CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
CISA orders agencies to patch BeyondTrust bug exploited in attacks
CISA has tagged a command injection vulnerability (CVE-2024-12686) in BeyondTrust's Privileged Remote Access (PRA) and Remote Support (RS) as actively exploited in attacks. As mandated by the Binding ... Read more
-
Dark Reading
Cloud Attackers Exploit Max-Critical Aviatrix RCE Flaw
Source: Everett Collection Historical via Alamy Stock PhotoMultiple threat actors are actively targeting a recently disclosed maximum-severity security bug in the Aviatrix Controller centralized manag ... Read more
-
Help Net Security
UK domain registry Nominet breached via Ivanti zero-day
The number of internet-facing Ivanti Connect Secure instances vulnerable to attack via CVE-2025-0282 has fallen from 2,048 to 800 in the last four days, the Shadowserver Foundation shared today. In th ... Read more
-
Kaspersky
Trusted-relationship cyberattacks and their prevention
supply chain Attacks on companies via their suppliers and contractors are becoming increasingly widespread. How can you manage this risk? January 13, 2025 The old saying, “A chain is only as strong as ... Read more
-
BleepingComputer
Microsoft: macOS bug lets hackers install malicious kernel drivers
Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. System I ... Read more
-
BleepingComputer
Hackers exploit critical Aviatrix Controller RCE flaw in attacks
Threat actors are exploiting a critical remote command execution vulnerability, tracked as CVE-2024-50603, in Aviatrix Controller instances to install backdoors and crypto miners. The Aviatrix Control ... Read more
-
BleepingComputer
UK domain registry Nominet confirms breach via Ivanti zero-day
Nominet, the official .UK domain registry and one of the largest country code registries, has confirmed that its network was breached two weeks ago using an Ivanti VPN zero-day vulnerability. The comp ... Read more
-
The Hacker News
Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners
Vulnerability / Cloud Security A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoor ... Read more
-
security.nl
Britse registry Nominet aangevallen via beveiligingslek in Ivanti vpn-software
De Britse registry Nominet is aangevallen via een kwetsbaarheid in de vpn-software van Ivanti, zo heeft de organisatie die de .uk-domeinnamen beheert zelf bekendgemaakt. In een e-mail aan klanten laat ... Read more
-
The Hacker News
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]
The cyber world’s been buzzing this week, and it’s all about staying ahead of the bad guys. From sneaky software bugs to advanced hacking tricks, the risks are real, but so are the ways to protect you ... Read more