CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Zyxel won’t patch newly exploited flaws in end-of-life routers
Zyxel has issued a security advisory about actively exploited flaws in CPE Series devices, warning that it has no plans to issue fixing patches and urging users to move to actively supported models. V ... Read more
-
Kaspersky
The biggest supply chain attacks in 2024 | Kaspersky official blog
A supply-chain attack can totally thwart all a targeted company’s efforts to protect its infrastructure. Preventing such attacks is extremely difficult because a significant portion of an attack occur ... Read more
-
security.nl
'Kwetsbaarheid in 7-Zip sinds september actief misbruikt bij aanvallen'
Een kwetsbaarheid in de populaire archiveringssoftware 7-Zip is sinds vorig jaar september actief misbruikt bij aanvallen, toen er nog geen beveiligingsupdate beschikbaar was om het probleem te verhel ... Read more
-
BleepingComputer
7-Zip MotW bypass exploited in zero-day attacks against Ukraine
A 7-Zip vulnerability allowing attackers to bypass the Mark of the Web (MotW) Windows security feature was exploited by Russian hackers as a zero-day since September 2024. According to Trend Micro res ... Read more
-
0patch.com
Micropatches Released for Windows Task Scheduler Elevation of Privilege Vulnerability (CVE-2024-49039)
November 2024 Windows updates brought a fix for CVE-2024-49039, a local privilege escalation issue allowing low-integrity code running on the computer to execute arbitrary medium-integrity code as the ... Read more
-
Help Net Security
Russian cybercrooks exploiting 7-Zip zero-day vulnerability (CVE-2025-0411)
CVE-2025-0411, a Mark-of-the-Web bypass vulnerability in the open-source archiver tool 7-Zip that was fixed in November 2024, has been exploited in zero-day attacks to deliver malware to Ukrainian ent ... Read more
-
The Hacker News
Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections
Vulnerability / Cyber Espionage A recently patched security vulnerability in the 7-Zip archiver tool was exploited in the wild to deliver the SmokeLoader malware. The flaw, CVE-2025-0411 (CVSS score: ... Read more
-
cert.pl
Vulnerability in authentik software
CVE ID CVE-2024-11623 Publication date 04 February 2025 Vendor goauthentik Product authentik Vulnerable versions All before 2024.10.4 Vulnerability type (CWE) Improper Neutralization of Input During W ... Read more
-
tripwire.com
Tripwire Patch Priority Index for January 2025
Tripwire's January 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft.First on the list are patches for the Microsoft office platform, including Word, Access, Visi ... Read more
-
security.nl
Google waarschuwt voor actief misbruikt usb-beveiligingslek in Android
Google waarschuwt eigenaren van een Androidtelefoon voor een actief misbruikte kwetsbaarheid in de kernel van het besturingssysteem die via usb is te misbruiken. Updates zijn nu uitgebracht, maar Goog ... Read more