CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Dark Reading
Microsoft NTLM Zero-Day to Remain Unpatched Until April
Source: QINQIE99 via ShutterstockMicrosoft has released fresh guidance to organizations on how to mitigate NTLM relay attacks by default, days after researchers reported finding a NTLM hash disclosure ... Read more
-
BleepingComputer
OpenWrt Sysupgrade flaw let hackers push malicious firmware images
A flaw in OpenWrt's Attended Sysupgrade feature used to build custom, on-demand firmware images could have allowed for the distribution of malicious firmware packages. OpenWrt is a highly customizable ... Read more
-
Help Net Security
Update your OpenWrt router! Security issue made supply chain attack possible
A security issue that could have allowed attackers to serve malicious firmware images to users has been fixed by OpenWrt Project, the organization that helms the development of the popular Linux distr ... Read more
-
The Register
OpenWrt orders router firmware updates after supply chain attack scare
OpenWrt users should upgrade their images to the same version to protect themselves from a possible supply chain attack reported to the open source Wi-Fi router project last week. Paul Spooren, develo ... Read more
-
The Hacker News
⚡ THN Recap: Top Cybersecurity Threats, Tools and Tips (Dec 2 - 8)
Cyber Threats / Weekly Recap This week's cyber world is like a big spy movie. Hackers are breaking into other hackers' setups, sneaky malware is hiding in popular software, and AI-powered scams are tr ... Read more
-
TheCyberThrone
Exploit Code Released for Microsoft CVE-2024-38193
A critical use-after-free vulnerability, tracked as CVE-2024-38193 with a CVSS score of 7.8, has been discovered in the afd.sys Windows driver that allows attackers to escalate privileges and execute ... Read more
-
security.nl
OpenWrt Sysupgrade Server kon door lek malafide images verspreiden
Een kwetsbaarheid in de OpenWrt Sysupgrade Server maakte het mogelijk om malafide images onder gebruikers te verspreiden die dan op hun router zou worden geïnstalleerd. Het beveiligingslek is inmiddel ... Read more
-
Kaspersky
Story of the Year: global IT outages and supply chain attacks
A faulty update by cybersecurity firm CrowdStrike triggered one of the largest IT outages in history, impacting approximately 8.5 million systems worldwide. This incident serves as a stark reminder of ... Read more
-
The Cyber Express
CERT-In Reports Security Flaw in Tinxy App: Upgrade Now to Stay Safe
The Indian Computer Emergency Response Team (CERT-In), the national nodal agency for responding to cybersecurity threats, has issued a vulnerability note (CIVN-2024-0355) highlighting an information d ... Read more
-
Cybersecurity News
CVE-2024-55579 & CVE-2024-55580: Qlik Sense Users Face Serious Security Risk
Qlik, a leading provider of business intelligence and data analytics platforms, has disclosed two vulnerabilities affecting Qlik Sense Enterprise for Windows. These vulnerabilities, identified as CVE- ... Read more