CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries
The China-linked threat actor known as Earth Estries has been observed using a previously undocumented backdoor called GHOSTSPIDER as part of its attacks targeting Southeast Asian telecommunications c ... Read more
-
security.nl
CISA meldt actief misbruik van kritiek lek in Array Networks ssl vpn gateways
Aanvallers maken actief misbruik van een kritieke kwetsbaarheid in de ssl vpn gateways van fabrikant Array Networks, zo meldt het Cybersecurity and Infrastructure Security Agency (CISA) van het Amerik ... Read more
-
Kaspersky
Analysis of Elpaco: a Mimic variant
Introduction In a recent incident response case, we dealt with a variant of the Mimic ransomware with some interesting customization features. The attackers were able to connect via RDP to the victim’ ... Read more
-
Help Net Security
RomCom hackers chained Firefox and Windows zero-days to deliver backdoor
Russia-aligned APT group RomCom was behind attacks that leveraged CVE-2024-9680, a remote code execution flaw in Firefox, and CVE-2024-49039, an elevation of privilege vulnerability in Windows Task Sc ... Read more
-
Kaspersky
Spoofing via CVE-2024-49040 | Kaspersky official blog
email The patch that fixes CVE-2024-49040 in Microsoft Exchange is temporarily unavailable. We’ve implemented heuristics that detect attempts to exploit it. November 26, 2024 Among the vulnerabilities ... Read more
-
Cybersecurity News
Keycloak Patches Multiple Vulnerabilities in Latest Update
Open-source identity and access management platform Keycloak has released important security updates to address multiple vulnerabilities, including risks of denial-of-service attacks, information disc ... Read more
-
security.nl
WordPress-sites kwetsbaar door kritiek beveiligingslek in Anti-Spam-plug-in
Meer dan honderdduizend WordPress-sites zijn kwetsbaar voor aanvallen door kritieke kwetsbaarheden in de plug-in 'Anti-Spam, FireWall by CleanTalk'. Via de kwetsbaarheden (CVE-2024-10542 en CVE-2024-1 ... Read more
-
security.nl
QNAP bestempelt meerdere kritieke kwetsbaarheden als belangrijk
QNAP heeft meerdere kwetsbaarheden die onder de CVSS-beoordeling als kritiek zijn aangemerkt zelf als 'belangrijk' bestempeld. De NAS- en routerfabrikant kwam dit weekend met beveiligingsupdates voor ... Read more
-
The Hacker News
CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks
Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched critical security flaw impacting Array Networks AG and vxAG secure acces ... Read more
-
Cybersecurity News
Palo Alto Networks Warns of GlobalProtect App Flaw with Public Exploit Code (CVE-2024-5921)
Palo Alto Networks has issued a security advisory warning of a vulnerability in its GlobalProtect app that could allow attackers to install malicious software on endpoints.The vulnerability, identifie ... Read more