CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
seclists.org
SEC Consult SA-20241125-0 :: Unlocked JTAG interface and buffer overflow in Siemens SM-2558 Protocol Element, Siemens CP-2016 & CP-2019
Full Disclosure mailing list archives From: SEC Consult Vulnerability Lab via Fulldisclosure <fulldisclosure () seclists org> Date: Mon, 25 Nov 2024 08:32:17 +0000 SEC Consult Vulnerability Lab Securi ... Read more
-
seclists.org
Re: Local Privilege Escalations in needrestart
Qualys Security Advisory LPEs in needrestart (CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003) ====================================================================== ... Read more
-
Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News
Russian Hackers Exploit Firefox and Windows 0-Days to Deploy Backdoor
SUMMARY RomCom Exploits Double Zero-Day: RomCom, a Russia-linked group used previously unknown vulnerabilities in Firefox and Windows in a sophisticated attack campaign. Attack Chain: Visiting a malic ... Read more
-
The Hacker News
Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers
Vulnerability / Software Security A critical security flaw impacting the ProjectSend open-source file-sharing application has likely come under active exploitation in the wild, according to findings f ... Read more
-
Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News
AmberWolf Launches NachoVPN Tool to Tackle VPN Security Risks
Researchers reveal major vulnerabilities in popular corporate VPN clients, allowing remote attacks. Discover the NachoVPN tool and expert advisories to mitigate these critical security risks. In a rec ... Read more
-
Dark Reading
Russian Script Kiddie Assembles Massive DDoS Botnet
Source: Kundra via ShutterstockA Russian script kiddie using little more than publicly available malware tools and exploits targeting weak credentials and configurations has assembled a distributed de ... Read more
-
TheCyberThrone
QNAP fixes Vulnerabilities in QuRouter and Note Station 3
QNAP has addressed multiple vulnerabilities in several NAS devices include Photo Station, AI Core, QuLog Center, Media Streaming Add-on, QTS and QuTS hero.The two command injection vulnerabilities in ... Read more
-
TheCyberThrone
Gitlab fixes multiple vulnerabilities including CVE-2024-8114
GitLab has released patches to address multiple vulnerabilities affecting its Community Edition (CE) and Enterprise Edition (EE) products. Versions 17.6.1, 17.5.3, and 17.4.5 could allow privilege esc ... Read more
-
The Hacker News
APT-C-60 Exploits WPS Office Vulnerability to Deploy SpyGlace Backdoor
Malware / Cyber Espionage The threat actor known as APT-C-60 has been linked to a cyber attack targeting an unnamed organization in Japan that used a job application-themed lure to deliver the SpyGlac ... Read more
-
The Cyber Express
Hackers Exploit Firefox and Windows Flaws: RomCom’s Advanced Attack Unveiled
A Russia-aligned hacking group, known as RomCom (also identified as Storm-0978, Tropical Scorpius, or UNC2596), has successfully exploited two zero-day vulnerabilities—one in Mozilla Firefox and anoth ... Read more