CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
Patched But Still Vulnerable: Windows BitLocker Encryption Bypassed Again
A revelation emerged from the Chaos Communication Congress (CCC) last week, shaking the foundations of Windows’ trusted BitLocker encryption. Security researcher Thomas Lambertz, in his presentation “ ... Read more
-
Cybersecurity News
CVE-2024-12912 & CVE-2024-13062: ASUS Routers at Risk
ASUS has issued a security advisory warning users of critical vulnerabilities affecting several router models. Two flaws, tracked as CVE-2024-12912 and CVE-2024-13062, could allow attackers to execute ... Read more
-
Dark Reading
Unpatched Active Directory Flaw Can Crash Any Microsoft Server
Source: Andriy Popov via Alamy Stock PhotoOne of two critical Active Directory Domain Controller vulnerabilities patched by Microsoft last month goes beyond the original denial-of-service (DoS) attack ... Read more
-
InfoSec Write-ups
HTB | Sea — CVE-2023–41425
This is a Linux box. You can find it here.You can watch the video walkthrough hereSkill LearnedCVE-2023–41425Port ForwardingUnauthenticated Information leak & command InjectionNMAPIP:10.10.11.28nmap - ... Read more
-
TheCyberThrone
CVE-2024-12108: Progress WhatsUp Gold Vulnerability
CVE-2024-12108 with a CVSS score of 9.6 is a critical security vulnerability affecting WhatsUp Gold, a network monitoring software developed by Progress Software Corporation.Affected VersionsThe vulne ... Read more
-
TheCyberThrone
CVE-2024-49112 POC Code Released
The CVE-2024-49112 vulnerability, identified as LDAPNightmare, has seen the release of a Proof-of-Concept (PoC) code by SafeBreach Labs. This particular security flaw is critical as it affects the Win ... Read more
-
cert.pl
Vulnerability in Kentico CMS software
CVE ID CVE-2024-12907 Publication date 02 January 2025 Vendor Kentico Product Kentico CMS Vulnerable versions 7 Vulnerability type (CWE) Improper Neutralization of Input During Web Page Generation (XS ... Read more
-
Cybersecurity News
Starlink V3 Satellites Promise Blazing Fast Internet Speeds
Starlink recently announced on its official X account that it will soon launch the V3 satellites, which are expected to significantly enhance its satellite internet service by increasing bandwidth and ... Read more
-
cert.pl
Vulnerabilities in CTFd software
CVE ID CVE-2024-11716 Publication date 02 January 2025 Vendor CTFd Product CTFd Vulnerable versions From 3.7.0 through 3.7.4 Vulnerability type (CWE) Improper Enforcement of a Single, Unique Action (C ... Read more
-
The Cyber Express
CERT-In Alerts WordPress Users to Critical WPForms Plugin Vulnerability
As the world welcomed the New Year, cybersecurity experts had little reason to celebrate. On January 1, 2025, the Indian Computer Emergency Response Team (CERT-In) issued a high-severity alert about a ... Read more