CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Google: Chinese hackers likely behind Ivanti VPN zero-day attacks
Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN appliances new malware called ‘Dryhook’ and ‘Phasejam’ that is not current ... Read more
-
The Register
Zero-day exploits plague Ivanti Connect Secure appliances for second year running
The cybersecurity industry is urging those in charge of defending their orgs to take mitigation efforts "seriously" as Ivanti battles two dangerous new vulnerabilities, one of which was already being ... Read more
-
security.nl
'Aanvallers maken actief misbruik van lek in GFI KerioControl firewall'
Aanvallers maken actief misbruik van een kwetsbaarheid in de GFI KerioControl firewall, zo meldt securitybedrijf Censys op basis van data van securitybedrijf GreyNoise. De CRLF-kwetsbaarheid maakt cro ... Read more
-
The Register
Security pros baited with fake Windows LDAP exploit traps
Security researchers are once again being lured into traps by attackers, this time with fake exploits of serious Microsoft security flaws. Trend Micro spotted what appears to be a fork of the legitima ... Read more
-
Help Net Security
Ivanti Connect Secure zero-day exploited since mid-December (CVE-2025-0282)
The zero-day attacks leveraging the Ivanti Connect Secure (ICS) vulnerability (CVE-2025-0282) made public on Wednesday were first spotted in mid-December 2024, Mandiant researchers have shared. It’s s ... Read more
-
security.nl
Mandiant: Ivanti VPN-lek sinds halverwege december misbruikt bij aanvallen
Een kwetsbaarheid in Ivanti Connect Secure die het mogelijk maakt om vpn-servers op afstand over te nemen en waarvoor gisterenavond een beveiligingsupdate verscheen is sinds halverwege december misbru ... Read more
-
InfoSec Write-ups
SOC239 — Remote Code Execution Detected in Splunk Enterprise
In this writeup, I will investigate one of the alerts on Letsdefend, “SOC239 — Remote Code Execution Detected in Splunk Enterprise”This alert is about CVE-2023–46214. The vulnerability is caused by Sp ... Read more
-
“SOC227 — Microsoft SharePoint Server Elevation of Privilege — Possible CVE-2023–29357…
In this writeup, I will investigate one of the alerts on Letsdefend, “SOC227 — Microsoft SharePoint Server Elevation of Privilege — Possible CVE-2023–29357 Exploitation”.The CVE-2023–29357 vulnerabili ... Read more
-
SOC235 — Atlassian Confluence Broken Access Control 0-Day CVE-2023-22515
In this writeup, I will investigate one of the alerts on Letsdefend, “SOC235 — Atlassian Confluence Broken Access Control 0-Day CVE-2023–22515”The CVE-2023–22515 affects certain versions of Atlassian ... Read more
-
security.nl
Lek in firewall-migratietool Palo Alto Networks geeft toegang tot wachtwoorden
Kwetsbaarheden in de firewall-migratietool van Palo Alto Networks maken het mogelijk voor aanvallers om wachtwoorden en andere gevoelige data te stelen. Vorig jaar werden drie soortgelijke kwetsbaarhe ... Read more