Claude: KI-Chatbot für Cyberangriff auf mexikanische Regierung genutzt (2026-02-25 22:06 UTC)
Kurz: Ein unbekannter Cyberkrimineller dringt mittels des KI-Chatbots von Anthropic in mexikanische Behördennetzwerke ein. Das folgt einem besorgniserregenden Trend.
Manager bei Rüstungskonzern: 87 Monate Gefängnis für den Verkauf von Zero-Days (2026-02-25 13:33 UTC)
Kurz: Der Rüstungskonzern L3Harris sammelt auch Zero-Day-Exploits für ausgewählte Regierungen. Ein Manager hat solche an einen Russen verkauft und muss nun in Haft.
Medical device maker UFP Technologies warns of data stolen in cyberattack (2026-02-25 23:02 UTC)
Kurz: American manufacturer of medical devices, UFP Technologies, has disclosed that a cybersecurity incident has compromised its IT systems and data. […]
Kurz: The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, including recruiting coding tests. [……
Critical Cisco SD-WAN bug exploited in zero-day attacks since 2023 (2026-02-25 18:01 UTC)
Kurz: Cisco is warning that a critical authentication bypass vulnerability in Cisco Catalyst SD-WAN, tracked as CVE-2026-20127, was actively exploited in zero-day attacks that allowed remote attackers to compromise controllers and add malicious r…
Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access (2026-02-26 06:13 UTC)
Kurz: A newly disclosed maximum-severity security flaw in Cisco Catalyst SD-WAN Controller (formerly vSmart) and Catalyst SD-WAN Manager (formerly vManage) has come under active exploitation in the wild as part of malicious activity that dates ba…
Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches Across 42 Countries (2026-02-25 17:46 UTC)
Kurz: Google on Wednesday disclosed that it worked with industry partners to disrupt the infrastructure of a suspected China-nexus cyber espionage group tracked as UNC2814 that breached at least 53 organizations across 42 countries. “This prolifi…
Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration (2026-02-25 17:00 UTC)
Kurz: Cybersecurity researchers have disclosed multiple security vulnerabilities in Anthropic’s Claude Code, an artificial intelligence (AI)-powered coding assistant, that could result in remote code execution and theft of API credentials. “The v…
Kurz: GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.4 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that could have allowed an unauthenticated user to cause Denial of Service by send…
Kurz: VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations …
Kurz: VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create custom benchmarks may be able to inject script to perform administrative actions in VMware Aria Ope…
Kurz: VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria …