IT‑Sicherheits‑Digest (2026-03-22)

Aktuelle Security‑News

heise security

  • Studie: Mehrheit der DACH-Unternehmen hält Cloud-Abschaltung für realistisch (2026-03-20 15:30 UTC)
    • Kurz: 83 Prozent der Unternehmen halten eine einseitige Abschaltung durch Cloud-Provider für realistisch. Fast die Hälfte hat keine Exit-Strategie.
    • Quelle: Link
  • Diverse Attacken auf Dell Secure Connect Gateway Policy Manager möglich (2026-03-20 12:13 UTC)
    • Kurz: Mehrere Sicherheitslücken gefährden Systeme mit Dell Secure Connect Gateway Policy Manager. Eine reparierte Version steht zum Download bereit.
    • Quelle: Link
  • OpenWrt: Service-Releases schließen kritische Sicherheitslücken (2026-03-20 11:00 UTC)
    • Kurz: Die Service-Releases 25.12.1 und 24.10.6 des Router-Betriebssystems OpenWrt dichten als kritisch eingestufte Sicherheitslücken ab.
    • Quelle: Link

BleepingComputer

  • Trivy vulnerability scanner breach pushed infostealer via GitHub Actions (2026-03-21 17:30 UTC)
    • Kurz: The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed credential-stealing malware through official releases and GitHub Actions. […]
    • Quelle: Link
  • Google adds ‘Advanced Flow’ for safe APK sideloading on Android (2026-03-21 14:18 UTC)
    • Kurz: Google has announced a new mechanism in Android called Advanced Flow that will allow sideloading APKs from unverified developers for power users in a more secure way. […]
    • Quelle: Link
  • Microsoft Azure Monitor alerts abused for callback phishing attacks (2026-03-21 14:09 UTC)
    • Kurz: Microsoft Azure Monitor alerts are being abused to send callback phishing emails that impersonate warnings from the Microsoft Security Team about unauthorized charges on your account. […]
    • Quelle: Link

The Hacker News

  • FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks (2026-03-21 13:17 UTC)
    • Kurz: Threat actors affiliated with Russian Intelligence Services are conducting phishing campaigns to compromise commercial messaging applications (CMAs) like WhatsApp and Signal to seize control of accounts belonging to individuals with high in…
    • Quelle: Link
  • Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager (2026-03-21 10:24 UTC)
    • Kurz: Oracle has released security updates to address a critical security flaw impacting Identity Manager and Web Services Manager that could be exploited to achieve remote code execution. The vulnerability, tracked as CVE-2026-21992, carries a C…
    • Quelle: Link
  • Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages (2026-03-21 08:25 UTC)
    • Kurz: The threat actors behind the supply chain attack targeting the popular Trivy scanner are suspected to be conducting follow-on attacks that have led to the compromise of a large number of npm packages with a previously undocumented self-prop…
    • Quelle: Link

Neue CVEs (letzte 24h, NVD‑Abgleich)

Fortinet FortiGate (7.4.x)

  • Keine neuen Treffer in den letzten 24h.

Atlassian (Jira/Confluence)

  • Keine neuen Treffer in den letzten 24h.

HPE/Aruba Switches

  • Keine neuen Treffer in den letzten 24h.

VMware ESXi/vCenter (7.x)

  • Keine neuen Treffer in den letzten 24h.

Hinweis

  • CVE‑Treffer sind ein Frühwarn‑Check (NVD) und müssen für eure exakten Versionen/Deployments gegengeprüft werden (Vendor Advisory/Patches).