CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
seclists.org
Quorum onQ OS - 6.0.0.5.2064 | Reflected Cross Site Scripting (XSS) | CVE-2024-44449
Full Disclosure mailing list archives From: Shaikh Shahnawaz <sshahnawaz99910 () gmail com> Date: Tue, 28 Jan 2025 13:43:53 +0400 [+] Credits: Shahnawaz Shaikh, Security Researcher at Cybergate Defens ... Read more
-
BleepingComputer
New Aquabotv3 botnet malware targets Mitel command injection flaw
A new variant of the Mirai-based botnet malware Aquabot has been observed actively exploiting CVE-2024-41710, a command injection vulnerability in Mitel SIP phones. The activity was discovered by Akam ... Read more
-
CrowdStrike.com
January 2025 Patch Tuesday: 10 Critical Vulnerabilities and Eight Zero-Days Among 159 CVEs
Microsoft has released security updates for 159 vulnerabilities in its January 2025 Patch Tuesday rollout. Among these are 10 Critical vulnerabilities and eight zero-days affecting the Windows Hyper-V ... Read more
-
Dark Reading
PrintNightmare Aftermath: Windows Print Spooler is Better. What's Next?
Source: Mashka via ShutterstockThe 2021 PrintNightmare vulnerability exposed multiple deep-rooted security flaws in Microsoft's Print Spooler service, a core Windows component. The flaws, which had pe ... Read more
-
CrowdStrike.com
January 2025 Patch Tuesday: 10 Critical Vulnerabilities and Eight Zero-Days Among 159 CVEs
Microsoft has released security updates for 159 vulnerabilities in its January 2025 Patch Tuesday rollout. Among these are 10 Critical vulnerabilities and eight zero-days affecting the Windows Hyper-V ... Read more
-
Dark Reading
Unpatched Zyxel CPE Zero-Day Pummeled by Cyberattackers
Source: Timon Schneider via Alamy Stock PhotoNEWS BRIEFA command-injection vulnerability in Zyxel CPE Series devices is being targeted by threat actors, and there's no patch available.The bug, tracked ... Read more
-
BleepingComputer
Laravel admin package Voyager vulnerable to one-click RCE flaw
Three vulnerabilities discovered in the open-source PHP package Voyager for managing Laravel applications could be used for remote code execution attacks. The issues remain unfixed and can be exploite ... Read more
-
CrowdStrike.com
January 2025 Patch Tuesday: 10 Critical Vulnerabilities and Eight Zero-Days Among 159 CVEs
Microsoft has released security updates for 159 vulnerabilities in its January 2025 Patch Tuesday rollout. Among these are 10 Critical vulnerabilities and eight zero-days affecting the Windows Hyper-V ... Read more
-
Dark Reading
Mirai Variant ‘Aquabot’ Exploits Mitel Device Flaws
Source: Kirill Ivanov via Alamy Stock PhotoYet another Mirai botnet variant is making the rounds, this time offering distributed denial-of-service (DDoS) as-a-service by exploiting flaws in Mitel SIP ... Read more
-
security.nl
'Zyxel CPE-apparaten bevatten actief misbruikt beveiligingslek'
Vijftienhonderd Zyxel CPE (customer-provided equipment) apparaten die vanaf het internet toegankelijk bevatten een actief misbruikt beveiligingslek en een update is niet beschikbaar. Dat laat security ... Read more