===================== = End-of-Day report = =====================
Timeframe: Dienstag 23-06-2026 18:00 − Mittwoch 24-06-2026 18:00 Handler: Alexander Riepl Co-Handler: Guenes Holler
===================== = News = =====================
∗∗∗ New macOS ClickFix attack silently mounts DMGs to push infostealer ∗∗∗ --------------------------------------------- A new macOS ClickFix campaign is using Terminal commands to silently download, mount, and launch info-stealing malware from malicious disk image (DMG) files. --------------------------------------------- https://www.bleepingcomputer.com/news/security/new-macos-clickfix-attack-sil...
∗∗∗ Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks ∗∗∗ --------------------------------------------- A high-severity SSRF vulnerability, tracked as CVE-2026-20230, in Cisco Unified Communications Manager Server is now being exploited in attacks. --------------------------------------------- https://www.bleepingcomputer.com/news/security/cisco-unified-cm-sme-flaw-cve...
∗∗∗ Stealthy Mistic backdoor linked to ransomware access broker KongTuke ∗∗∗ --------------------------------------------- A new backdoor dubbed Mistic has been observed in financially motivated attacks targeting organizations in the insurance, education, IT, and professional services sectors. --------------------------------------------- https://www.bleepingcomputer.com/news/security/stealthy-mistic-backdoor-link...
∗∗∗ Sicherheitslücke: Millionen von Samsung-Smartphones durch Kernel-Bug gefährdet ∗∗∗ --------------------------------------------- Forscher haben einen gefährlichen Bug im Android-Kernel von Samsung entdeckt, der unzählige Smartphones zwischen Galaxy S9 und S25 betrifft. --------------------------------------------- https://www.golem.de/news/sicherheitsluecke-acht-jahre-alter-kernel-bug-gefa...
∗∗∗ Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root ∗∗∗ --------------------------------------------- Threat actors have begun to exploit a recently disclosed critical security flaw impacting Cisco Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME).The vulnerability, tracked as CVE-2026-20230 (CVSS score: 8.6), is a case of improper input validation for specific HTTP requests that could allow an unauthenticated, .. --------------------------------------------- https://thehackernews.com/2026/06/cisco-unified-cm-flaw-exploited-after.html
∗∗∗ Home Assistant: Update stopft Informationsleck ∗∗∗ --------------------------------------------- Die jüngeren Home-Assistant-Updates stopfen unter anderem Informationslecks. Zudem gibt es das Home Assistant OS in neuer Version. --------------------------------------------- https://www.heise.de/news/Home-Assistant-Update-stopft-Informationsleck-1134...
∗∗∗ Ubiquiti UniFi OS-Sicherheitslücken werden angegriffen ∗∗∗ --------------------------------------------- Ende Mai wurden kritische Sicherheitslücken in Ubiquiti UniFi OS bekannt. Inzwischen haben Angreifer diese im Visier. --------------------------------------------- https://www.heise.de/news/Ubiquiti-UniFi-OS-Sicherheitsluecken-werden-angegr...
∗∗∗ Cyberkriminelle: Die „Wirtschaftsprüfer“, die Sie nie beauftragt haben ∗∗∗ --------------------------------------------- Jede Organisation wird geprüft. Die Frage ist, wer die Prüfung durchführt. --------------------------------------------- https://www.welivesecurity.com/de/business-security/cyberkriminelle-die-wirt...
∗∗∗ Hackergruppe will den Flughafen Wien angegriffen haben ∗∗∗ --------------------------------------------- Als Beweis wurden Frachtpapiere mit Waffenlieferungen veröffentlicht. Laut dem Flughafen Wien sind keine personenbezogenen Daten darunter --------------------------------------------- https://www.derstandard.at/story/3000000328608/hackergruppe-will-den-flughaf...
∗∗∗ Zoho Corp. ManageEngine: Kritische SSO-Lücke ermöglicht Kontenübernahme ∗∗∗ --------------------------------------------- Angreifer können eine kritische Sicherheitslücke in mehreren Zoho Corp. ManageEngine-Produkten missbrauchen, um Konten zu übernehmen. --------------------------------------------- https://heise.de/-11342888
===================== = Vulnerabilities = =====================
∗∗∗ Security updates for Wednesday ∗∗∗ --------------------------------------------- Security updates have been issued by AlmaLinux (corosync, firefox, kernel, kernel-rt, libpq, memcached, postgresql, postgresql16, postgresql:13, postgresql:16, python-urllib3, python3.14-urllib3, redis:6, skopeo, and vim), Debian (beets, gst-plugins-bad1.0, imagemagick, libmatio, python-urllib3, and u-boot), Fedora (chromium, coturn, frr, grout, materialx, perl-Crypt-DSA, and yt-dlp), Mageia (opensc, perl-Archive-Tar, and podofo), Oracle (fence-agents, libpq, mysql:8.4, and postgresql:16), .. --------------------------------------------- https://lwn.net/Articles/1079365/
∗∗∗ [R1] Tenable Identity Exposure Version 3.93.5 Fixes Multiple Vulnerabilities ∗∗∗ --------------------------------------------- https://www.tenable.com/security/tns-2026-16