CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
seclists.org
APPLE-SA-12-11-2024-1 iOS 18.2 and iPadOS 18.2
Full Disclosure mailing list archives From: Apple Product Security via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 11 Dec 2024 16:32:37 -0700 -----BEGIN PGP SIGNED MESSAGE----- Hash: SH ... Read more
-
seclists.org
SEC Consult SA-20241211-0 :: Reflected Cross-Site Scripting in Numerix License Server Administration System Login
Full Disclosure mailing list archives From: SEC Consult Vulnerability Lab via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 11 Dec 2024 11:39:55 +0000 SEC Consult Vulnerability Lab Securi ... Read more
-
seclists.org
St. Poelten UAS | Multiple Vulnerabilities in ORing IAP
Full Disclosure mailing list archives St. Poelten UAS | Multiple Vulnerabilities in ORing IAP From: Thomas Weber | CyberDanube via Fulldisclosure <fulldisclosure () seclists org> Date: Tue, 10 Dec 202 ... Read more
-
Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News
US Sanctions Chinese Cybersecurity Firm for Firewall Exploit, Ransomware Attacks
SUMMARY Sanctions on Chinese Firm: The US sanctioned Sichuan Silence Information Technology and employee Guan Tianfeng for exploiting a firewall vulnerability in a major global cyberattack. Global Imp ... Read more
-
BleepingComputer
Cleo patches critical zero-day exploited in data theft attacks
Cleo has released security updates for a zero-day flaw in its LexiCom, VLTransfer, and Harmony software, currently exploited in data theft attacks. In October, the company patched a pre-auth remote co ... Read more
-
Help Net Security
Cleo patches zero-day exploited by ransomware gang
Cleo has released a security patch to address the critical vulnerability that started getting exploited while still a zero-day to breach internet-facing Cleo Harmony, VLTrader, and LexiCom instances. ... Read more
-
TheCyberThrone
Splunk addresses CVE-2024-53247 in Secure Gateway
A critical vulnerability identified has been discovered in the Splunk Secure Gateway app, affecting various versions of Splunk Enterprise and the Splunk Cloud Platform.The vulnerability tracked as CVE ... Read more
-
The Register
Apache issues patches for critical Struts 2 RCE bug
We now know the remote code execution vulnerability in Apache Struts 2 disclosed back in November carries a near-maximum severity rating following the publication of the CVE. According to the National ... Read more
-
The Hacker News
Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS
Vulnerability / Device Security Details have emerged about a now-patched security vulnerability in Apple's iOS and macOS that, if successfully exploited, could sidestep the Transparency, Consent, and ... Read more
-
The Hacker News
WordPress Hunk Companion Plugin Flaw Exploited to Silently Install Vulnerable Plugins
Website Security / Vulnerability Malicious actors are exploiting a critical vulnerability in the Hunk Companion plugin for WordPress to install other vulnerable plugins that could open the door to a v ... Read more