CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
Google Chrome Patches High-Severity Vulnerabilities – CVE-2024-12381 & CVE-2024-12382
Google has announced its Chrome browser’s latest stable channel update, addressing several security vulnerabilities, including two classified as “High” severity. The update, rolling out progressively ... Read more
-
TheCyberThrone
Microsoft Patch Tuesday December 2024
Microsoft addresses 70 CVEs with 16 rated critical, including one zero-day that was exploited in the wild as part of this month patch Tuesday.The number of bugs in each vulnerability category is liste ... Read more
-
The Cyber Express
Head Mare Targets Russian Orgs with Hidden LNK Files, Ransomware
Cyble researchers have detected a new campaign targeting Russia by the hacktivist group Head Mare that uses a disguised LNK file to hide an executable. The campaign is also noteworthy for its ability ... Read more
-
huntress.com
Cleo Malichus Malware Analysis CVE-2024-55956| Huntress
Summary - CVE-2024-55956Huntress previously reported on malicious activity from the exploitation of a 0-day vulnerability in Cleo software. The malware being delivered through this exploitation has no ... Read more
-
Dark Reading
Actively Exploited Zero-Day, Critical RCEs Lead Microsoft Patch Tuesday
Source: Zoonar GmbH via Alamy Stock PhotoA Windows zero-day security vulnerability under active exploit leads Microsoft's December 2024 Patch Tuesday security update, which hardly constitutes a sleigh ... Read more
-
Dark Reading
'Termite' Ransomware Likely Behind Cleo Zero-Day Attacks
Source: znakki via ShutteratockRansomware group "Termite" — which recently claimed supply chain vendor Blue Yonder as a victim — may be behind widespread exploit activity targeting a previously fixed ... Read more
-
Help Net Security
Microsoft fixes exploited zero-day (CVE-2024-49138)
On December 2024 Patch Tuesday, Microsoft resolved 71 vulnerabilities in a variety of its products, including a zero-day (CVE-2024-49138) that’s been exploited by attackers in the wild to execute code ... Read more
-
The Register
Microsoft holds last Patch Tuesday of the year with 72 gifts for admins
Patch Tuesday Microsoft hasn't added too much coal to the stocking this Patch Tuesday, with just 72 fixes, only one of which scored more than nine on the CVSS threat ranking scale. Of more immediate c ... Read more
-
tripwire.com
VERT Threat Alert: December 2024 Patch Tuesday Analysis
Today’s VERT Alert addresses Microsoft’s December 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1136 as soon as coverage is completed.I ... Read more
-
BleepingComputer
WPForms bug allows Stripe refunds on millions of WordPress sites
A vulnerability in WPForms, a WordPress plugin used in over 6 million websites, could allow subscriber-level users to issue arbitrary Stripe refunds or cancel subscriptions. Tracked under CVE-2024-112 ... Read more