===================== = End-of-Day report = =====================
Timeframe: Donnerstag 26-03-2026 18:00 − Freitag 27-03-2026 18:00 Handler: Guenes Holler Co-Handler: n/a
===================== = News = =====================
∗∗∗ IT vom Netz genommen: Cyberangriff mündet in Hafenbetrieb mit Stift und Papier ∗∗∗ --------------------------------------------- Spaniens Puerto de Vigo gilt als wichtiger Hafen für den weltweiten Fischereiverkehr. Nach einem Cyberangriff muss der Hafenbetrieb ohne IT auskommen. --------------------------------------------- https://www.golem.de/news/cyberangriff-hacker-legen-it-von-spaniens-groesste...
∗∗∗ Erpressungen erwartet: Hacker wollen riesige Supply-Chain-Attacke zu Geld machen ∗∗∗ --------------------------------------------- Nach verheerenden Attacken auf Trivy, LiteLLM und andere Tools will TeamPCP massenhaft eingesammelte Zugangsdaten für Ransomware-Angriffe einsetzen. --------------------------------------------- https://www.golem.de/news/erpressungen-erwartet-hacker-wollen-riesige-supply...
∗∗∗ Digitale Schläferzellen: Versteckte Linux-Malware in Telko-Netzwerken entdeckt ∗∗∗ --------------------------------------------- Forscher haben Netze von Telko-Providern untersucht und eine versteckte Backdoor-Malware gefunden. Hacker sollen damit Spionage betreiben. --------------------------------------------- https://www.golem.de/news/digitale-schlaeferzellen-versteckte-linux-malware-...
∗∗∗ China-Linked Red Menshen Uses Stealthy BPFDoor Implants to Spy via Telecom Networks ∗∗∗ --------------------------------------------- A long-term and ongoing campaign attributed to a China-nexus threat actor has embedded itself in telecom networks to conduct espionage against government networks. The strategic positioning activity, which involves implanting and maintaining stealthy access mechanisms within critical environments, has been attributed to Red Menshen, a threat cluster thats also tracked as Earth Bluecrow, --------------------------------------------- https://thehackernews.com/2026/03/china-linked-red-menshen-uses-stealthy.htm...
∗∗∗ Coruna iOS Kit Reuses 2023 Triangulation Exploit Code in Recent Mass Attacks ∗∗∗ --------------------------------------------- The kernel exploit for two security vulnerabilities used in the recently uncovered Apple iOS exploit kit known as Coruna is an updated version of the same exploit that was used in the Operation Triangulation campaign back in 2023, according to new findings from Kaspersky. --------------------------------------------- https://thehackernews.com/2026/03/coruna-ios-kit-reuses-2023.html
∗∗∗ LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks ∗∗∗ --------------------------------------------- Cybersecurity researchers have disclosed three security vulnerabilities impacting LangChain and LangGraph that, if successfully exploited, could expose filesystem data, environment secrets, and conversation history. Both LangChain and LangGraph are open-source frameworks that are used to build applications powered by Large Language Models (LLMs). --------------------------------------------- https://thehackernews.com/2026/03/langchain-langgraph-flaws-expose-files.htm...
∗∗∗ Security boffins scoured the web and found hundreds of valid API keys ∗∗∗ --------------------------------------------- Global banks devs have some cleaning up to do after cloud creds found in website code Computer security boffins have conducted an analysis of 10 million websites and found almost 2,000 API credentials strewn across 10,000 webpages. --------------------------------------------- https://go.theregister.com/feed/www.theregister.com/2026/03/27/security_boff...
∗∗∗ 293.000 E-Mail-Konten geleakt: IT-Vorfall bei Plug-in-Hersteller Sound Radix ∗∗∗ --------------------------------------------- Beim Have-I-Been-Pwned-Projekt lässt sich prüfen, ob die eigene E-Mail-Adresse Teil des Datenlecks beim VST-Plug-in-Hersteller Sound Radix ist. --------------------------------------------- https://www.heise.de/news/IT-Vorfall-bei-Musik-Plug-in-Schmiede-Sound-Radix-...
∗∗∗ Qilin: Linkspartei meldet russischen Ransomware-Angriff ∗∗∗ --------------------------------------------- Die Partei „Die Linke“ sieht sich mit einem Cybersicherheitsvorfall konfrontiert – Mitgliederdaten seien jedoch nicht betroffen. --------------------------------------------- https://heise.de/-11227181
===================== = Vulnerabilities = =====================
∗∗∗ Jetzt patchen! Schadcode-Attacken auf KI-Tool Langflow beobachtet ∗∗∗ --------------------------------------------- Eine kritische Sicherheitslücke in Langflow dient Angreifern dazu, Schadcode auf PCs zu schieben und auszuführen. Ein Sicherheitspatch ist verfügbar. --------------------------------------------- https://www.heise.de/news/Jetzt-patchen-Schadcode-Attacken-auf-KI-Tool-Langf...
∗∗∗ LWN Security updates for Friday ∗∗∗ --------------------------------------------- https://lwn.net/Articles/1065015/