Cyber Newsroom Feed

The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.

  • Cybersecurity News
Exploit Kits, Cryptominers, Proxyjackers: The New Face of Selenium Grid Abuse

Researchers at Cado Security Labs have uncovered two malicious campaigns that exploit misconfigured instances of Selenium Grid. Once a trusted tool for browser automation and testing, Selenium Grid ha ... Read more

Published Date: Sep 17, 2024 (3 months ago)
  • The Register
Microsoft confirms IE bug squashed in Patch Tuesday was exploited zero-day

Analysis Microsoft, in a low-key update to its September Patch Tuesday disclosures, has confirmed a just-fixed Internet Explorer vulnerability was exploited as a zero-day before it could be patched. R ... Read more

Published Date: Sep 17, 2024 (3 months ago)
  • Cybersecurity News
Hadooken Malware: A New Threat to WebLogic Servers

The entire attack flow | Image: Aqua NautilusCybersecurity researchers at Aqua Nautilus have discovered a new Linux malware strain, dubbed “Hadooken,” that is specifically targeting Oracle WebLogic se ... Read more

Published Date: Sep 16, 2024 (3 months ago)
  • Ars Technica
Secure Boot-neutering PKfail debacle is more prevalent than anyone knew

THIS IS NOT A TEST — Keys were marked "DO NOT TRUST." More devices than previously known used them anyway. Getty Images A supply chain failure that compromises Secure Boot protections on computing ... Read more

Published Date: Sep 16, 2024 (3 months ago)
  • Dark Reading
'Void Banshee' Exploits Second Microsoft Zero-Day

Source: Anucha Cheechang via ShutterstockMicrosoft has recategorized a bug that the company fixed in this month's Patch Tuesday update as a zero-day vulnerability, which the "Void Banshee" advanced pe ... Read more

Published Date: Sep 16, 2024 (3 months ago)
  • Dark Reading
Ivanti Cloud Bug Goes Under Exploit After Alarms Are Raised

Source: NicoElNino via Alamy Stock PhotoJust days after Ivanti released an advisory regarding a high-severity vulnerability in its Cloud Service Appliance (CSA), the company is alerting customers that ... Read more

Published Date: Sep 16, 2024 (3 months ago)
  • BleepingComputer
CISA warns of Windows flaw used in infostealer malware attacks

​CISA has ordered U.S. federal agencies to secure their systems against a recently patched Windows MSHTML spoofing zero-day bug exploited by the Void Banshee APT hacking group. The vulnerability (CVE- ... Read more

Published Date: Sep 16, 2024 (3 months ago)
  • BleepingComputer
Exploit code released for critical Ivanti RCE flaw, patch now

A proof-of-concept (PoC) exploit for CVE-2024-29847, a critical remote code execution (RCE) vulnerability in Ivanti Endpoint Manager, is now publicly released, making it crucial to update devices. The ... Read more

Published Date: Sep 16, 2024 (3 months ago)
  • BleepingComputer
D-Link fixes critical RCE, hardcoded password flaws in WiFi 6 routers

D-Link has fixed critical vulnerabilities in three popular wireless router models that allow remote attackers to execute arbitrary code or access the devices using hardcoded credentials. The impacted ... Read more

Published Date: Sep 16, 2024 (3 months ago)
  • TheCyberThrone
Spring Framework Vulnerability CVE-2024-38816 fixed

A high severity vulnerability has been discovered in the Spring Framework, that allows attackers to gain unauthorized access to sensitive files on the server, posing a significant risk of data breache ... Read more

Published Date: Sep 16, 2024 (3 months ago)

Filters

Showing 10 of 2628 Results
© cvefeed.io
Latest DB Update: Dec. 23, 2024 7:32