Überwachung in Berlin: Wenn die KI das „Umhergehen ohne Anlass“ meldet (2026-03-10 19:45 UTC)
Kurz: Der Berliner Senat weitet die Videoüberwachung aus und setzt auf automatisierte Verhaltensanalyse vor dem Abgeordnetenhaus und an Kriminalitätsschwerpunkten.
Kurz: Mit Ubuntu 26.04 LTS wird Authd erstmals offiziell über die Paketquellen verfügbar. Der Daemon erlaubt die Authentifizierung mit Cloud-Providern wie Microsoft.
Kurz: For more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new EDR killer named BlackSanta. […]
New BeatBanker Android malware poses as Starlink app to hijack devices (2026-03-10 21:27 UTC)
Kurz: A new Android malware named BeatBanker can hijack devices and tricks users into installing it by posing as a Starlink app on websites masquerading as the official Google Play Store. […]
New ‘Zombie ZIP’ technique lets malware slip past security tools (2026-03-10 20:05 UTC)
Kurz: A new technique dubbed “Zombie ZIP” helps conceal payloads in compressed files specially created to avoid detection from security solutions such as antivirus and endpoint detection and response (EDR) products. […]
Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets (2026-03-11 05:12 UTC)
Kurz: Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the threat actors. The Rust packages, published to crates.io, are listed below - chrono_anchor dnp3…
FortiGate Devices Exploited to Breach Networks and Steal Service Account Credentials (2026-03-10 16:21 UTC)
Kurz: Cybersecurity researchers are calling attention to a new campaign where threat actors are abusing FortiGate Next-Generation Firewall (NGFW) appliances as entry points to breach victim networks. The activity involves the exploitation of rece…
How to Stop AI Data Leaks: A Webinar Guide to Auditing Modern Agentic Workflows (2026-03-10 16:21 UTC)
Kurz: Artificial Intelligence (AI) is no longer just a tool we talk to; it is a tool that does things for us. These are called AI Agents. They can send emails, move data, and even manage software on their own. But there is a problem. While these …
Kurz: A Stack-based Buffer Overflow vulnerability [CWE-121] vulnerability in Fortinet FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 through 7.2.10, FortiManager 6.4 all versions may allow a remote unauthenticated attack…
Kurz: A hidden functionality vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.3, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2.0 through 7.2.10, FortiAnalyzer 7.0.0 through 7.0.14, FortiAnalyzer 6.4 all version…
Kurz: An improper neutralization of special elements used in an sql command (‘sql injection’) vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.7, FortiAnalyzer 7.2 all versions, Fort…
Kurz: An Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability [CWE-22] vulnerability in Fortinet FortiSOAR Agent Communication Bridge 1.1.0, FortiSOAR Agent Communication Bridge 1.0 all …
Kurz: An authentication bypass by spoofing vulnerability in Fortinet FortiWeb 7.6.0 through 7.6.3, FortiWeb 7.4.0 through 7.4.8, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow a remote unauthenticated attacker …
Kurz: An Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability [CWE-79] vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.…
Kurz: MCP Atlassian is a Model Context Protocol (MCP) server for Atlassian products (Confluence and Jira). Prior to version 0.17.0, the confluence_download_attachment MCP tool accepts a download_path parameter that is writ…
Kurz: MCP Atlassian is a Model Context Protocol (MCP) server for Atlassian products (Confluence and Jira). Prior to version 0.17.0, an unauthenticated attacker who can reach the mcp-atlassian HTTP endpoint can force the server…