IT‑Sicherheits‑Digest (2026-03-04) Aktuelle Security‑News heise security „Star Citizen“: Angreifer hatten Zugriff auf Daten von Cloud Imperium Games (2026-03-03 13:03 UTC) Kurz: Beim Spielestudio Cloud Imperium Games (CIG) konnten Kriminelle in die IT-Infrastruktur einbrechen und auf Kundendaten zugreifen. Quelle: Link HCL BigFix: Angreifer können auf Daten im Dateisystem zugreifen (2026-03-03 13:00 UTC) Kurz: Die Endpoint-Management-Plattform HCL BigFix ist verwundbar. Sicherheitsupdates sind verfügbar. Quelle: Link HPE AutoPass License Server erlaubt Umgehung der Authentifizierung (2026-03-03 09:32 UTC) Kurz: HPE warnt vor einer gravierenden Sicherheitslücke im HPE AutoPass Lizenzserver (APLS). Die Authentifizierung lässt sich umgehen. Quelle: Link BleepingComputer CISA flags VMware Aria Operations RCE flaw as exploited in attacks (2026-03-03 23:40 UTC) Kurz: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, flagging the flaw as exploited in attacks. […] Quelle: Link Paint maker giant AkzoNobel confirms cyberattack on U.S. site (2026-03-03 23:00 UTC) Kurz: The multinational Dutch paint company AkzoNobel has confirmed to BleepingComputer that hackers breached the network of one of its U.S. sites. […] Quelle: Link Facebook accounts unavailable in worldwide outage (2026-03-03 22:38 UTC) Kurz: Social media giant Facebook is currently experiencing a massive worldwide outage, preventing users from accessing their accounts. […] Quelle: Link The Hacker News CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog (2026-03-04 04:35 UTC) Kurz: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw impacting Broadcom VMware Aria Operations to its Known Exploited Vulnerabilities (KEV) catalog, citing active exploitation … Quelle: Link Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations (2026-03-03 17:15 UTC) Kurz: Threat hunters have called attention to a new campaign as part of which bad actors masqueraded as fake IT support to deliver the Havoc command-and-control (C2) framework as a precursor to data exfiltration or ransomware attack. The intrusio… Quelle: Link Building a High-Impact Tier 1: The 3 Steps CISOs Must Follow (2026-03-03 14:30 UTC) Kurz: Every CISO knows the uncomfortable truth about their Security Operations Center: the people most responsible for catching threats in real time are the people with the least experience. Tier 1 analysts sit at the front line of detection, and… Quelle: Link Neue CVEs (letzte 24h, NVD‑Abgleich) Fortinet FortiGate (7.4.x) Keine neuen Treffer in den letzten 24h. Atlassian (Jira/Confluence) Keine neuen Treffer in den letzten 24h. HPE/Aruba Switches Keine neuen Treffer in den letzten 24h. VMware ESXi/vCenter (7.x) Keine neuen Treffer in den letzten 24h. Hinweis CVE‑Treffer sind ein Frühwarn‑Check (NVD) und müssen für eure exakten Versionen/Deployments gegengeprüft werden (Vendor Advisory/Patches).

IT‑Sicherheits‑Digest (2026-03-03) Aktuelle Security‑News heise security 6G als riesiges Radarsystem: ETSI sieht Gefahren für Privatsphäre und Sicherheit (2026-03-02 14:28 UTC) Kurz: 6G-Funk soll nicht nur Daten übertragen, sondern die Umgebung aktiv ausleuchten. ETSI warnt vor Gefahren für Sicherheit und Privatsphäre durch dieses „Sensing“. Quelle: Link IPFire 2.29 Core Update 200: Linux 6.18 LTS und DBL-Preview (2026-03-02 14:16 UTC) Kurz: IPFire 2.29 Core Update 200 bringt Linux 6.18 LTS, das neue Domain-Blocklist-System, zahlreiche Paket‑Updates und wichtige Leistungsverbesserungen. Quelle: Link Hunderte infizierte FreePBX-Instanzen im Netz (2026-03-02 09:35 UTC) Kurz: Anfang Februar warnte die CISA vor Angriffen auf FreePBX-Instanzen. Aktuell stehen Hunderte kompromittierte Installationen im Netz. Quelle: Link BleepingComputer CyberStrikeAI tool adopted by hackers for AI-powered attacks (2026-03-03 00:06 UTC) Kurz: Researchers warn that a newly identified open-source AI security testing platform called CyberStrikeAI was used by the same threat actor behind a recent campaign that breached hundreds of Fortinet FortiGate firewalls. […] Quelle: Link Fake Google Security site uses PWA app to steal credentials, MFA codes (2026-03-02 20:23 UTC) Kurz: A phishing campaign is using a fake Google Account security page to deliver a web-based app capable of stealing one-time passcodes, harvesting cryptocurrency wallet addresses, and proxying attacker traffic through victims’ browsers. […] Quelle: Link Alabama man pleads guilty to hacking, extorting hundreds of women (2026-03-02 18:54 UTC) Kurz: A 22-year-old Alabama man pleaded guilty to extortion, cyberstalking, and computer fraud charges after hijacking the social media accounts of hundreds of young women (including minors). […] Quelle: Link The Hacker News New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel (2026-03-02 17:08 UTC) Kurz: Cybersecurity researchers have disclosed details of a now-patched security flaw in Google Chrome that could have permitted attackers to escalate privileges and gain access to local files on the system. The vulnerability, tracked as CVE-2026… Quelle: Link Google Develops Merkle Tree Certificates to Enable Quantum-Resistant HTTPS in Chrome (2026-03-02 16:52 UTC) Kurz: Google has announced a new program in its Chrome browser to ensure that HTTPS certificates are secure against the future risk posed by quantum computers. “To ensure the scalability and efficiency of the ecosystem, Chrome has no immediate pl… Quelle: Link ⚡ Weekly Recap: SD-WAN 0-Day, Critical CVEs, Telegram Probe, Smart TV Proxy SDK and More (2026-03-02 13:26 UTC) Kurz: This week is not about one big event. It shows where things are moving. Network systems, cloud setups, AI tools, and common apps are all being pushed in different ways. Small gaps in access control, exposed keys, and normal features are bei… Quelle: Link Neue CVEs (letzte 24h, NVD‑Abgleich) Fortinet FortiGate (7.4.x) Keine neuen Treffer in den letzten 24h. Atlassian (Jira/Confluence) Keine neuen Treffer in den letzten 24h. HPE/Aruba Switches CVE-2026-23600 — CVSS n/a Kurz: A remote authentication bypass vulnerability exists in HPE AutoPass License Server (APLS). Quelle: Link VMware ESXi/vCenter (7.x) Keine neuen Treffer in den letzten 24h. Hinweis CVE‑Treffer sind ein Frühwarn‑Check (NVD) und müssen für eure exakten Versionen/Deployments gegengeprüft werden (Vendor Advisory/Patches).

IT‑Sicherheits‑Digest (2026-03-02) Aktuelle Security‑News heise security Anthropic-CEO nennt Vorgehen des Pentagons „vergeltend und strafend“ (2026-02-28 11:55 UTC) Kurz: Anthropic-CEO Amodei wehrt sich in einem Interview gegen die Einstufung als Sicherheitsrisiko und beruft sich auf amerikanische Grundwerte. Quelle: Link Nach Bruch mit Anthropic: Pentagon schließt KI-Deal offenbar mit OpenAI (2026-02-28 10:30 UTC) Kurz: Nach dem eskalierten Streit mit Anthropic setzt das Pentagon nun offenbar auf OpenAI. Details des Deals bleiben offen – Sicherheitsfragen stehen im Fokus. Quelle: Link Schweiz: Die E-ID kommt später (2026-02-28 07:29 UTC) Kurz: Die Einführung der elektronischen Identitätskarte in der Schweiz verschiebt sich vom Sommer auf voraussichtlich Ende des Jahres 2026. Sicherheit soll vorgehen. Quelle: Link BleepingComputer ClawJacked attack let malicious websites hijack OpenClaw to steal data (2026-03-01 21:44 UTC) Kurz: Security researchers have disclosed a high-severity vulnerability dubbed “ClawJacked” in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally running instance and take control over it. [.… Quelle: Link Samsung TVs to stop collecting Texans’ data without express consent (2026-03-01 15:23 UTC) Kurz: Samsung and the State of Texas have reached a settlement agreement over the alleged unlawful collection of content-viewing information through its smart TVs […] Quelle: Link QuickLens Chrome extension steals crypto, shows ClickFix attack (2026-02-28 19:18 UTC) Kurz: A Chrome extension named “QuickLens - Search Screen with Google Lens” has been removed from the Chrome Web Store after it was compromised to push malware and attempt to steal crypto from thousands of users. […] Quelle: Link The Hacker News ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket (2026-02-28 17:21 UTC) Kurz: OpenClaw has fixed a high-severity security issue that, if successfully exploited, could have allowed a malicious website to connect to a locally running artificial intelligence (AI) agent and take over control. “Our vulnerability lives in … Quelle: Link Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement (2026-02-28 09:56 UTC) Kurz: New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused to authenticate to sensitive Gemini endpoints and access private data. The findings come from Truffle Secur… Quelle: Link Pentagon Designates Anthropic Supply Chain Risk Over AI Military Dispute (2026-02-28 04:57 UTC) Kurz: Anthropic on Friday hit back after U.S. Secretary of Defense Pete Hegseth directed the Pentagon to designate the artificial intelligence (AI) upstart as a “supply chain risk.” “This action follows months of negotiations that reached an impa… Quelle: Link Neue CVEs (letzte 24h, NVD‑Abgleich) Fortinet FortiGate (7.4.x) Keine neuen Treffer in den letzten 24h. Atlassian (Jira/Confluence) Keine neuen Treffer in den letzten 24h. HPE/Aruba Switches Keine neuen Treffer in den letzten 24h. VMware ESXi/vCenter (7.x) Keine neuen Treffer in den letzten 24h. Hinweis CVE‑Treffer sind ein Frühwarn‑Check (NVD) und müssen für eure exakten Versionen/Deployments gegengeprüft werden (Vendor Advisory/Patches).

IT‑Sicherheits‑Digest (2026-03-01) Aktuelle Security‑News heise security Anthropic-CEO nennt Vorgehen des Pentagons „vergeltend und strafend“ (2026-02-28 11:55 UTC) Kurz: Anthropic-CEO Amodei wehrt sich in einem Interview gegen die Einstufung als Sicherheitsrisiko und beruft sich auf amerikanische Grundwerte. Quelle: Link Nach Bruch mit Anthropic: Pentagon schließt KI-Deal offenbar mit OpenAI (2026-02-28 10:30 UTC) Kurz: Nach dem eskalierten Streit mit Anthropic setzt das Pentagon nun offenbar auf OpenAI. Details des Deals bleiben offen – Sicherheitsfragen stehen im Fokus. Quelle: Link Schweiz: Die E-ID kommt später (2026-02-28 07:29 UTC) Kurz: Die Einführung der elektronischen Identitätskarte in der Schweiz verschiebt sich vom Sommer auf voraussichtlich Ende des Jahres 2026. Sicherheit soll vorgehen. Quelle: Link BleepingComputer QuickLens Chrome extension steals crypto, shows ClickFix attack (2026-02-28 19:18 UTC) Kurz: A Chrome extension named “QuickLens - Search Screen with Google Lens” has been removed from the Chrome Web Store after it was compromised to push malware and attempt to steal crypto from thousands of users. […] Quelle: Link $4.8M in crypto stolen after Korean tax agency exposes wallet seed (2026-02-28 15:17 UTC) Kurz: South Korea’s National Tax Service accidentally exposed the mnemonic recovery phrase of a seized cryptocurrency wallet in an official press release, allowing hackers to steal 6.4 billion won ($4.8M) worth in cryptocurrency. […] Quelle: Link Microsoft testing Windows 11 batch file security improvements (2026-02-27 20:00 UTC) Kurz: Microsoft is rolling out new Windows 11 Insider Preview builds that improve security and performance during batch file or CMD script execution. […] Quelle: Link The Hacker News ClawJacked Flaw Lets Malicious Sites Hijack Local OpenClaw AI Agents via WebSocket (2026-02-28 17:21 UTC) Kurz: OpenClaw has fixed a high-severity security issue that, if successfully exploited, could have allowed a malicious website to connect to a locally running artificial intelligence (AI) agent and take over control. “Our vulnerability lives in … Quelle: Link Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement (2026-02-28 09:56 UTC) Kurz: New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused to authenticate to sensitive Gemini endpoints and access private data. The findings come from Truffle Secur… Quelle: Link Pentagon Designates Anthropic Supply Chain Risk Over AI Military Dispute (2026-02-28 04:57 UTC) Kurz: Anthropic on Friday hit back after U.S. Secretary of Defense Pete Hegseth directed the Pentagon to designate the artificial intelligence (AI) upstart as a “supply chain risk.” “This action follows months of negotiations that reached an impa… Quelle: Link Neue CVEs (letzte 24h, NVD‑Abgleich) Fortinet FortiGate (7.4.x) Keine neuen Treffer in den letzten 24h. Atlassian (Jira/Confluence) Keine neuen Treffer in den letzten 24h. HPE/Aruba Switches Keine neuen Treffer in den letzten 24h. VMware ESXi/vCenter (7.x) Keine neuen Treffer in den letzten 24h. Hinweis CVE‑Treffer sind ein Frühwarn‑Check (NVD) und müssen für eure exakten Versionen/Deployments gegengeprüft werden (Vendor Advisory/Patches).

IT‑Sicherheits‑Digest (2026-02-28) Aktuelle Security‑News heise security Bericht: US-Verteidigungsministerium will Chinas Infrastruktur mit KI abklopfen (2026-02-27 14:23 UTC) Kurz: Das US-Verteidigungsministerium will laut einem Bericht KI einsetzen, um Schwachstellen in Chinas Infrastruktur zu finden und diese für Angriffe zu nutzen. Quelle: Link Virenjagd: VirusTotal flexibler nutzen per Kommandozeile (2026-02-27 12:47 UTC) Kurz: Batch-Scans mehrerer verdächtiger Dateien und passgenaue Malware-Recherchen zur Incident Response: Mit dem Gratis-Tool vt-cli folgt VirusTotal Ihrem Kommando. Quelle: Link sudo-rs ändert 46 Jahre alte Konvention bei Passworteingabe (2026-02-27 11:38 UTC) Kurz: Die Rust-Implementierung sudo-rs zeigt beim Eintippen von Passwörtern nun standardmäßig Sternchen an. Ein Bruch mit langer Unix-Tradition. Quelle: Link BleepingComputer Microsoft testing Windows 11 batch file security improvements (2026-02-27 20:00 UTC) Kurz: Microsoft is rolling out new Windows 11 Insider Preview builds that improve security and performance during batch file or CMD script execution. […] Quelle: Link APT37 hackers use new malware to breach air-gapped networks (2026-02-27 19:21 UTC) Kurz: North Korean hackers are deploying newly uncovered tools to move data between internet-connected and air-gapped systems, spread via removable drives, and conduct covert surveillance. […] Quelle: Link Europol-led crackdown on The Com hackers leads to 30 arrests (2026-02-27 18:20 UTC) Kurz: A yearlong Europol-coordinated operation dubbed “Project Compass” has led to 30 arrests and 179 suspects being tied to “The Com,” an online cybercrime collective that targets children and teenagers. […] Quelle: Link The Hacker News Pentagon Designates Anthropic Supply Chain Risk Over AI Military Dispute (2026-02-28 04:57 UTC) Kurz: Anthropic on Friday hit back after U.S. Secretary of Defense Pete Hegseth directed the Pentagon to designate the artificial intelligence (AI) upstart as a “supply chain risk.” “This action follows months of negotiations that reached an impa… Quelle: Link DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams (2026-02-27 18:11 UTC) Kurz: The U.S. Department of Justice (DoJ) this week announced the seizure of $61 million worth of Tether that were allegedly associated with bogus cryptocurrency schemes known as pig butchering. The confiscated funds were traced to cryptocurrenc… Quelle: Link 900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks (2026-02-27 17:59 UTC) Kurz: The Shadowserver Foundation has revealed that over 900 Sangoma FreePBX instances still remain infected with web shells as part of attacks that exploited a command injection vulnerability starting in December 2025. Of these, 401 instances ar… Quelle: Link Neue CVEs (letzte 24h, NVD‑Abgleich) Fortinet FortiGate (7.4.x) Keine neuen Treffer in den letzten 24h. Atlassian (Jira/Confluence) Keine neuen Treffer in den letzten 24h. HPE/Aruba Switches Keine neuen Treffer in den letzten 24h. VMware ESXi/vCenter (7.x) CVE-2026-22716 — CVSS 5.0 (MEDIUM) Kurz: Out-of-bound write vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to terminate certain Workstation processes. Quelle: Link CVE-2026-22717 — CVSS 2.7 (LOW) Kurz: Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the machine where VMware… Quelle: Link Hinweis CVE‑Treffer sind ein Frühwarn‑Check (NVD) und müssen für eure exakten Versionen/Deployments gegengeprüft werden (Vendor Advisory/Patches).

IT‑Sicherheits‑Digest (2026-02-27) Aktuelle Security‑News heise security Junos OS Evolved: Update außer der Reihe stopft Codeschmuggel-Lücke (2026-02-27 06:49 UTC) Kurz: In Junos OS Evolved der PTX-Serie von Juniper Networks klafft eine kritische Sicherheitslücke. Ein ungeplantes Update schließt sie. Quelle: Link Kommentar: KI-Müll treibt curls Bug-Bounty-Programm vor sich her (2026-02-26 14:34 UTC) Kurz: Erst weg von HackerOne, vier Wochen später zurück – curl reagiert erratisch auf die Flut wertloser und belastender KI-Beiträge. Quelle: Link Betrug über Telegram steigt um 233 Prozent – Fake-Jobs sind das größte Problem (2026-02-26 12:46 UTC) Kurz: Trotz vieler Betrugsversuche auf Meta-Plattformen ist die am schnellsten wachsende Quelle für Scams Telegram. Besonders der Betrug mit Fake-Jobs boomt. Quelle: Link BleepingComputer Previously harmless Google API keys now expose Gemini AI data (2026-02-26 20:55 UTC) Kurz: Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI assistant and access private data. […] Quelle: Link Trend Micro warns of critical Apex One code execution flaws (2026-02-26 17:58 UTC) Kurz: Trend Micro has patched two critical Apex One vulnerabilities that allow attackers to gain remote code execution (RCE) on vulnerable Windows systems. […] Quelle: Link European DYI chain ManoMano data breach impacts 38 million customers (2026-02-26 17:35 UTC) Kurz: DIY store chain ManoMano is notifying customers of a data breach personal data, which was caused by hackers compromising a third-party service provider. […] Quelle: Link The Hacker News Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade Takedown (2026-02-26 18:00 UTC) Kurz: Cybersecurity researchers have disclosed details of a new botnet loader called Aeternum C2 that uses a blockchain-based command-and-control (C2) infrastructure to make it resilient to takedown efforts. “Instead of relying on traditional ser… Quelle: Link UAT-10027 Targets U.S. Education and Healthcare with Dohdoor Backdoor (2026-02-26 15:17 UTC) Kurz: A previously undocumented threat activity cluster has been attributed to an ongoing malicious campaign targeting education and healthcare sectors in the U.S. since at least December 2025. The campaign is being tracked by Cisco Talos under t… Quelle: Link ThreatsDay Bulletin: Kali Linux + Claude, Chrome Crash Traps, WinRAR Flaws, LockBit & 15+ Stories (2026-02-26 14:28 UTC) Kurz: Nothing here looks dramatic at first glance. That’s the point. Many of this week’s threats begin with something ordinary, like an ad, a meeting invite, or a software update. Behind the scenes, the tactics are sharper. Access happens faster.… Quelle: Link Neue CVEs (letzte 24h, NVD‑Abgleich) Fortinet FortiGate (7.4.x) Keine neuen Treffer in den letzten 24h. Atlassian (Jira/Confluence) Keine neuen Treffer in den letzten 24h. HPE/Aruba Switches Keine neuen Treffer in den letzten 24h. VMware ESXi/vCenter (7.x) CVE-2026-22715 — CVSS 5.9 (MEDIUM) Kurz: VMWare Workstation and Fusion contain a logic flaw in the management of network packets. Known attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network … Quelle: Link Hinweis CVE‑Treffer sind ein Frühwarn‑Check (NVD) und müssen für eure exakten Versionen/Deployments gegengeprüft werden (Vendor Advisory/Patches).

IT‑Sicherheits‑Digest (2026-02-26) Aktuelle Security‑News heise security Claude: KI-Chatbot für Cyberangriff auf mexikanische Regierung genutzt (2026-02-25 22:06 UTC) Kurz: Ein unbekannter Cyberkrimineller dringt mittels des KI-Chatbots von Anthropic in mexikanische Behördennetzwerke ein. Das folgt einem besorgniserregenden Trend. Quelle: Link Diverse VMware-Produkte über mehrere Sicherheitslücken angreifbar (2026-02-25 13:50 UTC) Kurz: Unter anderem VMware Cloud Foundation ist verwundbar. Admins sollten die verfügbaren Sicherheitsupdates installieren. Quelle: Link Manager bei Rüstungskonzern: 87 Monate Gefängnis für den Verkauf von Zero-Days (2026-02-25 13:33 UTC) Kurz: Der Rüstungskonzern L3Harris sammelt auch Zero-Day-Exploits für ausgewählte Regierungen. Ein Manager hat solche an einen Russen verkauft und muss nun in Haft. Quelle: Link BleepingComputer Medical device maker UFP Technologies warns of data stolen in cyberattack (2026-02-25 23:02 UTC) Kurz: American manufacturer of medical devices, UFP Technologies, has disclosed that a cybersecurity incident has compromised its IT systems and data. […] Quelle: Link Fake Next.js job interview tests backdoor developer’s devices (2026-02-25 21:47 UTC) Kurz: The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, including recruiting coding tests. […… Quelle: Link Critical Cisco SD-WAN bug exploited in zero-day attacks since 2023 (2026-02-25 18:01 UTC) Kurz: Cisco is warning that a critical authentication bypass vulnerability in Cisco Catalyst SD-WAN, tracked as CVE-2026-20127, was actively exploited in zero-day attacks that allowed remote attackers to compromise controllers and add malicious r… Quelle: Link The Hacker News Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access (2026-02-26 06:13 UTC) Kurz: A newly disclosed maximum-severity security flaw in Cisco Catalyst SD-WAN Controller (formerly vSmart) and Catalyst SD-WAN Manager (formerly vManage) has come under active exploitation in the wild as part of malicious activity that dates ba… Quelle: Link Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countries (2026-02-25 17:46 UTC) Kurz: Google on Wednesday disclosed that it worked with industry partners to disrupt the infrastructure of a suspected China-nexus cyber espionage group tracked as UNC2814 that breached at least 53 organizations across 42 countries. “This prolifi… Quelle: Link Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration (2026-02-25 17:00 UTC) Kurz: Cybersecurity researchers have disclosed multiple security vulnerabilities in Anthropic’s Claude Code, an artificial intelligence (AI)-powered coding assistant, that could result in remote code execution and theft of API credentials. “The v… Quelle: Link Neue CVEs (letzte 24h, NVD‑Abgleich) Fortinet FortiGate (7.4.x) Keine neuen Treffer in den letzten 24h. Atlassian (Jira/Confluence) CVE-2026-1662 — CVSS 7.5 (HIGH) Kurz: GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.4 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthenticated user to cause Denial of Service by send… Quelle: Link HPE/Aruba Switches Keine neuen Treffer in den letzten 24h. VMware ESXi/vCenter (7.x) CVE-2026-22719 — CVSS 8.1 (HIGH) Kurz: VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations … Quelle: Link CVE-2026-22720 — CVSS 8.0 (HIGH) Kurz: VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create custom benchmarks may be able to inject script to perform administrative actions in VMware Aria Ope… Quelle: Link CVE-2026-22721 — CVSS 6.2 (MEDIUM) Kurz: VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria … Quelle: Link Hinweis CVE‑Treffer sind ein Frühwarn‑Check (NVD) und müssen für eure exakten Versionen/Deployments gegengeprüft werden (Vendor Advisory/Patches).

IT‑Sicherheits‑Digest (2026-02-25) Aktuelle Security‑News heise security Zeitersparnis durch KI – doch viele befürchten Datenlecks (2026-02-25 05:55 UTC) Kurz: Smarte Spartipps, Betrugsschutz, blitzschnelle Baufinanzierung: KI soll Bankgeschäfte erleichtern. Wie sicher sind die Daten wirklich? Die Skepsis ist groß. Quelle: Link Microsoft-Anleitung für Secure-Boot-Zertifikate von Windows Servern (2026-02-24 13:25 UTC) Kurz: Microsofts Secure-Boot-Zertifikate laufen im Juni aus und müssen ersetzt werden. Microsoft gibt Server-Admins eine Handreichung. Quelle: Link iOS 26.4 Beta 2: Apple testet RCS-Verschlüsselung mit Android (2026-02-24 10:28 UTC) Kurz: Apple hat eine neue Entwicklerbeta fürs iPhone freigegeben. Damit lassen sich erstmals verschlüsselte RCS-Gespräche in Richtung Android testen – und mehr. Quelle: Link BleepingComputer Phishing campaign targets freight and logistics orgs in the US, Europe (2026-02-24 23:57 UTC) Kurz: A financially motivated threat group dubbed “Diesel Vortex” is stealing credentials from freight and logistics operators in the U.S. and Europe in phishing attacks using 52 domains. […] Quelle: Link Wynn Resorts confirms employee data breach after extortion threat (2026-02-24 21:51 UTC) Kurz: Wynn Resorts has confirmed that a hacker stole employee data from its systems after the company was listed on the ShinyHunters extortion gang’s data leak site. […] Quelle: Link 1Campaign platform helps malicious Google ads evade detection (2026-02-24 21:45 UTC) Kurz: A newly identified cybercrime service known as 1Campaign is enabling threat actors to run malicious Google Ads that remain online for extended periods while evading scrutiny from security researchers. […] Quelle: Link The Hacker News CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability (2026-02-25 05:23 UTC) Kurz: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed vulnerability in FileZen to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability,… Quelle: Link RoguePilot Flaw in GitHub Codespaces Enabled Copilot to Leak GITHUB_TOKEN (2026-02-24 18:52 UTC) Kurz: A vulnerability in GitHub Codespaces could have been exploited by bad actors to seize control of repositories by injecting malicious Copilot instructions in a GitHub issue. The artificial intelligence (AI)-driven vulnerability has been code… Quelle: Link UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware (2026-02-24 14:21 UTC) Kurz: A Russia-aligned threat actor has been observed targeting a European financial institution as part of a social engineering attack to likely facilitate intelligence gathering or financial theft, signaling a possible expansion of the threat a… Quelle: Link Neue CVEs (letzte 24h, NVD‑Abgleich) Fortinet FortiGate (7.4.x) Keine neuen Treffer in den letzten 24h. Atlassian (Jira/Confluence) Keine neuen Treffer in den letzten 24h. HPE/Aruba Switches Keine neuen Treffer in den letzten 24h. VMware ESXi/vCenter (7.x) Keine neuen Treffer in den letzten 24h. Hinweis CVE‑Treffer sind ein Frühwarn‑Check (NVD) und müssen für eure exakten Versionen/Deployments gegengeprüft werden (Vendor Advisory/Patches).

IT‑Sicherheits‑Digest (2026-02-24) Aktuelle Security‑News heise security Mit ChatGPT erstellte Passwörter sind nicht sicher (2026-02-23 13:45 UTC) Kurz: Wer KI-Chatbots auffordert, starke Passwörter zu erstellen, erhält zwar sicher erscheinende Ergebnisse, jedoch sind die Passwörter leicht zu knacken. Quelle: Link Sicherheitsupdate: Schadcode-Attacken auf GIMP möglich (2026-02-23 10:36 UTC) Kurz: Angreifer können PCs, auf denen das Grafikprogramm GIMP installiert ist, attackieren. Dafür müssen Opfer aber mitspielen. Quelle: Link CarGurus: Have I Been Pwned integriert Daten von 12,5 Millionen Kunden (2026-02-23 09:53 UTC) Kurz: Have I Been Pwned ist um 12,5 Millionen Einträge von CarGurus-Nutzern und -Nutzerinnen reicher. Die haben ShinyHunters geklaut. Quelle: Link BleepingComputer Android mental health apps with 14.7M installs filled with security flaws (2026-02-23 22:59 UTC) Kurz: Several mental health mobile apps with millions of downloads on Google Play contain security vulnerabilities that could expose users’ sensitive medical information. […] Quelle: Link Spain arrests suspected hacktivists for DDoSing govt sites (2026-02-23 21:59 UTC) Kurz: Spanish authorities have arrested four alleged members of a hacktivist group believed to have carried out cyberattacks targeting government ministries, political parties, and various public institutions. […] Quelle: Link Microsoft says bug in classic Outlook hides the mouse pointer (2026-02-23 19:40 UTC) Kurz: Microsoft is investigating a known issue that causes the mouse pointer to disappear in the classic Outlook desktop email client for some users. […] Quelle: Link The Hacker News APT28 Targeted European Entities Using Webhook-Based Macro Malware (2026-02-23 19:41 UTC) Kurz: The Russia-linked state-sponsored threat actor tracked as APT28 has been attributed to a new campaign targeting specific entities in Western and Central Europe. The activity, per S2 Grupo’s LAB52 threat intelligence team, was active between… Quelle: Link Wormable XMRig Campaign Uses BYOVD Exploit and Time-Based Logic Bomb (2026-02-23 17:59 UTC) Kurz: Cybersecurity researchers have disclosed details of a new cryptojacking campaign that uses pirated software bundles as lures to deploy a bespoke XMRig miner program on compromised hosts. “Analysis of the recovered dropper, persistence trigg… Quelle: Link ⚡ Weekly Recap: Double-Tap Skimmers, PromptSpy AI, 30Tbps DDoS, Docker Malware & More (2026-02-23 13:00 UTC) Kurz: Security news rarely moves in a straight line. This week, it feels more like a series of sharp turns, some happening quietly in the background, others playing out in public view. The details are different, but the pressure points are famili… Quelle: Link Neue CVEs (letzte 24h, NVD‑Abgleich) Fortinet FortiGate (7.4.x) Keine neuen Treffer in den letzten 24h. Atlassian (Jira/Confluence) Keine neuen Treffer in den letzten 24h. HPE/Aruba Switches CVE-2026-23694 — CVSS n/a Kurz: Aruba HiSpeed Cache (aruba-hispeed-cache) WordPress plugin versions prior to 3.0.5 contain a cross-site request forgery (CSRF) vulnerability affecting multiple administrative AJAX actions. The handlers for ahsc_reset_opt… Quelle: Link VMware ESXi/vCenter (7.x) Keine neuen Treffer in den letzten 24h. Hinweis CVE‑Treffer sind ein Frühwarn‑Check (NVD) und müssen für eure exakten Versionen/Deployments gegengeprüft werden (Vendor Advisory/Patches).

IT‑Sicherheits‑Digest (2026-02-23) Aktuelle Security‑News heise security Anthropic launcht Claude Code Security – Cybersecurity-Aktien verlieren (2026-02-21 15:53 UTC) Kurz: Das KI-Tool Claude Code Security von Anthropic analysiert Code kontextbasiert statt regelbasiert. Die Börse reagiert nervös, Aktienkurse geben nach. Quelle: Link Zahlreiche Kernel-Lücken in Dell PowerProtect Data Manager geschlossen (2026-02-20 12:16 UTC) Kurz: Dells Backuplösung PowerProtect Data Manager ist unter anderem für Schadcode-Attacken anfällig. Sicherheitspatches stehen zum Download bereit. Quelle: Link Kommentar: Russlands Cyber-Angriffe erfordern eine Reaktion (2026-02-20 12:07 UTC) Kurz: Jürgen Schmidt sprach sich lange Zeit gegen offensive Cyber-Aktionen aus. Russlands Sabotage-Angriff auf Polens Energieversorgung hat seine Meinung geändert. Quelle: Link BleepingComputer Arkanix Stealer pops up as short-lived AI info-stealer experiment (2026-02-22 15:33 UTC) Kurz: An information-stealing malware operation named Arkanix Stealer, promoted on multiple dark web forums towards the end of 2025, was likely developed as an AI-assisted experiment. […] Quelle: Link Predator spyware hooks iOS SpringBoard to hide mic, camera activity (2026-02-21 16:13 UTC) Kurz: Intellexa’s Predator spyware can hide iOS recording indicators while secretly streaming camera and microphone feeds to its operators. […] Quelle: Link Amazon: AI-assisted hacker breached 600 Fortinet firewalls in 5 weeks (2026-02-21 13:50 UTC) Kurz: Amazon is warning that a Russian-speaking hacker used multiple generative AI services as part of a campaign that breached more than 600 FortiGate firewalls across 55 countries in five weeks. […] Quelle: Link The Hacker News AI-Assisted Threat Actor Compromises 600+ FortiGate Devices in 55 Countries (2026-02-21 14:49 UTC) Kurz: A Russian-speaking, financially motivated threat actor has been observed taking advantage of commercial generative artificial intelligence (AI) services to compromise over 600 FortiGate devices located in 55 countries. That’s according to n… Quelle: Link Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning (2026-02-21 07:58 UTC) Kurz: Artificial intelligence (AI) company Anthropic has begun to roll out a new security feature for Claude Code that can scan a user’s software codebase for vulnerabilities and suggest patches. The capability, called Claude Code Security, is cu… Quelle: Link CISA Adds Two Actively Exploited Roundcube Flaws to KEV Catalog (2026-02-21 07:21 UTC) Kurz: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added two security flaws impacting Roundcube webmail software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulne… Quelle: Link Neue CVEs (letzte 24h, NVD‑Abgleich) Fortinet FortiGate (7.4.x) Keine neuen Treffer in den letzten 24h. Atlassian (Jira/Confluence) Keine neuen Treffer in den letzten 24h. HPE/Aruba Switches Keine neuen Treffer in den letzten 24h. VMware ESXi/vCenter (7.x) Keine neuen Treffer in den letzten 24h. Hinweis CVE‑Treffer sind ein Frühwarn‑Check (NVD) und müssen für eure exakten Versionen/Deployments gegengeprüft werden (Vendor Advisory/Patches).