NEU Microsoft
23 20th April – Threat Intelligence Report
Multiple zero-days (BlueHammer, RedSun, UnDefend) in Microsoft Defender are being actively exploited, requiring immediate patching.
Niedrig
Was hat sich geändert?
Vergleich von 20. April 2026 mit dem Vortag 13. April 2026.
Neu hinzugekommen
7 NEU Linux
20 CVE-2026-31430
The vulnerability can be triggered by an unprivileged user via the keyrings API, enabling local privilege escalation.
Niedrig
EPSS
0%
NEU Microsoft
0 Ungepatchte Windows-Zero-Days RedSun, UnDefend und BlueHammer werden attackiert
Describes active exploitation of multiple unpatched Windows zero-days (RedSun, UnDefend, BlueHammer) in the wild, indicating immediate risk beyond a standard patch advisory.
Niedrig
NEU Microsoft
0 Zero-Day-Lücken unter Beschuss: Angriffe auf Windows-Systeme beobachtet
Describes an active attack campaign exploiting zero-day vulnerabilities in Windows systems, indicating immediate defensive action is required.
Niedrig
NEU Microsoft
0 Microsoft: Teams increasingly abused in helpdesk impersonation attacks
Describes an active campaign where attackers are specifically abusing external Teams access for helpdesk impersonation, a novel social engineering vector.
Niedrig
NEU Microsoft
0 Microsoft releases emergency updates to fix Windows Server issues
Highlights emergency, out-of-band updates to resolve critical stability or security issues introduced by a recent patch cycle.
Niedrig
NEU
0 DFIR Report – The Gentlemen & SystemBC: A Sneak Peek Behind the Proxy
Provides insight into the TTPs of a threat actor using SystemBC malware for C2 and lateral movement within a Windows domain environment.
Niedrig
Neu als KEV gelistet
0Keine Änderungen in dieser Kategorie.
Score-Sprung
0Keine Änderungen in dieser Kategorie.
Nicht mehr im Report
5 NEU Siemens
100 CVE-2026-34856
Hoch
CVSS
7.3
EPSS
0%
NEU
100 CVE-2026-5936
The alert highlights the specific risk of SSRF being used to probe internal services and cloud metadata, which is a critical attack path beyond just patching.
Hoch
CVSS
8.5
EPSS
0%
NEU Palo Alto Networks
85 CVE-2026-0233
This vulnerability allows unauthenticated attackers with adjacent network access to achieve SYSTEM privileges through certificate validation flaws.
Kritisch
EPSS
0%
NEU Siemens
64 CVE-2026-34858
Hoch
CVSS
4.1
EPSS
0%
NEU Palo Alto Networks
20 CVE-2026-0232
Describes a specific attack vector where malware could leverage local admin rights to disable detection, moving beyond a simple patch notification.
Hoch
EPSS
0%