CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code
Cybersecurity researchers have discovered two malicious Microsoft Visual Studio Code (VS Code) extensions that are advertised as artificial intelligence (AI)-powered coding assistants, but also harbor ...
-
BleepingComputer
Nearly 800,000 Telnet servers exposed to remote attacks
Internet security watchdog Shadowserver tracks nearly 800,000 IP addresses with Telnet fingerprints amid ongoing attacks exploiting a critical authentication bypass vulnerability in the GNU InetUtils ...
-
CybersecurityNews
800K+ GNU InetUtils telnetd Instances Exposed to RCE Attacks – PoC Released
A critical authentication bypass vulnerability in the telnetd component of GNU Inetutils has exposed approximately 800,000 internet-accessible Telnet instances to unauthenticated remote code execution ...
-
BleepingComputer
Hackers can bypass npm’s Shai-Hulud defenses via Git dependencies
The defense mechanisms that NPM introduced after the 'Shai-Hulud' supply-chain attacks have weaknesses that allow threat actors to bypass them via Git dependencies. Collectively called PackageGate, th ...
-
security.nl
Broadcom meldt misbruik van kritieke kwetsbaarheid in VMware vCenter
Aanvallers maken actief misbruik van een kritieke kwetsbaarheid in VMware vCenter-servers waarvoor op 18 juni 2024 beveiligingsupdates verschenen, zo melden Broadcom en het Amerikaanse cyberagentschap ...
-
The Hacker News
⚡ Weekly Recap: Firewall Flaws, AI-Built Malware, Browser Traps, Critical CVEs & More
Security failures rarely arrive loudly. They slip in through trusted tools, half-fixed problems, and habits people stop questioning. This week's recap shows that pattern clearly. Attackers are moving ...
-
BleepingComputer
CISA says critical VMware RCE flaw now actively exploited
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged a critical VMware vCenter Server vulnerability as actively exploited and ordered federal agencies to secure their servers w ...
-
CybersecurityNews
Apache Hadoop Vulnerability Exposes Systems Potential Crashes or Data Corruption
A moderate-severity vulnerability in the Hadoop Distributed File System (HDFS) native client could allow attackers to trigger system crashes or corrupt critical data through maliciously crafted URI in ...
-
security.nl
Aanvallers maken actief misbruik van kritieke telnet-kwetsbaarheid
Aanvallers maken actief misbruik van een kritieke telnet-kwetsbaarheid voor het aanvallen van systemen, zo melden de Italiaanse autoriteiten en securitybedrijf GreyNoise. Het beveiligingslek is aanwez ...
-
CybersecurityNews
Attackers Targeting Construction Firms Exploiting Mjobtime App Vulnerability Using MSSQL and IIS POST Request
Attackers are increasingly turning their attention to construction firms by abusing weaknesses in business software that runs on their job sites. One of the newest targets is the Mjobtime construction ...