CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
security.nl
Kritiek beveiligingslek in Microsoft Accounts kon aanvaller meer rechten geven
Microsoft heeft een kritieke kwetsbaarheid in Microsoft Accounts verholpen waardoor een ongeautoriseerde aanvaller 'over een netwerk' zijn rechten kon verhogen. Via een Microsoft Account kan er toegan ... Read more
-
The Hacker News
Unpatched PHP Voyager Flaws Leave Servers Open to One-Click RCE Exploits
Web Security / Vulnerability Three security flaws have been disclosed in the open-source PHP package Voyager that could be exploited by an attacker to achieve one-click remote code execution on affect ... Read more
-
The Hacker News
New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks
Vulnerability / IoT Security A Mirai botnet variant dubbed Aquabot has been observed actively attempting to exploit a medium-severity security flaw impacting Mitel phones in order to ensnare them into ... Read more
-
Help Net Security
89% of AI-powered APIs rely on insecure authentication mechanisms
APIs have emerged as the predominant attack surface over the past year, with AI being the biggest driver of API security risks, according to Wallarm. “Based on our findings, what is clear is that API ... Read more
-
CrowdStrike.com
January 2025 Patch Tuesday: 10 Critical Vulnerabilities and Eight Zero-Days Among 159 CVEs
Microsoft has released security updates for 159 vulnerabilities in its January 2025 Patch Tuesday rollout. Among these are 10 Critical vulnerabilities and eight zero-days affecting the Windows Hyper-V ... Read more
-
CrowdStrike.com
January 2025 Patch Tuesday: 10 Critical Vulnerabilities and Eight Zero-Days Among 159 CVEs
Microsoft has released security updates for 159 vulnerabilities in its January 2025 Patch Tuesday rollout. Among these are 10 Critical vulnerabilities and eight zero-days affecting the Windows Hyper-V ... Read more
-
The Register
Wacom says crooks probably swiped customer credit cards from its online checkout
Graphics tablet maker Wacom has warned customers their credit card details may well have been stolen by miscreants while they were buying stuff from its website. We're told people's payment informatio ... Read more
-
TheCyberThrone
CISA adds Apple vulnerability CVE-2025-24085 to KEV Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.CVE-2025-24085 Apple Multiple Products Use-After-Free VulnerabilityCVE-202 ... Read more
-
seclists.org
Quorum onQ OS - 6.0.0.5.2064 | Reflected Cross Site Scripting (XSS) | CVE-2024-44449
Full Disclosure mailing list archives From: Shaikh Shahnawaz <sshahnawaz99910 () gmail com> Date: Tue, 28 Jan 2025 13:43:53 +0400 [+] Credits: Shahnawaz Shaikh, Security Researcher at Cybergate Defens ... Read more
-
BleepingComputer
New Aquabotv3 botnet malware targets Mitel command injection flaw
A new variant of the Mirai-based botnet malware Aquabot has been observed actively exploiting CVE-2024-41710, a command injection vulnerability in Mitel SIP phones. The activity was discovered by Akam ... Read more