CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign
Network Security / IoT Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidenc ... Read more
-
seclists.org
[KIS-2024-07] GFI Kerio Control <= 9.4.5 Multiple HTTP Response Splitting Vulnerabilities
Full Disclosure mailing list archives From: Egidio Romano <n0b0d13s () gmail com> Date: Mon, 16 Dec 2024 19:27:17 +0100 --------------------------------------------------------------------------- GFI ... Read more
-
TheCyberThrone
Clop ransomware exploits Cleo Vulnerability in its attacks
The Clop ransomware gang has recently claimed responsibility for a series of sophisticated data theft attacks targeting Cleo, a prominent provider of managed file transfer software. These attacks expl ... Read more
-
Cybersecurity News
CVE-2024-49112 (CVSS 9.8): Critical Windows LDAP Flaw Puts Networks at Risk of Remote Takeover
Microsoft has disclosed a critical Remote Code Execution (RCE) vulnerability in its Lightweight Directory Access Protocol (LDAP) service, tracked as CVE-2024-49112. Released as part of the company’s D ... Read more
-
Cybersecurity News
Hackers exploit critical Apache Struts RCE flaw (CVE-2024-53677) after PoC exploit release
Threat actors have begun exploiting a critical vulnerability in the Apache Struts framework, CVE-2024-53677, just days after a proof-of-concept (PoC) exploit was published online. Rated 9.5 on the CVS ... Read more
-
Cybersecurity News
CVE-2024-55661: RCE Vulnerability Discovered in Laravel Pulse Monitoring Tool
A serious security flaw has been discovered in Laravel Pulse, a popular real-time application performance monitoring and dashboard tool for Laravel applications. Tracked as CVE-2024-55661, this vulner ... Read more
-
Cybersecurity News
Critical Windows and Adobe ColdFusion Vulnerabilities Actively Exploited in the Wild, PoC Exploit Published
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about two critical vulnerabilities being actively exploited by malicious actors. These flaws, impacting bo ... Read more
-
Cybersecurity News
CVE-2024-55875 (CVSS 9.8): Critical XXE Vulnerability Found in http4k Toolkit
A critical XML External Entity (XXE) Injection vulnerability, identified as CVE-2024-55875, has been discovered in the http4k toolkit, a lightweight HTTP framework written in Kotlin. With a CVSS score ... Read more
-
Cybersecurity News
Voice Phishing on Microsoft Teams Facilitates DarkGate Malware Attack
Trend Micro has revealed a new vector for cyberattacks: voice phishing (vishing) conducted via Microsoft Teams. This tactic was recently employed to distribute DarkGate malware, a sophisticated threat ... Read more
-
The Register
Ransomware scum blow holes in Cleo software patches, Cl0p (sort of) claims responsibility
Supply chain integration vendor Cleo has urged its customers to upgrade three of its products after an October security update was circumvented, leading to widespread ransomware attacks that Russia-li ... Read more