CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
CVE-2024-53552 (CVSS 9.8): CrushFTP Flaw Exposes Users to Account Takeover
CrushFTP, a popular file transfer server known for its robust features and user-friendly interface, has issued an urgent security advisory regarding a critical vulnerability that could lead to account ... Read more
-
Cybersecurity News
PoC Exploit Emerges for Adobe ColdFusion CVE-2024-53961—Apply Security Updates Now
Adobe has released urgent security updates to address a critical vulnerability in ColdFusion versions 2023 and 2021. This vulnerability, identified as CVE-2024-53961, could allow attackers to read arb ... Read more
-
Cybersecurity News
WikiKit Phishing Kit Targets Major Industries with Evasive Techniques
TRAC Labs recently unveiled a new phishing kit, named WikiKit, which is targeting industries across automotive, manufacturing, medical, and more. This sophisticated attack employs unique techniques to ... Read more
-
Cybersecurity News
CVE-2021-44207: Vulnerability in Acclaim USAHERDS Actively Exploited, CISA Warns
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has raised the alarm on a critical security flaw impacting the Acclaim USAHERDS web application. This vulnerability, officially tracked ... Read more
-
Cybersecurity News
Cybercriminals Exploit Cracked Acunetix Scanner for Malicious Attacks
Cybercriminals are increasingly weaponizing cracked versions of legitimate vulnerability scanning tools, like the Araneida Scanner, for malicious activities, according to Silent Push Threat Analysts. ... Read more
-
BleepingComputer
Adobe warns of critical ColdFusion bug with PoC exploit code
Adobe has released out-of-band security updates to address a critical ColdFusion vulnerability with proof-of-concept (PoC) exploit code. In an advisory released on Monday, the company says the flaw (t ... Read more
-
BleepingComputer
Premium WPLMS WordPress plugins address seven critical flaws
Two WordPress plugins required by the premium WordPress WPLMS theme, which has over 28,000 sales, are vulnerable to more than a dozen critical severity vulnerabilities. The bugs could enable a remote, ... Read more
-
TheCyberThrone
CISA adds Acclaim Flaw CVE-2021-44207 to KEV Catalog
The US CISA has added new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitationCVE-2021-44207: Acclaim Systems USAHERDS Use of Hard-Coded Credentials V ... Read more
-
security.nl
Kritiek lek in Apache Tomcat maakt remote code execution mogelijk
Een kritieke kwetsbaarheid in Apache Tomcat maakt remote code execution mogelijk. De Apache Foundation kwam vorige week met een beveiligingsupdate, maar die bleek het probleem niet volledig te verhelp ... Read more
-
TheCyberThrone
Zeroday Vulnerabilities Prevailed in 2024 Analysis-Part I
What is a Zero-Day Vulnerability?A zero-day vulnerability is a security flaw in software or hardware that is unknown to the vendor or developers. The term “zero-day” signifies that the developers have ... Read more