Consulting News

News und Newsarchiv für unsere NC Consultants
Firefox Add-on

Grafikkartentreiber von Nvidia unter Linux und Windows angreifbar

Erfasst 21.05.2026 10:20 | Heise Security
Nvidia hat 13 Sicherheitslücken in seinem GPU-Treiber für Linux und Windows geschlossen. Weitere Patches sichern vGPU ab.
Quelle ansehen

9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros

Erfasst 21.05.2026 10:20 | The Hackers News
Cybersecurity researchers have disclosed details of a vulnerability in the Linux kernel that remained undetected for nine years. The vulnerability, tracked as CVE-2026-46333 (CV...
Quelle ansehen

Sicherheitspatches Atlassian: Bamboo, Confluence & Co. sind verwundbar

Erfasst 21.05.2026 10:05 | Heise Security
Unter anderem DoS- und Schadcode-Sicherheitslücken bedrohen Anwendungen von Atlassian. Admins sollten die Patches zeitnah installieren.
Quelle ansehen

Cybergang Rhysida behauptet Datenklau bei Stadt Stuttgart

Erfasst 21.05.2026 09:50 | Heise Security
Die kriminelle Vereinigung Rhysida behauptet, bei der Stadt Stuttgart umfangreiche Dokumente aus der IT geklaut zu haben und will Lösegeld.
Quelle ansehen

Microsoft warns of new Defender zero-days exploited in attacks

Erfasst 21.05.2026 09:50 | BleepingComputer
On Wednesday, Microsoft started rolling out security patches for two Defender vulnerabilities that have been exploited in zero-day attacks. [...]
Quelle ansehen

Browser-Updates: Chrome, Firefox und Thunderbird stopfen Sicherheitslecks

Erfasst 21.05.2026 09:05 | Heise Security
Aktualisierungen für die Webbrowser Chrome und Firefox sowie das Mailprogramm Thunderbird stopfen teils kritische Sicherheitslücken.
Quelle ansehen

GitHub links repo breach to TanStack npm supply-chain attack

Erfasst 21.05.2026 09:05 | BleepingComputer
GitHub says the hackers who breached 3,800 internal repositories gained access via a malicious version of the Nx Console VS Code extension, compromised in last week's TanStack n...
Quelle ansehen

Attackierte MS-Defender-Lücken und BitLocker-Schutzmaßnahmen

Erfasst 21.05.2026 08:05 | Heise Security
Die CISA warnt vor Angriffen auf teils 18 Jahre alte Microsoft-Lücken. Patches schützen den Defender und Gegenmaßnahmen vor BitLocker-Lücke.
Quelle ansehen

Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks

Erfasst 21.05.2026 06:50 | The Hackers News
Drupal has released security updates for a "highly critical" security vulnerability in Drupal Core that could be exploited by attackers to achieve remote code execution, privile...
Quelle ansehen

GitHub Internal Repositories Breached via Malicious Nx Console VS Code Extension

Erfasst 21.05.2026 06:50 | The Hackers News
GitHub on Wednesday officially confirmed that the breach of its internal repositories was the result of a compromise of an employee device involving a poisoned version of the Nx...
Quelle ansehen

Ukraine identifies infostealer operator tied to 28,000 stolen accounts

Erfasst 20.05.2026 23:49 | BleepingComputer
The Ukrainian cyberpolice, working in conjunction with U.S. law enforcement, has identified an 18-year-old man from Odesa suspected of running an infostealer malware operation t...
Quelle ansehen

Hackers bypass SonicWall VPN MFA due to incomplete patching

Erfasst 20.05.2026 23:34 | BleepingComputer
Threat actors brute-forced VPN credentials and bypassed multi-factor authentication (MFA) on SonicWall Gen6 SSL-VPN appliances to deploy tools used in ransomware attacks. [...]
Quelle ansehen

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

Erfasst 20.05.2026 19:48 | CISA all alerts
CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog , based on evidence of active exploitation. CVE-2008-4250 Microsoft Windows Buffer ...
Quelle ansehen

Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development

Erfasst 20.05.2026 19:18 | The Hackers News
Microsoft has unveiled two new open-source tools called RAMPART and Clarity to assist developers in better testing the security of artificial intelligence (AI) agents. RAMPART, ...
Quelle ansehen

Grafana breach caused by missed token rotation after TanStack attack

Erfasst 20.05.2026 17:48 | BleepingComputer
The Grafana data breach was caused by a single GitHub workflow token that slipped through the rotation process following the TanStack npm supply-chain attack last week. [...]
Quelle ansehen

Microsoft Takes Down Malware-Signing Service Behind Ransomware Attacks

Erfasst 20.05.2026 16:48 | The Hackers News
Microsoft on Tuesday said it disrupted a malware-signing-as-a-service (MSaaS) operation that weaponized the company's Artifact Signing system to deliver malicious code and condu...
Quelle ansehen

Identity Alone Isn't Enough: Why Device Security Has to Share the Load

Erfasst 20.05.2026 16:18 | BleepingComputer
Identity checks alone can't stop attackers using stolen session tokens and compromised devices. Specops Software outlines why Zero Trust strategies increasingly depend on contin...
Quelle ansehen

Agent AI is Coming. Are You Ready?

Erfasst 20.05.2026 15:33 | The Hackers News
New Industry Data Just Released Suggests Not. On May 19th, 2026, Orchid Security released the results of our Identity Gap: Snapshot 2026. Among the findings, "identity dark matt...
Quelle ansehen
Hinweis: Dies ist ein News-Aggregator. Das Copyright liegt bei den jeweiligen Webseiten. Die Links wurden zum Zeitpunkt der Abfrage als virenfrei und sicher bewertet. Bitte dennoch mit der nötigen Vorsicht prüfen.