Signal reagiert auf deutsche Probleme (2026-04-28 03:05 UTC)
Kurz: Die Signal-Stiftung reagiert auf verwirrende Berichte über Phishing in Deutschland und den Niederlanden. Sie erklärt, wie die Angreifer vorgehen.
Kurz: Online trading platform Robinhood’s account creation process was exploited by threat actors to inject phishing messages into legitimate emails, tricking users into believing their accounts had suspicious activity. […]
Canada arrests three for operating “SMS blaster” device in Toronto (2026-04-27 20:00 UTC)
Kurz: Canadian authorities have arrested three men for operating an “SMS blaster” device that pretends to be a cellular tower to send phishing texts to nearby phones. […]
Microsoft Patches Entra ID Role Flaw That Enabled Service Principal Takeover (2026-04-28 06:37 UTC)
Kurz: An administrative role meant for artificial intelligence (AI) agents within Microsoft Entra ID could enable privilege escalation and identity takeover attacks, according to new findings from Silverfort. Agent ID Administrator is a privilege…
Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202 (2026-04-28 05:50 UTC)
Kurz: Microsoft on Monday revised its advisory for a now-patched, high-severity security flaw impacting Windows Shell to acknowledge that it has been actively exploited in the wild. The vulnerability in question is CVE-2026-32202 (CVSS score: 4.3…
Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack (2026-04-27 14:19 UTC)
Kurz: Checkmarx has disclosed that its ongoing investigation tied to the supply chain security incident has revealed that a cybercriminal group published data related to the company on the dark web. “Based on current evidence, we believe this dat…
Kurz: The camel-infinispan component’s ProtoStream-based remote aggregation repository deserializes data read from a remote Infinispan cache using java.io.ObjectInputStream without applying any ObjectInputFilter. An attacker w…