Region: dach

All items tagged dach.

• CVE-2026-12569 — PTC Windchill / FlexPLM pre-auth deserialization RCE, exploited, BSI calling admins at 02:30
  in 2026-W25
• Insider and process failures — Munich school data, a lost SSD, and an NHS records caution
  in 2026-W25
• CVE-2026-52806 — Gogs self-hosted Git server: argument injection to OS command execution (BSI critical batch)
  in 2026-06-20
• BSI flags 13 vulnerabilities patched in Zammad 7.1 — admin privilege escalation in a DACH public-sector helpdesk platform
  in 2026-06-18
• Munich: ~120,000 student records suspected on the darknet — terminated employee under investigation
  in 2026-06-17
• UPDATE: Novo Nordisk clarifies stolen-data scope — non-pseudonymised HCP data in play
  in 2026-06-16
• Germany's Bundestag opens first reading of the CRA domestic-implementation bill
  in 2026-W24
• Novo Nordisk discloses theft of clinical-trial and healthcare-professional data
  in 2026-06-13
• CVE-2026-47344 et al. — TYPO3 core June release: 13 CVEs across every supported branch (10.4 ELTS → 14.3 LTS)
  in 2026-06-10
• TA4922 — China-nexus cybercrime cluster expands from Japan into Germany, UK and Italy with native-language lures and Atlas RAT
  in 2026-W23
• Germany's Gesetzentwurf zur Stärkung der Cybersicherheit: cabinet-approved active-cyberdefence powers for BKA, Bundespolizei and BSI
  in 2026-W23
• Proofpoint TA4922: a China-nexus cybercrime cluster expands from Japan into Germany, the UK and Italy with native-language lures and DLL-side-loaded Atlas RAT
  in 2026-06-05
• DesckVB RAT malspam launders through Google DoubleClick and blinds AMSI/ETW, with German-language lures aimed at DACH [SINGLE-SOURCE]
  in 2026-06-04
• Mautic 7.1.2 / 6.0.9 — seven authenticated flaws, including two post-auth RCE paths (SSTI and path-traversal-to-PHP-RCE), an SSRF and an API authorization bypass
  in 2026-05-31
• ILIAS LMS — nine fixes shipped 2026-05-27, two critical access-control gaps (CVSS 9.8 + 9.3), NCSC.ch flags SOAP interface as primary unauthenticated attack surface
  in 2026-05-28
• Germany's federal cabinet approves the Cybersicherheitsstärkungsgesetz — BKA, BSI and Federal Police gain authority to redirect traffic and disable attacker infrastructure
  in 2026-05-28
• Public administration & identity (CH / DACH lead) — the LMS, SSO and e-government estate under multi-product pressure
  in 2026-W22
• Germany's Cybersicherheitsstärkungsgesetz — federal cabinet approves active-cyber-defence powers; Bundestag passage still ahead
  in 2026-W22
• Six German university hospitals lose ~97,600+ patient records to a breach at billing processor Unimed
  in 2026-05-24
• Rhysida claims Stuttgart municipal-data theft for 5 BTC; city denies a confirmed incident
  in 2026-05-23
• Keycloak 26.6.2 — 16 CVEs including OIDC session fixation (CVE-2026-7507), WebAuthn execute-actions token replay (CVE-2026-37982), introspection audience bypass (CVE-2026-37979) and cross-realm IDOR in Authorization Services (CVE-2026-4630)
  in 2026-05-21
• UPDATE: SEPPmail Secure E-Mail Gateway — InfoGuard Labs full technical write-up; new CVE-2026-2743 (CVSS 10.0 pre-auth path traversal in LFT)
  in 2026-05-20
• ARWINI (Lower Saxony statutory-prescription audit body) — investigators confirm data exfiltration after 4 May intrusion; Kairos ransomware group claims 2.87 TB; ~70,000 GDPR Art. 9 records in scope
  in 2026-05-19
• BigBlueButton bbb-web < 3.0.21 / < 3.0.23 — three flaws in EU education and government virtual-classroom platform: weak session-token randomness, API checksum bypass, SSRF
  in 2026-05-19
• CVE-2026-7507 (+15) — Keycloak 26.6.2: identity-provider cluster including OIDC session fixation and cross-realm IDOR
  in 2026-W21
• Healthcare (DACH) — the soft surface is the administrative intermediary, not the hospital
  in 2026-W21
• Education — virtual-classroom platforms and EdTech SaaS exposure
  in 2026-W21
• Six German university hospitals — patient records exfiltrated via billing processor Unimed
  in 2026-W21
• ARWINI (Lower Saxony prescription-audit body) — exfiltration confirmed; Kairos claims 2.87 TB including ~70,000 GDPR Art. 9 records
  in 2026-W21
• Rhysida claims Stuttgart municipal data — city denies a confirmed incident [SINGLE-SOURCE / unconfirmed]
  in 2026-W21
• Check Point April 2026 ransomware analysis — Qilin leads at 15%, Germany at 5% of global victims
  in 2026-W20
• Qilin / Agenda RaaS — April 2026 lead at 15% of global ransomware activity, Germany 5% of global victims
  in 2026-W20
• KRITIS-DachG — German registration deadline 17 July 2026 is now 61 days out
  in 2026-W20
• BKA — Dream Market lead administrator "Speedstepper" arrested in Germany
  in 2026-W20
• Kaspersky GReAT documents Kimsuky's Rust-based HelloDoor and TryCloudflare-tunnel C2 added to the PebbleDash toolkit [SINGLE-SOURCE]
  in 2026-05-17
• BKA arrests Dream Market lead administrator "Speedstepper" in Germany — cryptocurrency-to-physical-gold OPSEC failure after seven years at large
  in 2026-05-16
• BKA and ZIT dismantle relaunched Crimenetwork darknet marketplace; German operator arrested in Mallorca on European Arrest Warrant
  in 2026-05-12
• Škoda Auto Deutschland online-shop breach exposes customer PII and password hashes; logging gap prevents exfiltration confirmation
  in 2026-05-12
• CVE-2026-44128 et al. — SEPPmail Secure Email Gateway: six-CVE cluster on the Swiss public sector's dominant email-encryption appliance
  in 2026-W19
• Media and political (HU, DE)
  in 2026-W19
• JDownloader official site compromised — Windows and Linux installers swapped for ~48 hours
  in 2026-W19
• DENIC .de DNSSEC outage — 3.5 h registry-side trust failure traced to keytag 33834 collision and an alerting-layer fire-without-page
  in 2026-W19
• German LG Berlin II ruling — Apobank liable for €218,000+ phishing loss; PSD2 IP-analytics obligation clarified
  in 2026-W19
• Google Threat Intelligence Group — Europe data-leak landscape 2025
  in 2026-W19
• Qilin / Agenda RaaS — Die Linke confirms Q2 2026 German activity continuity
  in 2026-W19
• The Gentlemen RaaS — Europe-skewed operation surged approximately 448% QoQ; 32% of Q1 2026 victims in Europe; FortiGate CVE-2024-55591 initial-access funnel
  in 2026-W19
• Akira playbook quarterly context — Q1 2026 healthcare concentration; Qilin remains the dominant operator on German healthcare victims
  in 2026-W19
• German LG Berlin II — Apobank ruling sets PSD2 IP-analytics obligation as case law
  in 2026-W19
• Germany KRITIS-DachG in force — public administration first time in critical-infrastructure scope; registration deadline 17 July 2026
  in 2026-W19
• BSI flags Netgate pfSense Community Edition as critical-unpatched — CVE-2025-69690 / CVE-2025-69691 authenticated root RCE, vendor refuses to fix
  in 2026-05-11
• Restrict pfSense CE management interfaces; assume no patch is coming
  in 2026-05-11
• JDownloader official site compromised — Windows and Linux installers swapped for a Python RAT for ~48 hours
  in 2026-05-10
• UPDATE: DENIC .de DNSSEC outage post-mortem — three private keys generated with the same Key Tag (33834); only one DNSKEY published
  in 2026-05-10
• Hunt for trojanised JDownloader installers and unsigned Python child processes
  in 2026-05-10
• DENIC .de DNSSEC outage — faulty key rollover; 3.5 h disruption for German government and public-sector .de domains
  in 2026-05-09
• CVE-2026-44128 et al. — SEPPmail Secure Email Gateway: CVSS 9.3 unauthenticated RCE and five additional CVEs [SINGLE-SOURCE-NATIONAL-CERT carve-out + vendor]
  in 2026-05-09
• German court finds bank liable for sophisticated phishing loss — PSD2/IP-analytics obligations clarified
  in 2026-05-09
• Swiss and DACH Deployment Context
  in 2026-05-09
• Qilin ransomware hits Die Linke (Germany): 1.5 TB claimed, DPA notified (~April 2026, first coverage)
  in 2026-05-08