Vergleich von 30. April 2026 mit dem Vortag 23. April 2026.
This is a newly disclosed vulnerability with no active attack campaigns reported yet, but it enables unauthenticated remote code execution via a rogue DHCP server, which is particularly dangerous for manufacturing networks with DHCP clients.
This is a patch reminder for a Linux kernel vulnerability that could allow unprivileged users to gain root access, but no active exploitation or campaign details are provided.
This is a newly disclosed high-severity Linux kernel vulnerability that allows unprivileged local users to gain root access, but no active exploitation campaigns have been reported yet.
This alert goes beyond a patch reminder by indicating active exploitation of a Windows zero-day, which increases urgency for Joel Traber AG to apply mitigations immediately.
This is a newly disclosed Linux vulnerability that allows unauthenticated root access on major distributions, requiring immediate patching.
Highlights widespread exposure of industrial control systems via RDP/VNC, increasing risk for manufacturing firms like Joel Traber AG.
This vulnerability has been present in the Linux kernel since 2017 and allows local privilege escalation to root, posing a significant risk to servers running Ubuntu 24.04 and Debian 12.
This describes an active supply chain campaign targeting SAP-related npm packages with credential-stealing malware, which could compromise development environments and lead to lateral movement into SAP systems.
This is an active supply-chain attack targeting SAP npm packages to steal credentials and tokens, not just a vulnerability disclosure.
Provides actionable guidance for adapting Zero Trust to OT environments, which is critical for protecting Siemens S7 PLCs and other industrial systems from modern cyber threats.
Keine Änderungen in dieser Kategorie.
Keine Änderungen in dieser Kategorie.
FIRESTARTER backdoor provides persistent access on Cisco ASA/FTD devices, enabling long-term espionage and lateral movement.
UAT-4356 is actively exploiting two zero-day vulnerabilities in Cisco Firepower devices to deploy the FIRESTARTER backdoor, indicating a targeted campaign against network security appliances.
This CVE is actively exploited and added to CISA's KEV catalog, requiring immediate patching for Defender for Endpoint.
This is a patch notification with no evidence of active exploitation or specific targeting of manufacturing firms.
This alert is a standard patch notification with no evidence of active exploitation or specific targeting; it adds no new insight beyond the need to apply the out-of-band update.
No active exploitation or campaign details provided; this is a standard patch advisory.
This is a patch reminder for a DoS vulnerability in GitLab CE/EE; no active attack campaign or sector-specific targeting is described.
This is a patch notification for a DoS vulnerability in GitLab CE/EE; no active exploitation or campaign details are provided.
This vulnerability allows unauthenticated attackers to access tokens in the Storybook environment, which could lead to further compromise of GitLab repositories and CI/CD pipelines.
This is a patch advisory with no evidence of active exploitation or specific attack campaigns beyond the CVE details.
This is a patch reminder for a GitLab XSS vulnerability with no evidence of active exploitation or specific threat actor involvement.
This is a patch reminder with no evidence of active exploitation or specific TTPs beyond the advisory.
This CVE affects Siemens Industrial Edge Management, a platform used to manage edge devices in industrial environments, which could allow an attacker to compromise industrial operations.
This is a patch reminder for a GitLab vulnerability that could expose confidential issue titles in public projects, but no active exploitation or specific campaign is mentioned.
This is a patch reminder; no active exploitation or campaign details are provided beyond the CVE description.
This vulnerability affects the TPM 2.0 firmware in Siemens SIMATIC industrial PCs, potentially allowing attackers to compromise hardware security modules in manufacturing environments.
This vulnerability in Siemens industrial network management software could allow remote code execution or denial of service in OT environments.
This CVE affects Siemens industrial network management software, potentially impacting OT network visibility and control in manufacturing environments.
This CVE affects Siemens industrial access management, potentially allowing unauthorized access to critical manufacturing infrastructure.
This CVE affects Siemens Analytics Toolkit, which may be used in conjunction with S7 PLCs in the company's manufacturing environment.
This is a patch advisory with no evidence of active exploitation or specific attack campaigns beyond the CVE details.
Multiple CVEs in Siemens SCALANCE devices could allow attackers to compromise industrial network segments, potentially impacting Siemens S7 PLC operations.
This CVE affects Siemens RUGGEDCOM CROSSBOW Station Access Controller, which could be used to compromise industrial control systems in manufacturing environments.
This is a zero-day vulnerability in Windows library-ms that leaks NTLM responses, enabling credential relay attacks against Active Directory.
This is an unpatched 0day vulnerability that could allow attackers to capture NTLM hashes for relay attacks against the company's Active Directory.
This alert goes beyond a patch reminder by confirming active exploitation of the BlueHammer flaw in zero-day attacks, with CISA mandating federal patching, indicating a real and ongoing threat.
Describes TTPs for bypassing MFA to compromise cloud and on-prem identity systems, which are critical for Joel Traber AG's hybrid AD/Entra ID setup.
The alert confirms active exploitation of the SharePoint vulnerability beyond just a patch advisory, with approximately 1,300 instances already under attack.
Reports active exploitation of Windows zero-days beyond mere patch advisories, indicating immediate risk to the company's Windows servers.
Describes a novel custom malware suite deployed via social engineering, with detailed TTPs that can be used to enhance detection rules for Windows and Active Directory environments.
Provides TTPs and defensive measures against China-nexus covert device networks, which could target Joel Traber AG's OT/IT convergence and supply chain.
Provides detailed TTPs and IOCs for Kyber ransomware targeting both Windows and ESXi environments, enabling proactive defense for Joel Traber AG's critical infrastructure.