still Vulnerable
A new report from AppOmni captures a significant misplaced confidence in the security of software-as-a-service applications and escalating risks associated with these cloud services. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/the-saas-security-disconnect-why-most-organizations-are-still-vulnerable/
-
140 Millionen Dollar per Bankraub von zu Hause Warum wir über die falschen Einfallstore sprechen
‘Sie hacken nicht mehr, sie loggen sich ein” ist ein oft zitierter Satz zu zeitgenössischen Infiltrationsmethoden von Hackern und das mit Recht: Im Juni verkaufte ein Mitarbeiter eines Software-Dienstleisters für Banken seine Logindaten für 920 Dollar an Cyberkriminelle. Die Hacker wussten genau, wen sie bestechen mussten, denn mit seinen Zugangsdaten und der Verbindungen der […]…
-
Apache Tomcat Coyote Flaw Allows Attackers to Launch DoS Attacks
The Apache Software Foundation has revealed a vulnerability in the Tomcat Coyote module, specifically within the Maven artifact org.apache.tomcat:tomcat-coyote, that could enable malicious actors to orchestrate denial-of-service (DoS) attacks. This flaw stems from an uncontrolled resource consumption issue tied to HTTP/2 protocol handling, potentially allowing attackers to overwhelm server resources by manipulating stream concurrency limits.…
-
How defenders use the dark web
Tags: access, antivirus, attack, breach, corporate, credit-card, crypto, cyber, cybercrime, dark-web, data, data-breach, email, extortion, finance, fraud, government, group, hacker, healthcare, identity, incident, insurance, intelligence, Internet, interpol, law, leak, lockbit, mail, malware, monitoring, network, phishing, ransom, ransomware, service, software, theft, threat, tool, usa, vpnAttributing attacks to threat actors: When organizations suffer from data breaches and cyber incidents, the dark web becomes a crucial tool for defenders, including the impacted businesses, their legal teams, and negotiators.Threat actors such as ransomware groups often attack organizations to encrypt and steal their data so they can extort them for money, in exchange…
-
North Korean Hackers Flood npm Registry with XORIndex Malware in Ongoing Attack Campaign
The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing another set of 67 malicious packages to the npm registry, underscoring ongoing attempts to poison the open-source ecosystem via software supply chain attacks.The packages, per Socket, have attracted more than 17,000 downloads, and incorporate a previously undocumented version of a…
-
Attackers Now ‘Scanning Extensively’ for Citrix Bleed 2
Ransomware Group Among Attackers Focused on Exploiting Citrix Netscaler Flaw. Security experts warn that attackers have ramped up their collective attempts to find and exploit Citrix NetScaler devices that remain unpatched. Cloud Security Group patched CVE-2025-5777, a flaw also known as Citrix Bleed 2, nearly four weeks ago with a software update. First seen on…
-
The Unusual Suspect: Git Repos
While phishing and ransomware dominate headlines, another critical risk quietly persists across most enterprises: exposed Git repositories leaking sensitive data. A risk that silently creates shadow access into core systemsGit is the backbone of modern software development, hosting millions of repositories and serving thousands of organizations worldwide. Yet, amid the daily hustle of shipping First…
-
A software-defined radio can derail a US train by slamming the brakes on remotely
Neil Smith has been trying to get the railroad industry to listen since 2012, but it took a CISA warning to get there First seen on theregister.com Jump to article: www.theregister.com/2025/07/14/train_brakes_flaw/
-
PerfektBlue Bug Chain Exposes Cars to Bluetooth Hacking
Bluetooth Flaws in Car Software Could Enable Hijacking of Infotainment Systems. A set of critical Bluetooth flaws in software that helps cars connect to phones and other devices could enable attackers to remotely take control of car infotainment systems used by major automakers including Mercedes-Benz, Skoda and Volkswagen, new research shows. First seen on govinfosecurity.com…