CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Perplexity Eyes Chrome as DOJ Pressures Google Over Antitrust
In addition to OpenAI expressing interest in acquiring Google’s Chrome browser business, Perplexity.ai has also signaled its intent to pursue such a deal. During testimony in the U.S. Department of Ju ...
-
Daily CyberSecurity
CVE-2024-2787: Apple Archive Flaw Enables Arbitrary File Write and Gatekeeper Bypass, PoC Releases
A newly disclosed vulnerability in Apple’s proprietary libAppleArchive library, tracked as CVE-2024-27876, enables attackers to achieve arbitrary file writes on macOS and iOS systems, with the added p ...
-
Daily CyberSecurity
ToyMaker’s Playbook: Cisco Talos Exposes IAB Tactics Leading to Cactus Ransomware
Image: Cisco Talos Cisco Talos’ 2023 incident response report unveils the operations of “ToyMaker,” a financially motivated Initial Access Broker (IAB) whose behind-the-scenes activity opened the floo ...
-
Dark Reading
Max-Severity Commvault Bug Alarms Researchers
Source: T. Schneider via ShutterstockSecurity researchers have raised concerns about a maximum severity bug in certain versions of Commvault's Command Center that enables an unauthenticated remote att ...
-
The Register
Microsoft mystery folder fix might need a fix of its own
Turns out Microsoft's latest patch job might need a patch of its own, again. This time, the culprit is a mysterious inetpub folder quietly deployed by Redmond, now hijacked by a security researcher to ...
-
Cyber Security News
New Stego Campaign Leverages MS Office Vulnerability to Deliver AsyncRAT
Cybersecurity researchers have discovered a sophisticated malware campaign that employs steganography techniques to hide malicious code within seemingly innocent image files. This attack chain leverag ...
-
Cyber Security News
NVIDIA NeMo Framework Vulnerability Let Attackers Execute Remote Code
There are three high-severity vulnerabilities in the NVIDIA NeMo Framework that could allow attackers to execute remote code, potentially compromising AI systems and leading to data tampering. The sec ...
-
Cyber Security News
Hackers Exploited Ivanti Connect Secure 0-Day to Install DslogdRAT & Web Shell
Recent attacks against Japanese organizations have revealed sophisticated hackers exploiting a zero-day vulnerability in Ivanti Connect Secure VPN appliances. The attacks, occurring around December 20 ...
-
Cyber Security News
Citrix NetScaler Console Vulnerability Enables Admin Access – PoC Released
A critical vulnerability in Citrix NetScaler Console allows complete unauthenticated administrative access despite being initially classified as merely a “sensitive information disclosure” issue. The ...
-
Cyber Security News
Zyxel RCE Vulnerability Allows Arbitrary Query Execution Without any Authentication
A critical vulnerability in Zyxel’s FLEX-H Series devices that enables attackers to execute arbitrary database queries and gain remote code execution capabilities without requiring authentication. The ...