CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Cyber Express
CISA Adds Five Enterprise Software Flaws to Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added five enterprise software flaws to its Known Exploited Vulnerabilities (KEV) Catalog in an 18-hour span. On January 22, CISA a ...
-
The Register
Patch or die: VMware vCenter Server bug fixed in 2024 under attack today
You've got to keep your software updated. Some unknown miscreants are exploiting a critical VMware vCenter Server bug more than a year after Broadcom patched the flaw. The vulnerability, tracked as CV ...
-
CybersecurityNews
20,000 WordPress Sites Affected by Backdoor Vulnerability Allowing Malicious Admin User Creation
A critical backdoor vulnerability has been discovered in the LA-Studio Element Kit for Elementor, a popular WordPress plugin used by more than 20,000 active sites. This security flaw allows attackers ...
-
BleepingComputer
CISA confirms active exploitation of four enterprise software bugs
The Cybersecurity and Infrastructure Security Agency (CISA) in the U.S. warned of active exploitation of four vulnerabilities impacting enterprise software from Versa and Zimbra, the Vite frontend too ...
-
BleepingComputer
Hackers exploit critical telnetd auth bypass flaw to get root
A coordinated campaign has been observed targeting a recently disclosed critical-severity vulnerability that has been present in the GNU InetUtils telnetd server for 11 years. The security issue is tr ...
-
security.nl
Kritieke lekken in Microsoft Copilot konden aanvaller informatie laten stelen
Microsoft heeft kritieke kwetsbaarheden in AI-chatbot Copilot gepatcht waardoor aanvallers informatie van gebruikers konden stelen. De "information disclosure" kwetsbaarheden waren aanwezig in Word Co ...
-
The Hacker News
CISA Updates KEV Catalog with Four Actively Exploited Software Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in t ...
-
The Register
Fortinet admits FortiGate SSO bug still exploitable despite December patch
Fortinet has confirmed that attackers are actively bypassing a December patch for a critical FortiCloud single sign-on (SSO) authentication flaw after customers reported suspicious logins on devices s ...
-
The Hacker News
Fortinet Confirms Active FortiCloud SSO Bypass on Fully Patched FortiGate Firewalls
Fortinet has officially confirmed that it's working to completely plug a FortiCloud SSO authentication bypass vulnerability following reports of fresh exploitation activity on fully-patched firewalls. ...
-
CybersecurityNews
Fortinet Confirms Active Exploitation of FortiCloud SSO Authentication Bypass Vulnerability
Fortinet confirms active exploitation of a FortiCloud SSO authentication bypass vulnerability, with a new automated campaign targeting even fully patched FortiGate devices. Cybersecurity firm Arctic W ...