CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
Zeroday Vulnerabilities Prevailed in 2024 Analysis-Part I
What is a Zero-Day Vulnerability?A zero-day vulnerability is a security flaw in software or hardware that is unknown to the vendor or developers. The term “zero-day” signifies that the developers have ... Read more
-
BleepingComputer
Apache fixes remote code execution bypass in Tomcat web server
Apache has released a security update that addresses an important vulnerability in Tomcat web server that could lead to an attacker achieving remote code execution. Apache Tomcat is an open-source web ... Read more
-
The Hacker News
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips
Cybersecurity / Weekly Recap The online world never takes a break, and this week shows why. From ransomware creators being caught to hackers backed by governments trying new tricks, the message is cle ... Read more
-
Kaspersky
Cloud Atlas seen using a new tool in its attacks
Introduction Known since 2014, Cloud Atlas targets Eastern Europe and Central Asia. We’re shedding light on a previously undocumented toolset, which the group used heavily in 2024. Victims get infecte ... Read more
-
The Register
UK ICO not happy with Google's plans to allow device fingerprinting
in brief Google has announced plans to allow its business customers to begin "fingerprinting" users next year, and the UK Information Commissioner's Office (ICO) isn't happy about it. Fingerprinting i ... Read more
-
The Hacker News
U.S. Judge Rules Against NSO Group in WhatsApp Pegasus Spyware Case
Spyware / Mobile Security Meta Platforms-owned WhatsApp scored a major legal victory in its fight against Israeli commercial spyware vendor NSO Group after a federal judge in the U.S. state of Califor ... Read more
-
TheCyberThrone
BeyondTrust SaaS Breach Comprehensive Breakdown
Incident DiscoveryOn December 2, 2024, BeyondTrust identified a significant security breach during a forensics investigation. This discovery set off a series of urgent actions to mitigate the impact a ... Read more
-
Cybersecurity News
CVE-2024-56337: Apache Tomcat Patches Critical RCE Vulnerability
The Apache Software Foundation recently released a critical security update to address a remote code execution (RCE) vulnerability in Apache Tomcat, identified as CVE-2024-56337. This vulnerability af ... Read more
-
Cybersecurity News
CVE-2024-56145 (CVSS 9.3): Remote Code Execution Vulnerability in Craft CMS, PoC Published
Security researchers at Assetnote have disclosed a critical vulnerability (CVE-2024-56145) in Craft CMS, a widely-used PHP-based content management system. This flaw, assigned a CVSS score of 9.3, ena ... Read more
-
Cybersecurity News
DigiEver DVR Vulnerability Under Attack by Hail Cock Botnet
Akamai Security Intelligence Research Team (SIRT) has uncovered a vulnerability in DigiEver DS-2105 Pro DVRs is being actively exploited by the Hail Cock botnet, a Mirai variant enhanced with modern e ... Read more