Privilegienausweitung in Linux: Lokale Nutzer können fremde Dateien lesen (2026-05-15 17:31 UTC)
Kurz: Die Sicherheitslücke ist seit Jahren bekannt, behoben wurde sie erst am Donnerstag. Nur Stunden später gibt es einen Exploit, derweil rüstet das Kernelteam auf.
Haftbefehl abgelehnt: KI-Treffer ist für Richter nur ein vager Hinweis (2026-05-15 14:50 UTC)
Kurz: Ein Amtsgericht bremst den Einsatz von Gesichtserkennung und stärkt die Rechte von Beschuldigten gegenüber undurchsichtigen IT-Ermittlungswerkzeugen.
Microsoft rejects critical Azure vulnerability report, no CVE issued (2026-05-16 20:55 UTC)
Kurz: A security researcher claims Microsoft quietly fixed an Azure Backup for AKS vulnerability after rejecting his report, and without issuing a CVE. Microsoft disputes the claim, telling BleepingComputer the behavior was expected and that “no …
Kurz: The Russian hacker group Secret Blizzard has developed its long-running Kazuar backdoor into a modular peer-to-peer (P2P) botnet designed for long-term persistence, stealth, and data collection. […]
Kurz: A critical vulnerability in the Funnel Builder plugin for WordPress is being actively exploited to inject malicious JavaScript snippets into WooCommerce checkout pages. […]
Funnel Builder Flaw Under Active Exploitation Enables WooCommerce Checkout Skimming (2026-05-16 15:20 UTC)
Kurz: A critical security vulnerability impacting the Funnel Builder plugin for WordPress has come under active exploitation in the wild to inject malicious JavaScript code into WooCommerce checkout pages with the goal of stealing payment data. D…
Turla Turns Kazuar Backdoor Into Modular P2P Botnet for Persistent Access (2026-05-15 17:10 UTC)
Kurz: The Russian state-sponsored hacking group known as Turla has transformed its custom backdoor Kazuar into a modular peer-to-peer (P2P) botnet that’s engineered for stealth and persistent access to compromised hosts. Turla, per the U.S. Cyber…
Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence (2026-05-15 13:35 UTC)
Kurz: Cybersecurity researchers have disclosed a set of four security flaws in OpenClaw that could be chained to achieve data theft, privilege escalation, and persistence. The vulnerabilities, collectively dubbed Claw Chain by Cyera, can permit a…