CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
Splunk addresses CVE-2024-53247 in Secure Gateway
A critical vulnerability identified has been discovered in the Splunk Secure Gateway app, affecting various versions of Splunk Enterprise and the Splunk Cloud Platform.The vulnerability tracked as CVE ... Read more
-
The Register
Apache issues patches for critical Struts 2 RCE bug
We now know the remote code execution vulnerability in Apache Struts 2 disclosed back in November carries a near-maximum severity rating following the publication of the CVE. According to the National ... Read more
-
The Hacker News
Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS
Vulnerability / Device Security Details have emerged about a now-patched security vulnerability in Apple's iOS and macOS that, if successfully exploited, could sidestep the Transparency, Consent, and ... Read more
-
The Hacker News
WordPress Hunk Companion Plugin Flaw Exploited to Silently Install Vulnerable Plugins
Website Security / Vulnerability Malicious actors are exploiting a critical vulnerability in the Hunk Companion plugin for WordPress to install other vulnerable plugins that could open the door to a v ... Read more
-
security.nl
Beveiligingslek in macOS maakt remote code execution mogelijk
Een beveiligingslek in macOS maakt het voor een remote aanvaller mogelijk om code op systemen uit te voeren. Apple heeft beveiligingsupdates uitgebracht om het probleem te verhelpen. Apple kwam gister ... Read more
-
TheCyberThrone
Ivanti fixes critical vulnerabilities in CSA
Ivanti has issued critical software updates to address several severe vulnerabilities in its Cloud Services Application (CSA). These vulnerabilities, tracked as CVE-2024-11639, CVE-2024-11772, and CVE ... Read more
-
Cybersecurity News
CVE-2024-53677 (CVSS 9.5): Critical Vulnerability in Apache Struts Allows Remote Code Execution
Developers using the popular Apache Struts framework are urged to update their systems immediately following the discovery of a critical security flaw (CVE-2024-53677, CVSS 9.5) that could allow attac ... Read more
-
Cybersecurity News
PoC Exploit Code Releases Cleo Zero-Day Vulnerability (CVE-2024-50623)
Organizations using Cleo file transfer software are urged to take immediate action as a critical vulnerability, CVE-2024-50623, is being actively exploited in the wild. This zero-day flaw affects Cleo ... Read more
-
Cybersecurity News
BadRAM Vulnerability (CVE-2024-21944): Researchers Uncover Security Flaw in AMD SEV
A collaborative research effort has exposed a significant vulnerability, designated CVE-2024-21944 and named “BadRAM,” that undermines the integrity of AMD’s Secure Encrypted Virtualization (SEV) tech ... Read more
-
Cybersecurity News
Zloader Trojan Employs Novel DNS Tunneling Protocol for Enhanced Evasion
Zloader, the modular Trojan with roots in the infamous Zeus malware, has once again evolved, presenting a new and sophisticated challenge to cybersecurity professionals. ThreatLabz, the security resea ... Read more