Tageszusammenfassung - 16.07.2026

End-of-Day report

Timeframe: Mittwoch 15-07-2026 18:00 - Donnerstag 16-07-2026 18:00 Handler: Michael Schlagenhaufer Co-Handler: Guenes Holler

News

Have I Been Pwned: 821.100 Datensätze von Messgerätehersteller Fluke ergänzt

Das Have-I-Been-Pwned-Projekt hat 821.100 Kontodaten des Messgeräteherstellers Fluke zur Datenhalde hinzugefügt.

https://heise.de/-11367041

GoSerpent: a persistent threat evolves with sophisticated data collection and exfiltration

Two-phase attacks with the GoSerpent backdoor, Stowaway RAT, ThumbcacheService and other tools aim to steal data from government entities in Southeast Asia.

https://securelist.com/goserpent-backdoor-in-southeast-asia/120687/

Unpatched Shark Vacuum Flaw Could Let Attackers Control Other Vacuums Region-Wide

Pull the certificate off the flash of a Shark RV2320EDUS robot vacuum, and you can run root commands on other people's Shark vacuums across the same AWS region: watch the camera, drive the robot, read the map of the house, and take the Wi-Fi password in plaintext.

https://thehackernews.com/2026/07/unpatched-shark-vacuum-flaw-could-let.html

New TELEPUZ Malware Spreads via ClickFix to Steal Data and Run Commands

Cybersecurity researchers have called attention to a new modular malware called TELEPUZ that's been spreading via websites infected with ClickFix lures since late April 2026.

https://thehackernews.com/2026/07/new-telepuz-malware-spreads-via.html

Booking-Betrug per WhatsApp: Gefälschte Nachricht fordert Datenbestätigung

Der Urlaub ist gebucht, die Vorfreude groß, und dann meldet sich plötzlich der Vermieter über WhatsApp: Die Reservierung müsse noch einmal bestätigt werden, sonst drohe die Stornierung. Klingt nach Routine, ist aber eine Falle. Dahinter stecken Kriminelle, die sich Zugang zu echten Buchungsdaten verschafft haben.

https://www.watchlist-internet.at/news/booking-betrug-per-whatsapp/

UAT-11795 deploys novel Starland RAT and bespoke WLDR C2 implant in financially motivated campaign

Cisco Talos is disclosing UAT-11795, a sophisticated, Russian-speaking, financially motivated adversary that has been conducting a malicious campaign targeting users in the U.S. and Europe since at least June 2025.

https://blog.talosintelligence.com/uat-11795-deploys-novel-starland-rat-and-bespoke-wldr-c2-implant-in-financially-motivated-campaign/

Vulnerabilities

Webkonferenztool Zoom: Kontoübernahme aus dem Netz möglich

Zoom hat mehrere Sicherheitslücken in der Webkonferenzsoftware geschlossen. Sie ermöglichen etwa Kontoübernahme aus dem Netz.

https://www.heise.de/news/Webkonferenztool-Zoom-Kontouebernahme-aus-dem-Netz-moeglich-11366838.html

Cisco RoomOS Security Hardening Release: July 2026

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hardening-roomos-AqNMbEq

Cisco Identity Services Engine Path Traversal Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-traversal-xNt7wb2Y

Splunk Security Advisories 2026-07-15 (1x Critical)

https://advisory.splunk.com//advisories

Drupal Security advisories 2026-July-15

https://www.drupal.org/security

LWN Security updates for Thursday

https://lwn.net/Articles/1083201/