CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws
Today is Microsoft's January 2025 Patch Tuesday, which includes security updates for 159 flaws, including eight zero-day vulnerabilities, with three actively exploited in attacks.This Patch Tuesday al ... Read more
-
Zero Day Initiative
The January 2025 Security Update Review
CVE Title Severity CVSS Public Exploited Type CVE-2025-21333 Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability Important 7.8 No Yes EoP CVE-2025-21334 Windows Hyper-V NT K ... Read more
-
Help Net Security
Fortinet fixes FortiOS zero-day exploited by attackers for months (CVE-2024-55591)
Fortinet has patched an authentication bypass vulnerability (CVE-2024-55591) affecting its FortiOS firewalls and FortiProxy web gateways that has been exploited as a zero-day by attackers to compromis ... Read more
-
The Hacker News
Microsoft Uncovers macOS Vulnerability CVE-2024-44243 Allowing Rootkit Installation
Endpoint Security / Vulnerability Microsoft has shed light on a now-patched security flaw impacting Apple macOS that, if successfully exploited, could have allowed an attacker running as "root" to byp ... Read more
-
security.nl
Fortinet waarschuwt voor actief misbruikt lek in FortiOS en FortiProxy
Fortinet waarschuwt organisaties voor een actief misbruikte kwetsbaarheid in FortiOS en FortiProxy waardoor aanvallers kwetsbare apparaten op afstand kunnen overnemen. Fortinet heeft updates uitgebrac ... Read more
-
BleepingComputer
Fortinet warns of auth bypass zero-day exploited to hijack firewalls
Attackers are exploiting a new authentication bypass zero-day vulnerability in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks. This security flaw (tracked as CVE-20 ... Read more
-
Cybersecurity News
Active Exploitation of CVE-2024-55591 (CVSS 9.6): FortiOS and FortiProxy Under Threat
A critical vulnerability identified as CVE-2024-55591 (CVSS 9.6) is actively being exploited in the wild, posing a severe risk to Fortinet’s FortiOS and FortiProxy products. This authentication bypass ... Read more
-
security.nl
SAP waarschuwt voor twee kritieke kwetsbaarheden in NetWeaver
Het Duitse softwarebedrijf SAP waarschuwt klanten voor twee kritieke kwetsbaarheden in NetWeaver waardoor een aanvaller toegang tot systemen en afgeschermde informatie kan krijgen. Er zijn beveiliging ... Read more
-
TheCyberThrone
CVE-2024-12398 impacts Zyxel Devices
CVE-2024-12398 is a critical vulnerability discovered in the web management interface of certain Zyxel devices. This vulnerability allows an authenticated user with limited privileges to escalate thei ... Read more
-
0patch.com
Micropatches Released for Windows "LDAPNightmare" Denial of Service Vulnerability (CVE-2024-49113)
December 2024 Windows Updates brought a patch for CVE-2024-49113 a.k.a. "LDAPNightmare", a denial of service vulnerability in Windows LDAP client code. The vulnerability allows an attacker to crash th ... Read more