Microsoft
SecScore ●●●○○ 21.05. 18:00
Microsoft Security’s latest updates extend visibility, control, and protection across expanding ecosystems as organizations accelerate AI adoption.
The post What’s new in Microsoft Security: May 2026 appeared first on M…
Microsoft Security
Malware
SecScore ●○○○○ 21.05. 17:30
Unit 42 analyzes npm supply chain evolution post-Shai Hulud. Discover wormable malware, CI/CD persistence, multi-stage attacks and more.
The post The npm Threat Landscape: Attack Surface and Mitigations (Updated May 21…
Unit 42
CVE
SecScore ●●●○○ 21.05. 16:00
Fixed a typographical error. This is an information change only.
MSRC Advisories
CVE
SecScore ●●●○○ 21.05. 16:00
Added a script to implement a mitigation and removed the manual mitigations. Please read the information to decide if you need to run the provided script.
MSRC Advisories
APT
SecScore ●●●○○ 21.05. 16:00
A Chinese cyber-espionage campaign has been targeting telecommunications providers with newly discovered Linux and Windows malware dubbed Showboat and JFMBackdoor, respectively. [...]
BleepingComputer
CVE
SecScore ●●●○○ 21.05. 15:09
A virtual private network service called 'First VPN,' used in ransomware and data theft attacks, has been taken offline in a joint international law enforcement operation. [...]
BleepingComputer
CVE
SecScore ●●●●● 21.05. 12:55
Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation in the wild.
The former, tracked as CVE-2026-41091, is rated 7.8 on the CVSS scoring syste…
The Hacker News
Microsoft
SecScore ●●●○○ 21.05. 12:30
Consider a cached access key on a single Windows machine. It got there the way most cached credentials do - a user logged in, and the key stored itself automatically. Standard AWS behavior. No one misconfigured anything…
The Hacker News
CVE
SecScore ●●●○○ 21.05. 10:39
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 21.05. 10:03
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 21.05. 10:03
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 21.05. 10:03
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 21.05. 10:03
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 21.05. 10:03
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 21.05. 10:02
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 21.05. 10:02
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 21.05. 10:02
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 21.05. 10:02
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 21.05. 10:02
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 21.05. 10:02
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 21.05. 10:02
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 21.05. 10:02
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 21.05. 10:02
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 21.05. 10:02
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 21.05. 10:01
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 21.05. 10:01
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 21.05. 10:01
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 21.05. 10:01
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 21.05. 10:01
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 21.05. 10:01
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 21.05. 10:01
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 21.05. 10:01
Information published.
MSRC Advisories
CVE
SecScore ●●●●● 21.05. 09:49
On Wednesday, Microsoft started rolling out security patches for two Defender vulnerabilities that have been exploited in zero-day attacks. [...]
BleepingComputer
Microsoft
SecScore ●●○○○ 21.05. 08:00
Eine vertiefte Plattform-Kopplung und agentenbasierte Workflows verbinden SAP-Geschäftsprozesse direkt mit der Microsoft-Cloud-Infrastruktur.
MS Techwiese
CVE
SecScore ●●●●○ 21.05. 05:45
In January 2021, the parody site Windows93 suffered a data breach of the Myspace93 sub-site after a beta application was exploited to download server files. The compromised data was later leaked in June and included 46k…
HaveIBeenPwned
CVE
SecScore ●●●●● 20.05. 23:19
Threat actors brute-forced VPN credentials and bypassed multi-factor authentication (MFA) on SonicWall Gen6 SSL-VPN appliances to deploy tools used in ransomware attacks. [...]
BleepingComputer
Breach
SecScore ●●●○○ 20.05. 19:48
Compromised @antv npm packages deploy the Mini Shai-Hulud payload to steal CI/CD secrets from Linux-based automation environments. The malware executes during npm install and targets credentials across GitHub, AWS, Kube…
Microsoft Security
CVE
SecScore ●●●○○ 20.05. 19:06
Microsoft has unveiled two new open-source tools called RAMPART and Clarity to assist developers in better testing the security of artificial intelligence (AI) agents.
RAMPART, short for Risk Assessment and Measurement…
The Hacker News
Microsoft
SecScore ●●●○○ 20.05. 18:00
Read about the unique challenges and rewards of securing gaming platforms and how to better protect gaming communities.
The post Securing the gaming culture of cultures appeared first on Microsoft Security Blog.
Microsoft Security
CVE
SecScore ●●●○○ 20.05. 17:00
The AI systems shipping inside enterprises today are fundamentally different from the ones we were building even two years ago, because they have moved well past answering questions and into accessing your email, retrie…
Microsoft Security
Ransomware
SecScore ●●●●○ 20.05. 16:36
Microsoft on Tuesday said it disrupted a malware-signing-as-a-service (MSaaS) operation that weaponized the company's Artifact Signing system to deliver malicious code and conduct ransomware and other attacks, compromis…
The Hacker News
CVE
SecScore ●●●●○ 20.05. 16:00
Today's changes were made in error and have been reverted. This is an informational change only.
MSRC Advisories
CVE
SecScore ●●●●○ 20.05. 16:00
The security impact for this vulnerability has been revised from Critical to Important. In addition, the CVSS vector and FAQs were modified. This change does not affect the available security updates. Customers should …
MSRC Advisories
APT
SecScore ●●●○○ 20.05. 14:51
Cybersecurity researchers have flagged fresh activity from a China-aligned threat actor known as Webworm in 2025, deploying custom backdoors that employ Discord and Microsoft Graph API for command-and-control (C2 or C&a…
The Hacker News
CVE
SecScore ●●●●● 20.05. 14:00
CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
CVE-2008-4250 Microsoft Windows Buffer Overflow Vulnerability
CVE-2009-1537 Micro…
CISA Advisories
CVE
SecScore ●●●○○ 20.05. 13:38
GitHub on Tuesday said it's investigating unauthorized access to its internal repositories after the notorious threat actor known as TeamPCP listed the platform's source code and internal organizations for sale on a cyb…
The Hacker News
CVE
SecScore ●●●○○ 20.05. 12:52
PinTheft, a recently patched Linux privilege escalation vulnerability, now has a publicly available proof-of-concept (PoC) exploit that allows local attackers to gain root privileges on Arch Linux systems. [...]
BleepingComputer
Malware
SecScore ●○○○○ 20.05. 12:00
Unit 42 analyzes TamperedChef malware clusters that use trojanized productivity apps and malvertising to deliver stealthy payloads to targets.
The post Tracking TamperedChef Clusters via Certificate and Code Reuse appe…
Unit 42
CVE
SecScore ●●●○○ 20.05. 10:40
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 20.05. 10:39
Information published.
MSRC Advisories
CVE
SecScore ●●●●● 20.05. 10:28
Microsoft on Tuesday released a mitigation for a BitLocker bypass vulnerability named YellowKey following its public disclosure last week.
The zero-day flaw, now tracked as CVE-2026-45585, carries a CVSS score of 6.8. …
The Hacker News
CVE
SecScore ●●●○○ 20.05. 10:01
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 20.05. 10:01
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 20.05. 10:01
Information published.
MSRC Advisories
Microsoft
SecScore ●●○○○ 20.05. 08:00
Drei fundamentale technologische Verschiebungen definieren die Daten- und Anwendungsarchitektur für datenintensive KI-Systeme neu.
MS Techwiese
APT
SecScore ●●●○○ 19.05. 17:07
Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other cybercriminals, including Vanilla Tempest and Storm groups, to more effectively distribute malicious cod…
Microsoft Security
CVE
SecScore ●●●●○ 19.05. 16:56
Proof-of-concept (PoC) exploit code has now been released for a recently patched security flaw in the Linux kernel that could allow for local privilege escalation (LPE).
Dubbed DirtyDecrypt (aka DirtyCBC), the vulnerabi…
The Hacker News
CVE
SecScore ●●●●● 19.05. 16:00
Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best pra…
MSRC Advisories
Breach
SecScore ●●●●○ 19.05. 13:30
In February 2026, a phishing-as-a-service (PhaaS) platform called EvilTokens went live. Within five weeks, it had compromised more than 340 Microsoft 365 organizations across five countries.
The targets of the pl…
The Hacker News
CVE
SecScore ●●●●○ 19.05. 11:23
Critical security vulnerabilities have been disclosed in SEPPMail Secure E-Mail Gateway, an enterprise-grade email security solution, that could be exploited to achieve remote code execution and enable an attacker to re…
The Hacker News
CVE
SecScore ●●●○○ 19.05. 10:43
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 19.05. 10:42
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 19.05. 10:39
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 19.05. 10:01
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 19.05. 10:01
Information published.
MSRC Advisories
CVE
SecScore ●●●○○ 19.05. 10:01
Information published.
MSRC Advisories
Microsoft
SecScore ●●○○○ 19.05. 08:00
Microsoft vertieft das Engagement im PostgreSQL-Ökosystem durch signifikante Upstream-Beiträge, KI-Integrationen und spezialisierte Deployment-Modelle.
MS Techwiese
APT
SecScore ●●●○○ 19.05. 07:28
In yet another software supply chain attack, threat actors have compromised the popular GitHub Actions workflow, actions-cool/issues-helper, to run malicious code that harvests sensitive credentials and exfiltrates them…
The Hacker News
Breach
SecScore ●●●○○ 19.05. 06:54
Cybersecurity researchers have discovered a fresh software supply chain attack campaign that has compromised various npm packages associated with the @antv ecosystem as part of the ongoing Mini Shai-Hulud attack wave.
…
The Hacker News
CVE
SecScore ●●●○○ 19.05. 02:00
Brute-force attempts against SMB services can be early signs of an attackCategories: Threat ResearchTags: Ransomware, WantToCry, SMB
Sophos X-Ops
CVE
SecScore ●●●●○ 19.05. 00:42
Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft without using malware. This incident shows how threat actors can exploit trusted systems to operat…
Microsoft Security
Microsoft
SecScore ●●●○○ 18.05. 18:00
See how built-in security helps keep your growing business running, protect customer trust, and support growth.
The post How to better protect your growing business in an AI-powered world appeared first on Microsoft Sec…
Microsoft Security
CVE
SecScore ●●●●○ 18.05. 15:50
Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were poisoned. A fake model page pushed a stealer. Then came the familiar ransom claim: …
The Hacker News
Phishing
SecScore ●●●○○ 18.05. 15:00
What happens when a phishing email looks clean enough to pass through security, but dangerous enough to expose the business after one click? That is the gap many SOCs still struggle with: the attacks that leave teams un…
The Hacker News
Microsoft
SecScore ●●○○○ 18.05. 14:24
Dieses E-Book zeigt, warum digitale Souveränität zur zentralen Führungsaufgabe wird und welche Fragen Unternehmen jetzt stellen müssen, um Innovation, Compliance und Kontrolle in Balance zu bringen.
MS Techwiese
CVE
SecScore ●●●○○ 18.05. 12:54
Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code.
Topping the list is a critical f…
The Hacker News
CVE
SecScore ●●●●● 18.05. 10:57
Chaotic Eclipse, the security researcher behind the recently disclosed Windows flaws, YellowKey and GreenPlasma, has released a proof-of-concept (PoC) for a Windows privilege escalation zero-day flaw that grants attacke…
The Hacker News
Microsoft
SecScore ●●○○○ 18.05. 07:38
Neuigkeiten vom Red Hat Summit 2026 zu Virtualisierung, Zero-Trust-Sicherheit und GPU-Infrastruktur für den produktiven KI-Einsatz auf Azure.
MS Techwiese
CVE
SecScore ●●●●○ 17.05. 13:57
A newly disclosed security flaw impacting NGINX Plus and NGINX Open has come under active exploitation in the wild, days after its public disclosure, according to VulnCheck.
The vulnerability, tracked as CVE-2026-42945 …
The Hacker News
CVE
SecScore ●●●○○ 16.05. 17:20
A critical security vulnerability impacting the
Funnel Builder
plugin for WordPress has come under active exploitation in the wild to
inject malicious JavaScript code
into WooCommerce checkout pages with the goa…
The Hacker News
CVE
SecScore ●●●●● 15.05. 14:00
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
CVE-2026-42897 Microsoft Exchange Server Cross-Site Scripting Vulnerability
This typ…
CISA Advisories
CVE
SecScore ●○○○○ 15.05. 12:00
Unit 42 analyzes the evolution of Gremlin stealer. This variant uses advanced obfuscation, crypto clipping and session hijacking to compromise data.
The post Gremlin Stealer's Evolved Tactics: Hiding in Plain Sight…
Unit 42
CVE
SecScore ●●●●● 15.05. 08:19
Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild.
The vulnerability, tracked as CVE-2026-42897 (CVSS score…
The Hacker News
Microsoft
SecScore ●●○○○ 15.05. 07:39
Das fünftägige Digital-Event bietet IT-Pros und Developern praxisnahe Strategien für die Implementierung von Agentic AI und modernen Dateninfrastrukturen.
MS Techwiese
CVE
SecScore ●●●○○ 15.05. 07:28
The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited Vulnerabilities (KEV) catalog, requirin…
The Hacker News
CVE
SecScore ●●●●○ 14.05. 18:02
Cisco Talos is tracking the active exploitation of CVE-2026-20182, an authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN v…
Talos Intelligence
Microsoft
SecScore ●●●○○ 14.05. 18:00
As AI agents gain autonomy, defense in depth must evolve, with application-layer design, identity, and human oversight at the center.
The post Defense in depth for autonomous AI agents appeared first on Microsoft Securi…
Microsoft Security
APT
SecScore ●●●○○ 14.05. 17:00
Kazuar, a sophisticated malware family attributed to the Russian state actor Secret Blizzard, has been under constant development for years and continues to evolve in support of espionage-focused operations. Over time, …
Microsoft Security
CVE
SecScore ●●●●○ 14.05. 16:20
Exposed UIs, weak authentication, and risky defaults could turn cloud-native AI apps on Kubernetes into potential targets by threat actors. Learn how exploitable misconfigurations lead to RCE and data leaks.
The post Wh…
Microsoft Security
Blog
SecScore ●○○○○ 14.05. 05:49
Today, we welcome the 44th government onboarded to Have I Been Pwned’s free gov service: The Bahamas. The National Computer Incident Response Team of The Bahamas, CIRT-BS, now has access to monitor government dom…
Troy Hunt
Microsoft
SecScore ●●○○○ 13.05. 07:38
Azure IaaS implementiert eine mehrschichtige Sicherheitsarchitektur basierend auf der Secure Future Initiative für umfassenden Schutz von Infrastruktur-Workloads.
MS Techwiese
CVE
SecScore ●●●○○ 13.05. 02:00
With advisories, this month’s count approaches 300 – though many are already in placeCategories: Threat Research, X-opsTags: Patch Tuesday, MICROSOFT PATCH TUESDAY
Sophos X-Ops
CVE
SecScore ●●●○○ 12.05. 21:57
Microsoft has released its monthly security update for May 2026, which includes 137 vulnerabilities affecting a range of products, including 16 that Microsoft marked as “critical”.
Talos Intelligence
Microsoft
SecScore ●●○○○ 12.05. 07:35
Die Microsoft Build 2026 rückt die Entwicklung und Skalierung von Agenten-Workflows sowie Multi-Model-Systemen für die globale Developer-Community in den Mittelpunkt.
MS Techwiese
CVE
SecScore ●●●○○ 12.05. 02:00
How the unique anti-exploitation capabilities included with Sophos Endpoint blocked a supply chain attack.Categories: Products & ServicesTags: Endpoint, Sophos Endpoint, Exploits
Sophos X-Ops
CVE
SecScore ●●●○○ 12.05. 00:00
Unit 42 analyzes AD CS exploitation through template misconfigurations and shadow credential misuse while offering behavioral detection for defenders.
The post Inside AD CS Escalation: Unpacking Advanced Misuse Techniqu…
Unit 42
CVE
SecScore ●●●●● 11.05. 16:05
The EtherRAT malware family was first reported by Sysdig back in December 2025. At that time, the initial access vector was exploitation of CVE-2025-55182 (React2Shell) targeting Linux servers. In March 2026, a Windows …
The DFIR Report
Microsoft
SecScore ●●●○○ 11.05. 07:32
Agent 365 ermöglicht die herstellerübergreifende Observability, Governance und Absicherung von KI-Agenten.
MS Techwiese
CVE
SecScore ●●●○○ 08.05. 07:29
Was hat sich in der vergangenen Woche für Developer und IT-Pros getan? Was waren die wichtigsten Ankündigungen? Gab es neue Lernressourcen? Unser TechWiese-Team hat jede Menge Links für dich zusammengestellt.
MS Techwiese
Microsoft
SecScore ●●●○○ 07.05. 10:24
KI skalieren, Daten vereinheitlichen, souverän in der Cloud agieren: Die Microsoft Cloud & AI Frontier Week bringt vom 22. bis 26. Juni 2026 spannende Sessions direkt auf deinen Rechner.
MS Techwiese
Microsoft
SecScore ●●○○○ 07.05. 08:31
Unternehmen können nun eigene Modell-Gateways wie Azure API Management direkt mit dem Foundry Agent Service verbinden.
MS Techwiese
CVE
SecScore ●●●●● 07.05. 02:00
Unit 42 details CVE-2026-0300, a buffer overflow vulnerability in the PAN-OS User-ID Authentication Portal. Read now for details.
The post Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticate…
Unit 42
CVE
SecScore ●○○○○ 06.05. 02:14
It's a fascinating display of leverage: the ShinyHunters folks, with very limited resources and experience (their demographic will be teenagers to their early 20s), consistently gaining access to the data of massiv…
Troy Hunt
CVE
SecScore ●○○○○ 06.05. 01:00
Copy Fail (CVE-2026-31431) is a critical Linux kernel LPE that allows stealthy root access. This flaw impacts millions of systems. Read our analysis.
The post Copy Fail: What You Need to Know About the Most Severe Linux…
Unit 42
Microsoft
SecScore ●●●○○ 04.05. 18:00
Security for cloud infrastructure is no longer defined by a single control, product, or boundary. Modern threats target identity, software supply chains, control planes, networks, and data simultaneously.
The post Azure…
Azure Security Blog
CVE
SecScore ●●●○○ 04.05. 08:24
Das Update 2604 ermöglicht die unabhängige Skalierung von Compute- und Storage-Ressourcen sowie die Integration bestehender SAN-Infrastrukturen in Azure-konsistente Umgebungen.
MS Techwiese
CVE
SecScore ●○○○○ 02.05. 01:00
Unit 42 highlights the need for a comprehensive security strategy that spans every IT zone. Explore the full details here.
The post Essential Data Sources for Detection Beyond the Endpoint appeared first on Unit 42.
Unit 42
CVE
SecScore ●○○○○ 01.05. 00:00
Unit 42 uncovers high-risk AI browser extensions. Disguised as productivity tools, they steal data, intercept prompts, and exfiltrate passwords. Protect your browser.
The post That AI Extension Helping You Write Emails?…
Unit 42
CVE
SecScore ●●●○○ 30.04. 20:00
As cloud workloads become more agentic and AI systems handle increasingly sensitive data, trust must be engineered directly into infrastructure. Azure Integrated HSM brings hardware‑enforced key protection into Azure, e…
Azure Security Blog
Microsoft
SecScore ●●●○○ 30.04. 08:28
Eine neue, zentralisierte Ingestion-Ebene optimiert Durchsatz, Ausfallsicherheit und Kosten für großflächige Observability-Szenarien.
MS Techwiese
APT
SecScore ●●○○○ 29.04. 12:00
Just as AI brings time-saving advantages to our lives, it brings similar advantages to threat actors. We can take the advantage back. This blog shows how generative AI can be used to rapidly deploy adaptive honeypot sys…
Talos Intelligence
Microsoft
SecScore ●●○○○ 28.04. 15:23
With attackers moving faster than ever, it’s easy to feel overwhelmed. This blog breaks down five practical priorities from the Cisco Talos 2025 Year in Review to help defenders focus and prioritize, amidst all the nois…
Talos Intelligence
Microsoft
SecScore ●○○○○ 27.04. 08:25
Strategien zur effizienten Verwaltung von Cloud-Ausgaben und zur Maximierung von KI-Investitionen.
MS Techwiese
Microsoft
SecScore ●●○○○ 24.04. 22:30
Unit 42 research reports that TGR-STA-1030 remains an active threat, particularly in Central and South America.
The post TGR-STA-1030: New Activity in Central and South America appeared first on Unit 42.
Unit 42
Microsoft
SecScore ●●○○○ 24.04. 08:28
Ein Blick auf die Microsoft Build 2026 mit Sessions zu KI-Agenten, Cloud-Plattformen und moderner Softwareentwicklung – inklusive Keynote, Highlights und Teilnahmeoptionen.
MS Techwiese
CVE
SecScore ●○○○○ 24.04. 08:21
Was hat sich in der vergangenen Woche für Developer und IT-Pros getan? Was waren die wichtigsten Ankündigungen? Gab es neue Lernressourcen? Unser TechWiese-Team hat jede Menge Links für dich zusammengestellt.
MS Techwiese
APT
SecScore ●●●○○ 23.04. 17:50
DoublePulsar
Advisory
SecScore ●○○○○ 23.04. 14:00
New advisory highlights how to defend against attacker tactics believed to be used by China-linked actors to hide malicious cyber activity.
NCSC UK
Microsoft
SecScore ●●○○○ 22.04. 08:25
Das stabile Release von Azure MCP Server 2.0 ermöglicht den Betrieb als selbstghosteter, remote verwalteter Server für sichere agentische Workflows.
MS Techwiese
CVE
SecScore ●●○○○ 20.04. 12:00
Unit 42 finds frontier AI models enhance vulnerability discovery, acting as full-spectrum security researchers. They enable autonomous zero-day discovery and faster N-day patching.
The post Fracturing Software Security …
Unit 42
Microsoft
SecScore ●●○○○ 20.04. 08:21
Das Smart Tier reduziert den Verwaltungsaufwand für komplexe Lifecycle-Regeln und sorgt für eine höhere Vorhersehbarkeit der Speicherkosten.
MS Techwiese
Phishing
SecScore ●●●○○ 18.04. 00:35
Unit 42 details recent Iranian cyberattack activity, sharing direct observations of phishing, hacktivist activity and cybercrime. We include recommendations for defenders.
The post Threat Brief: Escalation of Cyber Risk…
Unit 42
CVE
SecScore ●●●●○ 17.04. 07:53
Was hat sich in der vergangenen Woche für Developer und IT-Pros getan? Was waren die wichtigsten Ankündigungen? Gab es neue Lernressourcen? Unser TechWiese-Team hat jede Menge Links für dich zusammengestellt.
MS Techwiese
CVE
SecScore ●●●○○ 17.04. 00:00
CVE-2023-33538 allows for command injection in TP-Link routers. We discuss exploitation attempts with payloads characteristic of Mirai botnet malware.
The post A Deep Dive Into Attempted Exploitation of CVE-2023-33538 a…
Unit 42
Microsoft
SecScore ●●○○○ 16.04. 09:00
Foundry Local ermöglicht die Bereitstellung von KI-Features ohne externe Abhängigkeiten oder komplexe Setup-Prozesse auf lokalen Umgebungen.
MS Techwiese
Microsoft
SecScore ●●●●○ 15.04. 12:40
BSI
Microsoft
SecScore ●●○○○ 15.04. 08:30
Integrierte Funktionen in Compute, Storage und Networking ermöglichen den Aufbau einer ausfallsicheren Infrastruktur durch Isolation, Redundanz und automatisierte Wiederherstellung.
MS Techwiese
CVE
SecScore ●●●●● 14.04. 23:47
Microsoft today pushed software updates to fix a staggering 167 security vulnerabilities in its Windows operating systems and related software, including a SharePoint Server zero-day and a publicly disclosed weakness in…
Krebs on Security
CVE
SecScore ●●●●○ 10.04. 08:19
Was hat sich in der vergangenen Woche für Developer und IT-Pros getan? Was waren die wichtigsten Ankündigungen? Gab es neue Lernressourcen? Unser TechWiese-Team hat jede Menge Links für dich zusammengestellt.
MS Techwiese
Microsoft
SecScore ●●○○○ 08.04. 08:54
Von Copilot zu autonomen Agenten: Informiere dich zu den wichtigsten Technologien und wie du sie beim Agentic AI & DevOps Day in München direkt praktisch erlebst.
MS Techwiese
CVE
SecScore ●●●○○ 07.04. 14:00
New advisory warns cyber threat group APT28 have exploited vulnerable edge devices to support malicious operations.
NCSC UK
CVE
SecScore ●●●○○ 07.04. 14:00
Russian cyber actor APT28 exploit vulnerable routers to hijack DNS, enabling adversary‑in‑the‑middle attacks and theft of passwords and authentication tokens.
NCSC UK
Microsoft
SecScore ●○○○○ 07.04. 08:00
Digitale Souveränität ohne Innovationsbremse: Erfahre in unseren Events, wie moderne Cloud-Architekturen Compliance und Skalierbarkeit verbinden, von der Strategie bis zur Praxis.
MS Techwiese
Microsoft
SecScore ●●●○○ 01.04. 18:00
Azure IaaS provides foundational capabilities across compute, storage, and networking to help organizations stay resilient.
The post Azure IaaS: Keep critical applications running with built-in resiliency at scale appea…
Azure Security Blog
CVE
SecScore ●●○○○ 30.03. 14:00
The NCSC is encouraging UK organisations to mitigate an unauthenticated remote code execution vulnerability affecting F5 BIG-IP Access Policy Manager.
NCSC UK
Microsoft
SecScore ●●●●○ 25.03. 12:10
BSI
CVE
SecScore ●●●●○ 04.03. 18:00
As organizations accelerate digital transformation, infrastructure decisions increasingly shape how quickly teams can adopt AI, how reliably applications operate at global scale, and how effectively businesses respond t…
Azure Security Blog
CVE
SecScore ●○○○○ 25.02. 13:00
Agencies strongly encourage immediate investigation of potential compromise of Cisco Catalyst SD-WAN.
NCSC UK
CVE
SecScore ●●●○○ 23.02. 15:09
Key Takeaways An audio version of this report can be found on Spotify, Apple, YouTube, Audible, & Amazon.  This intrusion began in mid-February 2024 after a threat actor exploited a vul…
The DFIR Report
Microsoft
SecScore ●●●○○ 17.02. 17:00
Modern cloud systems are expected to deliver more than uptime. Customers expect consistent performance, the ability to withstand disruption, and confidence that recovery is predictable and intentional.
The post Azure re…
Azure Security Blog
CVE
SecScore ●●●○○ 13.02. 11:25
BSI
CVE
SecScore ●○○○○ 10.12. 13:00
NCSC raises alert on “dangerous” misunderstanding of emergent class of vulnerability in generative artificial intelligence (AI) applications.
NCSC UK
Ransomware
SecScore ●○○○○ 21.11. 00:55
DoublePulsar
APT
SecScore ●●●○○ 05.11. 08:00
We continue to adapt our sovereignty approach—innovating to meet customer needs and regulatory requirements within our Sovereign Public Cloud and Sovereign Private Cloud. We are announcing a new wave of capabilities, bu…
Azure Security Blog
Ransomware
SecScore ●●●●○ 04.11. 22:30
Overview Bumblebee malware has been an initial access tool used by threat actors since late 2021. In 2023 the malware was first reported as using SEO poisoning as a delivery mechanism. Recently in May of 2025 Cyjax repo…
The DFIR Report
APT
SecScore ●○○○○ 03.11. 19:44
DoublePulsar
Microsoft
SecScore ●●●○○ 03.11. 18:00
Microsoft is announcing the preview of Signing Transparency to address software supply chain threats that traditional code signing alone cannot fully prevent, building on the Zero Trust principle of “never trust, always…
Azure Security Blog
Microsoft
SecScore ●●●○○ 28.10. 11:20
BSI
Microsoft
SecScore ●●●○○ 27.10. 12:10
BSI
Microsoft
SecScore ●●●○○ 23.10. 12:01
DoublePulsar
Microsoft
SecScore ●●●○○ 14.10. 20:00
Oracle Database@Azure adds new AI-ready features, expands to 33 regions, and launches new partner and migration programs.
The post Oracle Database@Azure offers new features, regions, and programs to unlock data and AI i…
Azure Security Blog
CVE
SecScore ●●●●● 04.08. 10:15
BSI
Microsoft
SecScore ●●●●○ 01.07. 17:00
Forrester Research shows how Azure helps enterprises scale generative AI securely, overcoming infrastructure and compliance challenges to unlock real business value.
The post Building secure, scalable AI in the cloud wi…
Azure Security Blog
Microsoft
SecScore ●●●○○ 05.06. 17:00
Defend your AI systems with Prompt Shields—a unified API that analyzes inputs to your LLM-based solution to guard against direct and indirect threats.
The post Enhance AI security with Azure Prompt Shields and Azure AI …
Azure Security Blog
CVE
SecScore ●●●○○ 19.05. 02:05
Key Takeaways The DFIR Report Services Table of Contents: Case Summary In late June 2024, an unpatched Confluence server was compromised via CVE-2023-22527, a template injection vulnerability, first from IP address 45.2…
The DFIR Report
Microsoft
SecScore ●●●●○ 14.01. 19:45
BSI