CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Fully patched Cleo products under renewed 'zero-day-ish' mass attack
Researchers at security shop Huntress are seeing mass exploitation of a vulnerability affecting three Cleo file management products, even on patched systems. Cleo issued patches for CVE-2024-50623, an ... Read more
-
Help Net Security
Attackers actively exploiting flaw(s) in Cleo file transfer software (CVE-2024-50623)
Attackers are exploiting a vulnerability (CVE-2024-50623) in file transfer software by Cleo – LexiCo, VLTransfer, and Harmony – to gain access to organizations’ systems, Huntress researchers warned on ... Read more
-
security.nl
Grootschalig misbruik van kritiek lek in Cleo file transfer software gemeld
dinsdag 10 december 2024, 13:44 door Redactie, 2 reactiesLaatst bijgewerkt: 10-12-2024, 15:31 Aanvallers maken op grote schaal misbruik van een kritieke kwetsbaarheid in de file transfer software van ... Read more
-
TheCyberThrone
WordPress WPForms flaw CVE-2024-11205
A critical vulnerability has been discovered in WordPress plugin WPForms. The flaw allows authenticated attackers with subscriber-level privileges or higher to execute unauthorized refunds of Stripe p ... Read more
-
The Cyber Express
Is Your QNAP NAS Secure? Critical Patches Released for Major Vulnerabilities
QNAP NAS systems, widely regarded for their reliability in personal and enterprise data storage, have recently come under scrutiny due to multiple critical vulnerabilities. These QNAP NAS vulnerabilit ... Read more
-
The Cyber Express
CVE-2024-11205: WPForms Plugin Vulnerability Exposes 6 Million WordPress Sites to Financial Risk
A critical vulnerability, identified as CVE-2024-11205, was discovered in the WPForms plugin, a popular WordPress form builder used by over 6 million active websites. This vulnerability, which has bee ... Read more
-
Cybersecurity News
CVE-2024-47578 (CVSS 9.1): SAP Issues Critical Patch for NetWeaver AS for JAVA
SAP’s latest Security Patch Day, released today, detailed 10 new Security Notes alongside updates to three previously released notes. Among the newly disclosed vulnerabilities, multiple critical and h ... Read more
-
Cybersecurity News
CVE-2024-50623: Critical Vulnerability in Cleo Software Actively Exploited in the Wild
Huntress Labs has raised the alarm over the active exploitation of a critical vulnerability (CVE-2024-50623) in Cleo’s Harmony, VLTrader, and LexiCom software, commonly used for managing file transfer ... Read more
-
Cybersecurity News
CVE-2024-54143: Critical Vulnerability in OpenWrt’s Attended SysUpgrade Server Allows for Firmware Poisoning
OpenWrt, a popular open-source operating system for embedded devices, has disclosed a critical vulnerability (CVE-2024-54143) that could allow attackers to compromise the integrity of firmware updates ... Read more
-
Cybersecurity News
CVE-2024-11205: WPForms Plugin Vulnerability Impacts 6 Million WordPress Sites
A critical vulnerability (CVE-2024-11205) discovered in WPForms, a prevalent WordPress form builder plugin with over 6 million active installations, exposed websites to significant financial risk. The ... Read more