MastodonTech.de

Daniel Kuhl 📯From Check Point Research:Following Microsoft disclosure of a critical SharePoint 0-day vulnerability dubbed “ToolShell” (CVE-2025-53770, a variant of the authentication-bypass bug CVE-2025-49706), Check Point Research released an advisory with key findings on the vulnerability.<a href="https://blog.checkpoint.com/research/sharepoint-zero-day-cve-2025-53770-actively-exploited-what-security-teams-need-to-know/" rel="nofollow noopener" translate="no" target="_blank">https://blog.checkpoint.com/research/sharepoint-zero-day-cve-2025-53770-actively-exploited-what-security-teams-need-to-know/</a><a href="https://infosec.exchange/tags/zeroday" class="mention hashtag" rel="nofollow noopener" target="_blank">#zeroday</a> <a href="https://infosec.exchange/tags/toolshell" class="mention hashtag" rel="nofollow noopener" target="_blank">#toolshell</a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerability</a> <a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#cve</a>

ManiabelChrisNur einige Stichworte zum Thema: Was kann da schon passieren...<ul><li><a href="https://mastodon.de/tags/Atomwaffen" class="mention hashtag" rel="nofollow noopener" target="_blank">#Atomwaffen</a></li><li><a href="https://mastodon.de/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#Microsoft</a> <a href="https://mastodon.de/tags/SharePoint" class="mention hashtag" rel="nofollow noopener" target="_blank">#SharePoint</a></li><li><a href="https://mastodon.de/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#ZeroDay</a> </li><li><a href="https://mastodon.de/tags/Breach" class="mention hashtag" rel="nofollow noopener" target="_blank">#Breach</a></li></ul>Interessant, was Bloomberg berichtet: <a href="https://www.bloomberg.com/news/articles/2025-07-23/us-nuclear-weapons-agency-breached-in-microsoft-sharepoint-hack" rel="nofollow noopener" translate="no" target="_blank">https://www.bloomberg.com/news/articles/2025-07-23/us-nuclear-weapons-agency-breached-in-microsoft-sharepoint-hack</a><a href="https://mastodon.de/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a>

Daniel Kuhl 📯ToolShell is actively being exploited and if you're running SharePoint on-prem, this is a real threat!Join our <a href="https://infosec.exchange/tags/CheckMates" class="mention hashtag" rel="nofollow noopener" target="_blank">#CheckMates</a> session tomorrow, Thursday, July 24 at 4 PM CET | 10 AM EST to learn how the exploit works, who's being targeted, and what you can do right now to protect your environment.We'll hear the latest insights from Check Point Research along with actionable steps.<a href="https://checkpoint.zoom.us/webinar/register/6317532570861/WN_7suWr4NBRFazMtp72zCd3A" rel="nofollow noopener" translate="no" target="_blank">https://checkpoint.zoom.us/webinar/register/6317532570861/WN_7suWr4NBRFazMtp72zCd3A</a><a href="https://infosec.exchange/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#ZeroDay</a> <a href="https://infosec.exchange/tags/ToolShell" class="mention hashtag" rel="nofollow noopener" target="_blank">#ToolShell</a> <a href="https://infosec.exchange/tags/SharePoint" class="mention hashtag" rel="nofollow noopener" target="_blank">#SharePoint</a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/CheckPoint" class="mention hashtag" rel="nofollow noopener" target="_blank">#CheckPoint</a> <a href="https://infosec.exchange/tags/CVE202553770" class="mention hashtag" rel="nofollow noopener" target="_blank">#CVE202553770</a> <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener" target="_blank">#ThreatIntel</a>

Opalsec :verified:Hey everyone! It's been a pretty packed 24 hours in the cyber world, with critical zero-day exploits, major breaches, new malware tactics, and some significant policy shifts from the UK government. Let's dive in:SharePoint Zero-Days Under Active Exploitation by China-Linked APTs ⚠️ - Microsoft SharePoint on-premise servers are under active attack via a chain of zero-day vulnerabilities (CVE-2025-53770, CVE-2025-53771), allowing unauthenticated Remote Code Execution (RCE) and spoofing. - Microsoft attributes exploitation to China-linked nation-state groups Linen Typhoon (APT27), Violet Typhoon (APT31), and Storm-2603, who are deploying web shells and stealing MachineKeys for persistence. - Emergency patches have been released for SharePoint Server Subscription Edition, 2019, and 2016, but organisations with internet-exposed on-premise servers should assume compromise and rotate ASP.NET machine keys and restart IIS.🤖 Bleeping Computer | <a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-sharepoint-toolshell-attacks-linked-to-chinese-hackers/" rel="nofollow noopener" translate="no" target="_blank">https://www.bleepingcomputer.com/news/microsoft/microsoft-sharepoint-toolshell-attacks-linked-to-chinese-hackers/</a> 🤖 Bleeping Computer | <a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-patches-critical-sharepoint-2016-zero-days-amid-active-exploits/" rel="nofollow noopener" translate="no" target="_blank">https://www.bleepingcomputer.com/news/microsoft/microsoft-patches-critical-sharepoint-2016-zero-days-amid-active-exploits/</a> 🤫 CyberScoop | <a href="https://cyberscoop.com/microsoft-sharepoint-zero-days-china-typhoon/" rel="nofollow noopener" translate="no" target="_blank">https://cyberscoop.com/microsoft-sharepoint-zero-days-china-typhoon/</a> 🕵🏼 The Register | <a href="https://go.theregister.com/feed/www.theregister.com/2025/07/22/chinese_groups_attacking_microsoft_sharepoint/" rel="nofollow noopener" translate="no" target="_blank">https://go.theregister.com/feed/www.theregister.com/2025/07/22/chinese_groups_attacking_microsoft_sharepoint/</a>Cisco ISE RCE Flaws Actively Exploited 🛡️ - Cisco warns of active exploitation of three maximum-severity (CVSS 10.0) unauthenticated Remote Code Execution (RCE) vulnerabilities in Cisco Identity Services Engine (ISE): CVE-2025-20281, CVE-2025-20282, and CVE-2025-20337. - These flaws allow attackers to execute arbitrary commands as root or upload and execute malicious files without authentication. - Immediate patching to ISE 3.3 Patch 7 or ISE 3.4 Patch 2 is critical, as there are no workarounds.🤖 Bleeping Computer | <a href="https://www.bleepingcomputer.com/news/security/cisco-maximum-severity-ise-rce-flaws-now-exploited-in-attacks/" rel="nofollow noopener" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/cisco-maximum-severity-ise-rce-flaws-now-exploited-in-attacks/</a>Recent Cyber Attacks and Breaches 🚨 - Dell confirmed a breach of its "Solution Center" demo environment, stating that the exfiltrated 1.3 TB of data by WorldLeaks (Hunters International rebrand) was "primarily synthetic (fake) data" or non-sensitive. - Hungarian police arrested a 23-year-old suspect, "Hano," for a prolonged series of DDoS attacks against independent media outlets in Hungary and the Vienna-based International Press Institute (IPI) since April 2023. - AMEOS Group, a major Central European healthcare network, disclosed a security breach where external actors gained unauthorised access to IT systems, potentially exposing patient, employee, and partner data, leading to a full IT system shutdown. - A Silicon Valley engineer, Chenguang Gong, pleaded guilty to stealing thousands of trade secrets, including sensitive US missile technology and radiation-hardened camera designs, from his employers, with links to Chinese "talent programs."🕵🏼 The Register | <a href="https://go.theregister.com/feed/www.theregister.com/2025/07/21/dell_scoffs_at_breach/" rel="nofollow noopener" translate="no" target="_blank">https://go.theregister.com/feed/www.theregister.com/2025/07/21/dell_scoffs_at_breach/</a> 🗞️ The Record | <a href="https://therecord.media/hungary-arrest-suspect-hacking-independent-media" rel="nofollow noopener" translate="no" target="_blank">https://therecord.media/hungary-arrest-suspect-hacking-independent-media</a> 🕵🏼 The Register | <a href="https://go.theregister.com/feed/www.theregister.com/2025/07/22/engineer_admits_trade_theft/" rel="nofollow noopener" translate="no" target="_blank">https://go.theregister.com/feed/www.theregister.com/2025/07/22/engineer_admits_trade_theft/</a> 🤖 Bleeping Computer | <a href="https://www.bleepingcomputer.com/news/security/major-european-healthcare-network-discloses-security-breach/" rel="nofollow noopener" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/major-european-healthcare-network-discloses-security-breach/</a>New Malware and Ransomware Tactics 👾 - CISA and FBI issued a joint warning about escalating Interlock ransomware activity, which targets businesses and critical infrastructure, particularly healthcare, using unusual initial access methods like drive-by downloads from compromised sites and fake browser updates. - Russian cybersecurity researchers disrupted NyashTeam, a Russian-speaking group operating a malware-as-a-service scheme (DCRat, WebRat) since 2022, by dismantling over 110 domains and removing associated Telegram channels and instructional videos. - A new variant of the Coyote banking trojan is abusing Microsoft's UI Automation (UIA) framework to identify banking and cryptocurrency exchange sites, a technique that evades Endpoint Detection and Response (EDR) and marks the first real-world case of UIA abuse for data theft. - Arch Linux removed three malicious packages ("librewolf-fix-bin", "firefox-patch-bin", "zen-browser-patched-bin") from its Arch User Repository (AUR) that were installing the CHAOS Remote Access Trojan (RAT), highlighting the risks of community-maintained repositories.🗞️ The Record | <a href="https://therecord.media/russia-hacker-group-disrupted-local-researchers" rel="nofollow noopener" translate="no" target="_blank">https://therecord.media/russia-hacker-group-disrupted-local-researchers</a> 🤖 Bleeping Computer | <a href="https://www.bleepingcomputer.com/news/security/cisa-and-fbi-warn-of-escalating-interlock-ransomware-attacks/" rel="nofollow noopener" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/cisa-and-fbi-warn-of-escalating-interlock-ransomware-attacks/</a> 🕵🏼 The Register | <a href="https://go.theregister.com/feed/www.theregister.com/2025/07/22/arch_aur_browsers_compromised/" rel="nofollow noopener" translate="no" target="_blank">https://go.theregister.com/feed/www.theregister.com/2025/07/22/arch_aur_browsers_compromised/</a> 🤖 Bleeping Computer | <a href="https://www.bleepingcomputer.com/news/security/coyote-malware-abuses-windows-accessibility-framework-for-data-theft/" rel="nofollow noopener" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/coyote-malware-abuses-windows-accessibility-framework-for-data-theft/</a> 🗞️ The Record | <a href="https://therecord.media/fbi-vigilance-interlock-ransomware" rel="nofollow noopener" translate="no" target="_blank">https://therecord.media/fbi-vigilance-interlock-ransomware</a>UK Government's Ransomware Policy Shift 🇬🇧 - The UK government is proposing a ban on ransomware payments by public sector organisations and critical national infrastructure (CNI) to disrupt the criminal business model and make these entities less attractive targets. - New measures, part of the Cyber Resilience Bill, will also mandate reporting of all ransomware incidents to law enforcement and require private businesses to notify the government before making any ransom payments. - While aiming to improve visibility and resilience, concerns remain about the effectiveness of a payment ban on opportunistic attackers and whether law enforcement will have sufficient resources to utilise the increased intelligence.🕵🏼 The Register | <a href="https://go.theregister.com/feed/www.theregister.com/2025/07/22/uk_to_ban_ransomware_payments/" rel="nofollow noopener" translate="no" target="_blank">https://go.theregister.com/feed/www.theregister.com/2025/07/22/uk_to_ban_ransomware_payments/</a> 🗞️ The Record | <a href="https://therecord.media/mandatory-reporting-ransomware-attacks-uk-proposal" rel="nofollow noopener" translate="no" target="_blank">https://therecord.media/mandatory-reporting-ransomware-attacks-uk-proposal</a> 🤖 Bleeping Computer | <a href="https://www.bleepingcomputer.com/news/security/uk-to-ban-public-sector-orgs-from-paying-ransomware-gangs/" rel="nofollow noopener" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/uk-to-ban-public-sector-orgs-from-paying-ransomware-gangs/</a> 🤫 CyberScoop | <a href="https://cyberscoop.com/uk-ransomware-payment-ban-public-sector-private-business-reporting/" rel="nofollow noopener" translate="no" target="_blank">https://cyberscoop.com/uk-ransomware-payment-ban-public-sector-private-business-reporting/</a>New Wi-Fi Tracking Raises Privacy Concerns 🔒 - Researchers in Italy have developed "WhoFi," a technique that creates a unique biometric identifier for individuals based on how their bodies interfere with Wi-Fi signals (Channel State Information - CSI). - This method allows for re-identification and tracking of people across different Wi-Fi networks with high accuracy (up to 95.5%), even if they are not carrying a device. - The research raises significant privacy concerns, as it enables pervasive surveillance without traditional visual or device-based tracking.🕵🏼 The Register | <a href="https://go.theregister.com/feed/www.theregister.com/2025/07/22/whofi_wifi_identifier/" rel="nofollow noopener" translate="no" target="_blank">https://go.theregister.com/feed/www.theregister.com/2025/07/22/whofi_wifi_identifier/</a>CISA CyberSentry Program Funding Lapses 📉 - Funding for CISA's CyberSentry Program, a critical public-private partnership that monitors US critical infrastructure (IT/OT) for nation-state threats, expired on Sunday. - This lapse has forced Lawrence Livermore National Laboratory to stop monitoring networks, creating a significant gap in visibility into potential cyberattacks on essential services. - The incident highlights ongoing instability and funding challenges within CISA and the broader federal government, impacting vital cybersecurity initiatives.🕵🏼 The Register | <a href="https://go.theregister.com/feed/www.theregister.com/2025/07/22/lapsed_cisa_funding_cybersentry/" rel="nofollow noopener" translate="no" target="_blank">https://go.theregister.com/feed/www.theregister.com/2025/07/22/lapsed_cisa_funding_cybersentry/</a>Open Source Security: Eyeballs and Trust 👀 - An opinion piece highlights that while open source software benefits from "many eyes" for security, this doesn't come for free; trust is built through clear communication and defensive coding. - Automated scanners can misidentify benign, low-level system utilities as malware, as demonstrated by John Hammond's analysis of the "Talon" Windows de-bloater. - Developers of open source tools that perform system-wide modifications should provide thorough documentation and and comments to clarify their intent and avoid triggering suspicion.🕵🏼 The Register | <a href="https://go.theregister.com/feed/www.theregister.com/2025/07/22/open_source_windows_security_opinion_column/" rel="nofollow noopener" translate="no" target="_blank">https://go.theregister.com/feed/www.theregister.com/2025/07/22/open_source_windows_security_opinion_column/</a>Windows Server Update Issues ⚙️ - Microsoft has acknowledged a known issue where the July 8th Windows Server 2019 security update (KB5062557) causes the Cluster service to repeatedly stop and restart. - This bug can prevent nodes from rejoining clusters, lead to virtual machine restarts, and trigger Event ID 7031 errors, especially on systems with BitLocker enabled on Cluster Shared Volumes (CSV) drives. - While a mitigation is available, Microsoft has not yet rolled it out publicly and is advising affected organisations to contact business support for assistance.🤖 Bleeping Computer | <a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-server-kb5062557-causes-cluster-vm-issues/" rel="nofollow noopener" translate="no" target="_blank">https://www.bleepingcomputer.com/news/microsoft/microsoft-windows-server-kb5062557-causes-cluster-vm-issues/</a><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/ThreatIntelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#ThreatIntelligence</a> <a href="https://infosec.exchange/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#ZeroDay</a> <a href="https://infosec.exchange/tags/RCE" class="mention hashtag" rel="nofollow noopener" target="_blank">#RCE</a> <a href="https://infosec.exchange/tags/SharePoint" class="mention hashtag" rel="nofollow noopener" target="_blank">#SharePoint</a> <a href="https://infosec.exchange/tags/CiscoISE" class="mention hashtag" rel="nofollow noopener" target="_blank">#CiscoISE</a> <a href="https://infosec.exchange/tags/Ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#Ransomware</a> <a href="https://infosec.exchange/tags/APT" class="mention hashtag" rel="nofollow noopener" target="_blank">#APT</a> <a href="https://infosec.exchange/tags/NationState" class="mention hashtag" rel="nofollow noopener" target="_blank">#NationState</a> <a href="https://infosec.exchange/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#Malware</a> <a href="https://infosec.exchange/tags/DataBreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#DataBreach</a> <a href="https://infosec.exchange/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#Privacy</a> <a href="https://infosec.exchange/tags/UKGov" class="mention hashtag" rel="nofollow noopener" target="_blank">#UKGov</a> <a href="https://infosec.exchange/tags/CISA" class="mention hashtag" rel="nofollow noopener" target="_blank">#CISA</a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#InfoSec</a> <a href="https://infosec.exchange/tags/CyberAttack" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberAttack</a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#IncidentResponse</a>

nemo™ 🇺🇦🚨 Chinese state hackers launch stealthy attacks exploiting critical Microsoft SharePoint vulnerabilities in on-prem servers, allowing remote code execution & persistent access. 🌐 Microsoft urges urgent patching to prevent data breaches & maintain security. <a href="https://mas.to/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://mas.to/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#Microsoft</a> <a href="https://mas.to/tags/SharePoint" class="mention hashtag" rel="nofollow noopener" target="_blank">#SharePoint</a> <a href="https://mas.to/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#ZeroDay</a> <a href="https://mas.to/tags/APT" class="mention hashtag" rel="nofollow noopener" target="_blank">#APT</a> <a href="https://mas.to/tags/newz" class="mention hashtag" rel="nofollow noopener" target="_blank">#newz</a> 🔗 <a href="https://cyberinsider.com/microsoft-chinese-state-hackers-target-sharepoint-flaw-in-stealthy-attacks/" rel="nofollow noopener" translate="no" target="_blank">https://cyberinsider.com/microsoft-chinese-state-hackers-target-sharepoint-flaw-in-stealthy-attacks/</a>

Paul Chambers🚧<a href="https://ioc.exchange/@bluetea" class="u-url mention" rel="nofollow noopener" target="_blank">@bluetea</a> Also, here is the release: 🔗 Customer guidance for SharePoint vulnerability CVE-2025-53770 <a href="https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/" rel="nofollow noopener" translate="no" target="_blank">https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/</a><a href="https://archive.ph/Dlhra" rel="nofollow noopener" translate="no" target="_blank">https://archive.ph/Dlhra</a> <a href="https://oldfriends.live/tags/SharePoint" class="mention hashtag" rel="nofollow noopener" target="_blank">#SharePoint</a> <a href="https://oldfriends.live/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#CVE</a> <a href="https://oldfriends.live/tags/Hack" class="mention hashtag" rel="nofollow noopener" target="_blank">#Hack</a> <a href="https://oldfriends.live/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#ZeroDay</a> <a href="https://oldfriends.live/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#InfoSec</a> <a href="https://freeradical.zone/@funnymonkey" class="u-url mention" rel="nofollow noopener" target="_blank">@funnymonkey</a>

CybersecKyleVMware fixes four ESXi zero-day bugs exploited at Pwn2Own Berlin <a href="https://www.bleepingcomputer.com/news/security/vmware-fixes-four-esxi-zero-day-bugs-exploited-at-pwn2own-berlin/" rel="nofollow noopener" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/vmware-fixes-four-esxi-zero-day-bugs-exploited-at-pwn2own-berlin/</a><a href="https://infosec.exchange/tags/vmware" class="mention hashtag" rel="nofollow noopener" target="_blank">#vmware</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/zeroday" class="mention hashtag" rel="nofollow noopener" target="_blank">#zeroday</a>

CybersecKyleCVE-2025-6554 marks the fifth actively exploited Chrome Zero-Day patched by Google in 2025 <a href="https://securityaffairs.com/180001/hacking/cve-2025-6554-marks-the-fifth-actively-exploited-chrome-zero-day-patched-by-google-in-2025.html" rel="nofollow noopener" translate="no" target="_blank">https://securityaffairs.com/180001/hacking/cve-2025-6554-marks-the-fifth-actively-exploited-chrome-zero-day-patched-by-google-in-2025.html</a><a href="https://infosec.exchange/tags/cyberseurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cyberseurity</a> <a href="https://infosec.exchange/tags/chrome" class="mention hashtag" rel="nofollow noopener" target="_blank">#chrome</a> <a href="https://infosec.exchange/tags/Zeroday" class="mention hashtag" rel="nofollow noopener" target="_blank">#Zeroday</a>

nemo™ 🇺🇦Google has released an emergency Chrome update to patch CVE-2025-6558, a high-severity sandbox escape flaw actively exploited in the wild 🚨. The vulnerability affects ANGLE/GPU components and could let attackers break out of Chrome’s security sandbox via a malicious webpage 💻. This impacts all major platforms and Chrome derivatives—update immediately! 🔗 <a href="https://cyberinsider.com/google-patches-actively-exploited-sandbox-escape-flaw-in-chrome/" rel="nofollow noopener" translate="no" target="_blank">https://cyberinsider.com/google-patches-actively-exploited-sandbox-escape-flaw-in-chrome/</a> <a href="https://mas.to/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#Cybersecurity</a> <a href="https://mas.to/tags/UpdateNow" class="mention hashtag" rel="nofollow noopener" target="_blank">#UpdateNow</a> <a href="https://mas.to/tags/Chrome" class="mention hashtag" rel="nofollow noopener" target="_blank">#Chrome</a> <a href="https://mas.to/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#ZeroDay</a> <a href="https://mas.to/tags/newz" class="mention hashtag" rel="nofollow noopener" target="_blank">#newz</a>

nemo™ 🇺🇦Achtung: Eine kritische Zero-Day-Lücke in Chrome ermöglicht Hackern das Ausbrechen aus der Sandbox! 🚨 Nutzer sollten jetzt sofort updaten, um sich vor Angriffen zu schützen. Mehr Infos dazu im Artikel von golem: <a href="https://www.golem.de/news/google-warnt-zero-day-luecke-in-chrome-laesst-hacker-aus-sandbox-ausbrechen-2507-198152.html" rel="nofollow noopener" translate="no" target="_blank">https://www.golem.de/news/google-warnt-zero-day-luecke-in-chrome-laesst-hacker-aus-sandbox-ausbrechen-2507-198152.html</a> 🔒 <a href="https://mas.to/tags/Chrome" class="mention hashtag" rel="nofollow noopener" target="_blank">#Chrome</a> <a href="https://mas.to/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#ZeroDay</a> <a href="https://mas.to/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://mas.to/tags/UpdateJetzt" class="mention hashtag" rel="nofollow noopener" target="_blank">#UpdateJetzt</a> <a href="https://mas.to/tags/newz" class="mention hashtag" rel="nofollow noopener" target="_blank">#newz</a>

Anonymous 🐈️🐾☕🍵🏴🇵🇸 :af:<a href="https://kolektiva.social/tags/Japan" class="mention hashtag" rel="nofollow noopener" target="_blank">#Japan</a>-based <a href="https://kolektiva.social/tags/NipponSteel" class="mention hashtag" rel="nofollow noopener" target="_blank">#NipponSteel</a> Solutions on Tuesday disclosed a data breach that resulted from the exploitation of a zero-day vulnerability. <a href="https://kolektiva.social/tags/CyberAttacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberAttacks</a> <a href="https://kolektiva.social/tags/DataBreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#DataBreach</a> <a href="https://kolektiva.social/tags/Zeroday" class="mention hashtag" rel="nofollow noopener" target="_blank">#Zeroday</a> <a href="https://www.securityweek.com/nippon-steel-subsidiary-blames-data-breach-on-zero-day-attack/" rel="nofollow noopener" translate="no" target="_blank">https://www.securityweek.com/nippon-steel-subsidiary-blames-data-breach-on-zero-day-attack/</a>

Mac King :mastodon:Zero Day Staffel 1 ✔️ <a href="https://toot.berlin/tags/serien" class="mention hashtag" rel="nofollow noopener" target="_blank">#serien</a> <a href="https://toot.berlin/tags/serienjunkie" class="mention hashtag" rel="nofollow noopener" target="_blank">#serienjunkie</a> <a href="https://toot.berlin/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#ZeroDay</a> <a href="https://anonsys.net/profile/filme_serien" class="u-url mention" rel="nofollow noopener" target="_blank">@filme_serien</a> <a href="https://www.imdb.com/title/tt23872886/?ref_=ext_shr_other" rel="nofollow noopener" translate="no" target="_blank">https://www.imdb.com/title/tt23872886/?ref_=ext_shr_other</a>

nemo™ 🇺🇦🚨 Google patches a critical V8 vulnerability in Chrome that's being actively exploited! Users urged to update ASAP to stay protected. The flaw (CVE-2025-6554) allows attackers to run code via malicious sites. 🔒💻 <a href="https://mas.to/tags/Chrome" class="mention hashtag" rel="nofollow noopener" target="_blank">#Chrome</a> <a href="https://mas.to/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://mas.to/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#ZeroDay</a> <a href="https://mas.to/tags/newz" class="mention hashtag" rel="nofollow noopener" target="_blank">#newz</a> Read more: <a href="https://cyberinsider.com/google-patches-actively-exploited-v8-vulnerability-in-chrome/" rel="nofollow noopener" translate="no" target="_blank">https://cyberinsider.com/google-patches-actively-exploited-v8-vulnerability-in-chrome/</a>

securityaffairs<a href="https://infosec.exchange/tags/China" class="mention hashtag" rel="nofollow noopener" target="_blank">#China</a>-linked group <a href="https://infosec.exchange/tags/Houken" class="mention hashtag" rel="nofollow noopener" target="_blank">#Houken</a> hit French organizations using zero-days <a href="https://securityaffairs.com/179602/apt/china-linked-group-houken-hit-french-organizations-using-zero-days.html" rel="nofollow noopener" translate="no" target="_blank">https://securityaffairs.com/179602/apt/china-linked-group-houken-hit-french-organizations-using-zero-days.html</a> <a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener" target="_blank">#securityaffairs</a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#hacking</a> <a href="https://infosec.exchange/tags/zeroday" class="mention hashtag" rel="nofollow noopener" target="_blank">#zeroday</a>

Anne Sverini ☀️Ich habe mir - zu kaum was anderem wegen der Hitze in der Lage - einige Episoden von <a href="https://troet.cafe/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#ZeroDay</a> angeschaut. Ich mag Robert de Niro. Ein klasse Schauspieler. DIe Episoden lassen mich immer wieder an Darth <a href="https://troet.cafe/tags/Trump" class="mention hashtag" rel="nofollow noopener" target="_blank">#Trump</a> denken. Auch so ein egomaner und selbstherrlicher Paranoiker - unfähig zur Selbstkritik. <a href="https://www.imdb.com/de/title/tt23872886/?ref_=nv_sr_srsg_0_tt_8_nm_0_in_0_q_zero%2520day" rel="nofollow noopener" translate="no" target="_blank">https://www.imdb.com/de/title/tt23872886/?ref_=nv_sr_srsg_0_tt_8_nm_0_in_0_q_zero%2520day</a>

Christoph SchmeesZero-Day Sicherheitsloch in Chrome/Chromium wird bereits ausgenutztÜberraschung! Google hat es wieder einmal geschafft, in Chrome eine Sicherheitslücke mit hohem Risiko einzubauen. Diese wird bereits für Angriffe ausgenutzt. Da die Lücke in der JavaScript-Maschine V8 steckt, sind auch Chromium und alle darauf aufbauenden Browser (z.B. Opera oder Vivaldi) betroffen.<a href="https://www.pc-fluesterer.info/wordpress/2025/07/01/zero-day-sicherheitsloch-in-chrome-chromium-wird-bereits-ausgenutzt/" rel="nofollow noopener" translate="no" target="_blank">https://www.pc-fluesterer.info/wordpress/2025/07/01/zero-day-sicherheitsloch-in-chrome-chromium-wird-bereits-ausgenutzt/</a><a href="https://social.tchncs.de/tags/Empfehlung" class="mention hashtag" rel="nofollow noopener" target="_blank">#Empfehlung</a> <a href="https://social.tchncs.de/tags/Warnung" class="mention hashtag" rel="nofollow noopener" target="_blank">#Warnung</a> <a href="https://social.tchncs.de/tags/0day" class="mention hashtag" rel="nofollow noopener" target="_blank">#0day</a> <a href="https://social.tchncs.de/tags/antisoziale" class="mention hashtag" rel="nofollow noopener" target="_blank">#antisoziale</a> <a href="https://social.tchncs.de/tags/browser" class="mention hashtag" rel="nofollow noopener" target="_blank">#browser</a> <a href="https://social.tchncs.de/tags/chrome" class="mention hashtag" rel="nofollow noopener" target="_blank">#chrome</a> <a href="https://social.tchncs.de/tags/google" class="mention hashtag" rel="nofollow noopener" target="_blank">#google</a> <a href="https://social.tchncs.de/tags/javascript" class="mention hashtag" rel="nofollow noopener" target="_blank">#javascript</a> <a href="https://social.tchncs.de/tags/sicherheit" class="mention hashtag" rel="nofollow noopener" target="_blank">#sicherheit</a> <a href="https://social.tchncs.de/tags/zeroday" class="mention hashtag" rel="nofollow noopener" target="_blank">#zeroday</a>

Marcel SIneM(S)US<a href="https://social.tchncs.de/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#ZeroDay</a>: <a href="https://social.tchncs.de/tags/Bluetooth" class="mention hashtag" rel="nofollow noopener" target="_blank">#Bluetooth</a>-Lücke macht Millionen Kopfhörer zu Abhörstationen | Security <a href="https://www.heise.de/news/Zero-Day-Bluetooth-Luecke-macht-Millionen-Kopfhoerer-zu-Abhoerstationen-10457857.html" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/news/Zero-Day-Bluetooth-Luecke-macht-Millionen-Kopfhoerer-zu-Abhoerstationen-10457857.html</a> <a href="https://social.tchncs.de/tags/Exploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#Exploit</a> <a href="https://social.tchncs.de/tags/Datenschutz" class="mention hashtag" rel="nofollow noopener" target="_blank">#Datenschutz</a> <a href="https://social.tchncs.de/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#privacy</a> <a href="https://social.tchncs.de/tags/surveillance" class="mention hashtag" rel="nofollow noopener" target="_blank">#surveillance</a> <a href="https://social.tchncs.de/tags/%C3%9Cberwachung" class="mention hashtag" rel="nofollow noopener" target="_blank">#Überwachung</a>

Scripter :verified_flashing:Zero-Day: Bluetooth-Lücke macht Millionen Kopfhörer zu Abhörstationen | heise online <a href="https://www.heise.de/news/Zero-Day-Bluetooth-Luecke-macht-Millionen-Kopfhoerer-zu-Abhoerstationen-10457857.html" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/news/Zero-Day-Bluetooth-Luecke-macht-Millionen-Kopfhoerer-zu-Abhoerstationen-10457857.html</a> <a href="https://social.tchncs.de/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#ZeroDay</a> <a href="https://social.tchncs.de/tags/BluetoothKopfh%C3%B6rer" class="mention hashtag" rel="nofollow noopener" target="_blank">#BluetoothKopfhörer</a> <a href="https://social.tchncs.de/tags/Sicherheitsl%C3%BCcke" class="mention hashtag" rel="nofollow noopener" target="_blank">#Sicherheitslücke</a>

CryptGoat<a href="https://fedifreu.de/tags/Bluetooth" class="mention hashtag" rel="nofollow noopener" target="_blank">#Bluetooth</a> was a mistake: Millions of Bluetooth headphones can potentially be turned in eavesdropping devices. Best-seller <a href="https://fedifreu.de/tags/Sony" class="mention hashtag" rel="nofollow noopener" target="_blank">#Sony</a> and <a href="https://fedifreu.de/tags/Bose" class="mention hashtag" rel="nofollow noopener" target="_blank">#Bose</a> <a href="https://fedifreu.de/tags/headphones" class="mention hashtag" rel="nofollow noopener" target="_blank">#headphones</a> are affected by at least some of the disclosed flaws among many others. The true dimension of these flaws is yet unknown as the the vulnerable component is very widely in use under different names.<a href="https://www.heise.de/en/news/Zero-day-Bluetooth-gap-turns-millions-of-headphones-into-listening-stations-10460704.html" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/en/news/Zero-day-Bluetooth-gap-turns-millions-of-headphones-into-listening-stations-10460704.html</a>Disclosure of the vulnerabilities: <a href="https://insinuator.net/2025/06/airoha-bluetooth-security-vulnerabilities/" rel="nofollow noopener" translate="no" target="_blank">https://insinuator.net/2025/06/airoha-bluetooth-security-vulnerabilities/</a>No updates or official statements available yet. ☠️ <a href="https://fedifreu.de/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://fedifreu.de/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#Privacy</a> <a href="https://fedifreu.de/tags/Audio" class="mention hashtag" rel="nofollow noopener" target="_blank">#Audio</a> <a href="https://fedifreu.de/tags/Airoha" class="mention hashtag" rel="nofollow noopener" target="_blank">#Airoha</a> <a href="https://fedifreu.de/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#ZeroDay</a>

CryptGoat<a href="https://fedifreu.de/tags/Bluetooth" class="mention hashtag" rel="nofollow noopener" target="_blank">#Bluetooth</a> was a mistake: "Zero-Day: Bluetooth-Lücke macht Millionen Kopfhörer zu Abhörstationen" <a href="https://www.heise.de/news/Zero-Day-Bluetooth-Luecke-macht-Millionen-Kopfhoerer-zu-Abhoerstationen-10457857.html" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/news/Zero-Day-Bluetooth-Luecke-macht-Millionen-Kopfhoerer-zu-Abhoerstationen-10457857.html</a>Da sind u.a. extrem beliebte <a href="https://fedifreu.de/tags/Sony" class="mention hashtag" rel="nofollow noopener" target="_blank">#Sony</a> und <a href="https://fedifreu.de/tags/Bose" class="mention hashtag" rel="nofollow noopener" target="_blank">#Bose</a>, <a href="https://fedifreu.de/tags/Kopfh%C3%B6rer" class="mention hashtag" rel="nofollow noopener" target="_blank">#Kopfhörer</a> betroffen. Updates gibt es noch keine. ☠️ <a href="https://fedifreu.de/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://fedifreu.de/tags/Headphones" class="mention hashtag" rel="nofollow noopener" target="_blank">#Headphones</a> <a href="https://fedifreu.de/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#ZeroDay</a> <a href="https://fedifreu.de/tags/Audio" class="mention hashtag" rel="nofollow noopener" target="_blank">#Audio</a> <a href="https://fedifreu.de/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#Privacy</a>

Frühere Suchanfragen

Suchoptionen

Verwaltet von:

Serverstatistik:

#zeroday