KI in der Cybersicherheit: Gekommen, um zu bleiben
Post Content
Similar Posts
Stellantis detects breach at third-party provider for North American customers
Bys sReuters reports: Stellantis detected unauthorized access to a third-party service provider’s platform that supports its North American customer service operations, the company said in a statement on Sunday. The automaker said the incident, which is under investigation, exposed only basic contact information and did not involve financial details or sensitive personal data. Stellantis did not……
Two agencies in one state investigated and fined Healthplex. Was that one too many?
Bys sDataBreaches is generally a great fan of state attorneys general taking enforcement action stemming from data breaches where the security was really subpar or the entity did not notify those affected in a reasonable amount of time. But two enforcement actions in New York have me wondering if the state has been a bit unfair……
Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation
Bys sA recently disclosed high-severity security flaw in Apache ActiveMQ Classic has come under active exploitation in the wild, per the U.S. Cybersecurity and Infrastructure Security Agency (CISA). To that end, the agency has added the vulnerability, tracked as CVE-2026-34197 (CVSS score: 8.8), to its Known Exploited Vulnerabilities (KEV) catalog, requiring Federal Civilian
Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials
Bys sA large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services (AWS) secrets, shell command history, Stripe API keys, and GitHub tokens at scale. Cisco Talos has attributed the operation to a threat cluster it tracks as
Hong Kong issues Code of Practice under the Protection of Critical Infrastructures (Computer Systems) Ordinance
Bys sGabriela Kennedy, Joanna K.C. Wong, and Roslie Liu of Mayer|Brown write: On 1 January 2026, the Office of the Commissioner of Critical Infrastructure (Computer-system Security) issued a Code of Practice (the “CoP”) under the Protection of Critical Infrastructures (Computer Systems) Ordinance (Cap. 653) (the “Ordinance”), which came into force on the same day (see our……
Apple Warns French Users of Fourth Spyware Campaign in 2025, CERT-FR Confirms
Bys sApple has notified users in France of a spyware campaign targeting their devices, according to the Computer Emergency Response Team of France (CERT-FR). The agency said the alerts were sent out on September 3, 2025, making it the fourth time this year that Apple has notified citizens in the county that at least one of…