CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Japan warns of IO-Data zero-day router flaws exploited in attacks
Japan's CERT is warning that hackers are exploiting zero-day vulnerabilities in I-O Data router devices to modify device settings, execute commands, or even turn off the firewall. The vendor has ackno ... Read more
-
Help Net Security
How widespread is mercenary spyware? More than you think
A targeted hunt on 2,500 mobile devices for indicators of compromise associated with mercenary spyware has revealed that its use is not as rare as one would hope. The results of the hunt Earlier this ... Read more
-
security.nl
Lorex wifi-beveiligingscamera's via kritiek lek op afstand over te nemen
Verschillende modellen indoor wifi-beveiligingscamera's van fabrikant Lorex zijn via een kritieke kwetsbaarheid op afstand over te nemen. De fabrikant heeft firmware-updates uitgebracht om het problee ... Read more
-
TheCyberThrone
Google Patches CVE-2024-12053 in Chrome
Google has released patches for a high severity vulnerability in its popular Chrome web browser residing within the V8 JavaScript engine and allow attackers to execute arbitrary code on users’ system ... Read more
-
Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News
Cisco Urges Immediate Patch for Decade-Old WebVPN Vulnerability
SUMMARY: Critical Patch Alert: Cisco ASA users must urgently address a 10-year-old WebVPN vulnerability (CVE-2014-2120) that attackers are now actively exploiting. XSS Risk Identified: The flaw allows ... Read more
-
Help Net Security
PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785)
Researchers have published a proof-of-concept (PoC) exploit for CVE-2024-8785, a critical remote code execution vulnerability affecting Progress WhatsUp Gold, a popular network monitoring solution for ... Read more
-
cert.pl
Vulnerability in Infinix Mobile devices
CVE ID CVE-2024-10576 Publication date 04 December 2024 Vendor Infinix Mobile Product com.transsion.agingfunction Vulnerable versions 13 Vulnerability type (CWE) Improper Verification of Intent by Bro ... Read more
-
security.nl
VS meldt actief misbruik van path traversal-lek in Zyxel-firewalls
Aanvallers maken actief misbruik van een path traversal-lek in firewalls van fabrikant Zyxel, zo waarschuwt het Cybersecurity and Infrastructure Security Agency (CISA) van het Amerikaanse ministerie v ... Read more
-
tripwire.com
Tripwire Patch Priority Index for November 2024
Tripwire's November 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Google Chromium.First on the list are patches for Microsoft Edge, Excel, and Word that r ... Read more
-
The Hacker News
Researchers Uncover Backdoor in Solana's Popular Web3.js npm Library
Cybersecurity researchers are alerting to a software supply chain attack targeting the popular @solana/web3.js npm library that involved pushing two malicious versions capable of harvesting users' pri ... Read more