CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Critical 9.8 CVSS Flaw: Unpatched PayU CommercePro Plugin Allows Admin Account Takeover!
A severe vulnerability in the PayU CommercePro plugin for WordPress, which has over 5,000 active installations, allows unauthenticated attackers to take over any user account, including admins. Tracke ... Read more
-
security.nl
Digitale videorecorders TBK aangevallen door Mirai-botnet
Digitale videorecorders van fabrikant TBK zijn het doelwit van een variant van de Mirai-malware, die besmette apparaten onderdeel maakt van een botnet. Dat laat antivirusbedrijf Kaspersky in een analy ... Read more
-
The Register
Chinese spy crew appears to be preparing for conflict by backdooring 75+ critical orgs
An IT services company, a European media group, and a South Asian government entity are among the more than 75 companies where China-linked groups have planted malware to access strategic networks sho ... Read more
-
CrowdStrike.com
How Falcon Next-Gen SIEM Protects Enterprises from VMware vCenter Attacks
Internet-facing assets are targeted for many reasons, such as to establish persistence, evade defensive capabilities, and access sensitive networks. According to the search engine Shodan, approximatel ... Read more
-
Cyber Security News
PoC Exploit Released for Fortinet 0-Day Vulnerability that Allows Remote Code Execution
A new proof-of-concept (PoC) exploit for a critical zero-day vulnerability affecting multiple Fortinet products raises urgent concerns about the security of enterprise network infrastructure. The vuln ... Read more
-
Daily CyberSecurity
Critical CVSS 10.0 Flaws in B. Braun OnlineSuite Threaten Healthcare Infrastructure
B. Braun Melsungen AG has issued a high-priority security advisory warning of three severe vulnerabilities affecting its OnlineSuite AP 3.0 and earlier, including one rated a maximum CVSS score of 10. ... Read more
-
Daily CyberSecurity
UNC1151 Exploits Roundcube Flaw in Spear Phishing Attack
CERT Polska has sounded the alarm after uncovering a spear phishing campaign that targeted Polish organizations using a critical webmail vulnerability. The campaign is linked to the UNC1151 APT group, ... Read more
-
Daily CyberSecurity
Go Fixes Three Security Flaws: Update Your Apps Now!
The Go team has rolled out versions 1.24.4 and 1.23.10, addressing three critical security vulnerabilities affecting core packages such as net/http, os, and crypto/x509. While these are minor point re ... Read more
-
Daily CyberSecurity
FormBook Returns: Exploiting CVE-2017-0199 via Malicious Excel Attachments in New Phishing Campaign
Image: FortiGuard Labs FortiGuard Labs has uncovered a renewed phishing campaign that leverages the eight-year-old CVE-2017-0199 vulnerability to deploy FormBook, a notorious infostealer malware. The ... Read more
-
Daily CyberSecurity
EnigmaCyberSecurity: Brazil-Focused Banking Malware Campaign Uses RATs and Malicious Extensions
Attack chain using a browser extension | Image: Positive Technologies Positive Technologies has uncovered an ongoing, multi-stage cybercrime campaign—dubbed “EnigmaCyberSecurity”—primarily targeting B ... Read more