End-of-Day report
Timeframe: Mittwoch 29-10-2025 18:00 - Donnerstag 30-10-2025 18:00
Handler: Alexander Riepl
Co-Handler: n/a
News
Kein Fix verfügbar: Milliarden von Webbrowsern lassen sich in Sekunden crashen
Eine bisher ungepatchte Sicherheitslücke betrifft Nutzer Chromium-basierter Browser. Die Software lässt sich sekundenschnell zum Absturz bringen.
https://www.golem.de/news/kein-fix-verfuegbar-milliarden-von-webbrowsern-lassen-sich-in-sekunden-crashen-2510-201687.html
GIMP: Manipulierte Bilder können Schadcode einschmuggeln
Die GIMP-Version 3.0.6 schließt einige hochriskante Sicherheitslücken. Angreifer können mit präparierten Bildern Malware einschleusen.
https://www.heise.de/news/Bildbarbeitung-GIMP-Version-3-0-6-schliesst-Codeschmuggel-Lecks-10964002.html
Sicherheitslücke: MOVEit Transfer ist für Attacken anfällig
Ein Patch schließt eine Schwachstelle in der Dateiübertragungssoftware MOVEit Transfer.
https://www.heise.de/news/Sicherheitsluecke-Angreifer-koennen-Dienst-von-MOVEit-Transfer-einschraenken-10964396.html
USA: Verkaufsverbot für TP-Link-Router wird immer wahrscheinlicher
Das US-Handelsministerium schlägt ein Verkaufsverbot für TP-Link-Router vor. Mehrere Bundesbehörden sehen ein Sicherheitsrisiko durch Verbindungen nach China.
https://www.heise.de/news/USA-Verkaufsverbot-fuer-TP-Link-Router-wird-immer-wahrscheinlicher-10964555.html
Security awareness: four pillars for staying safe online
TL;DR Introduction When it comes to being security aware, there are seemingly endless things you need to consider. Here are four key areas as a user you can focus on to keep yourself secure.
https://www.pentestpartners.com/security-blog/security-awareness-four-pillars-for-staying-safe-online/
#5TageGegenDeepfakes: Kriminelle nutzen Deepfakes von Promis für Investmentscams
Einige Prominente genießen aufgrund ihrer Persönlichkeit eine hohe Vertrauenswürdigkeit. Kriminelle machen sich dies zunutze und erstellen Deepfakes der Promis, um sie betrügerische Investments bewerben zu lassen.
https://www.watchlist-internet.at/news/5tagegegendeepfakes-kriminelle-nutzen-deepfakes-von-promis-fuer-investmentscams/
Former Trenchant exec pleads guilty to selling cyber exploits to Russian broker
The former executive sold the trade secrets to a Russian cyber-tools broker that -publicly advertises itself as a reseller of cyber exploits to various customers, including the Russian government,- according to the Department of Justice.
https://therecord.media/trenchant-exec-pleads-guilty-russia-secrets
Cyber info sharing -holding steady- despite lapse in CISA 2015, official says
The comments come roughly a month after the expiration of the 2015 Cybersecurity Information Sharing Act, which incentivized private entities to share threat data with the government with antitrust and liability safeguards.
https://therecord.media/cyber-info-sharing-holding-steady-official-says
Russian Hackers Exploit Adaptix Pentesting Tool in Ransomware Attacks
Silent Push wars of Russian hackers exploiting Adaptix, a pentesting tool built for Windows, Linux, and macOS, in ransomware campaigns.
https://hackread.com/russian-hackers-adaptix-pentest-ransomware/
New Guidance Released on Microsoft Exchange Server Security Best Practices
Today, CISA, in partnership with the National Security Agency and international cybersecurity partners, released Microsoft Exchange Server Security Best Practices, a guide to help network defenders harden on-premises Exchange servers against exploitation .. at high risk of compromise. Best practices in this guide focus on hardening user
https://www.cisa.gov/news-events/alerts/2025/10/30/new-guidance-released-microsoft-exchange-server-security-best-practices
Learnings from recent npm supply chain compromises
A look at recent npm supply chain compromises and how we can learn from them to better prepare for future incidents.
https://securitylabs.datadoghq.com/articles/learnings-from-recent-npm-compromises/
Vulnerabilities in LUKS2 disk encryption for confidential VMs
Trail of Bits is disclosing vulnerabilities in eight different confidential computing systems that use Linux Unified Key Setup version 2 (LUKS2) for disk encryption. Using these vulnerabilities, a malicious actor with access to storage disks can extract all confidential data stored on that disk and can modify the contents of the disk arbitrarily. The vulnerabilities are caused by malleable metadata headers that allow an attacker to trick a trusted execution environment guest into encrypting ..
https://blog.trailofbits.com/2025/10/30/vulnerabilities-in-luks2-disk-encryption-for-confidential-vms/
Vulnerabilities
SVD-2025-1011: Third-Party Package Updates in Splunk Operator for Kubernetes Add-on - October 2025
Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk Operator for Kubernetes Add-on version 3.0.0 and higher.
https://advisory.splunk.com//advisories/SVD-2025-1011
SVD-2025-1010: Third-Party Package Updates in Splunk AppDynamics Analytics Agent - October 2025
Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk AppDynamics Analytics Agent version 25.7.0 and higher.
https://advisory.splunk.com//advisories/SVD-2025-1010
SVD-2025-1009: Third-Party Package Updates in Splunk AppDynamics Private Synthetic Agent - October 2025
Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk AppDynamics Private Synthetic Agent version 25.7.0 and higher.
https://advisory.splunk.com//advisories/SVD-2025-1009
SVD-2025-1008: Third-Party Package Updates in Splunk AppDynamics Machine Agent - October 2025
Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Splunk AppDynamics Machine Agent version 25.7.0 and higher.
https://advisory.splunk.com//advisories/SVD-2025-1008
Simple OAuth (OAuth2) & OpenID Connect - Critical - Access bypass - SA-CONTRIB-2025-114
https://www.drupal.org/sa-contrib-2025-114