Geheimdienstbericht in Kanada: Cyberoperationen im Ausland (2026-07-07 03:15 UTC)
Kurz: Nachrichtendienst führt Cyberangriffe gegen Drogenhändler, Extremisten und Cyberkriminelle durch. Ungewöhnlich ist das nicht, das öffentliche Bekenntnis schon.
Für digitale Souveränität: RISC-V-Sicherheitschip aus Deutschland (2026-07-06 15:51 UTC)
Kurz: Mehrere Fraunhofer-Institute haben gemeinsam ein Secure Element auf Basis des offengelegten OpenTitan entwickelt, das Globalfoundries in Dresden fertigt.
Node.js kämpft mit Flut an automatisierten Sicherheitsreports (2026-07-06 13:38 UTC)
Kurz: In der Node.js-Community ist eine Diskussion darüber entstanden, wie sie weiter mit der Vielzahl an LLM-generierten Sicherheitsmeldungen verfahren soll.
Microsoft testing new Cloud Rebuild Windows 11 recovery feature (2026-07-07 07:37 UTC)
Kurz: Microsoft has begun testing the Cloud Rebuild recovery feature in the latest Windows 11 Insider Preview builds released for users in the Experimental channel. […]
Phishing poses as big-brand job interview to steal Google accounts (2026-07-06 20:27 UTC)
Kurz: A phishing campaign is impersonating more than 30 well-known brands, including Adobe, Netflix, Coca-Cola, and OpenAI, in fake job interviews to steal Google account credentials from marketing professionals. […]
Fake IT support calls on Microsoft Teams push EtherRAT malware (2026-07-06 20:23 UTC)
Kurz: Threat actors are abusing Microsoft Teams voice calls by impersonating corporate IT support staff to trick employees into installing the EtherRAT malware, giving attackers initial access to corporate networks. […]
CERT/CC Warns of Hidden Admin Backdoor in Tenda Router Firmware (2026-07-07 06:40 UTC)
Kurz: Several versions of firmware released by Chinese network device manufacturer Tenda have been found to embed an undocumented authentication backdoor that enables administrative access to the devices’ web management interfaces, the CERT Coord…
BeyondTrust Patches Critical Auth Bypass Flaws in Remote Support and PRA (2026-07-07 05:16 UTC)
Kurz: BeyondTrust has released updates to address two critical security flaws affecting Remote Support (RS) and Privileged Remote Access (PRA) products that, if successfully exploited, could allow unauthenticated attackers to take control of susc…
Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations (2026-07-06 18:34 UTC)
Kurz: An Iranian hacking group affiliated with Iran’s Ministry of Intelligence and Security (MOIS) has been wielding a previously undocumented modular command-and-control (C2) framework dubbed Cavern (aka Cav3rn) targeting Israeli organizations. …