CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
Earth Kasha Expands Operations: New LODEINFO Malware Hits Government and High-Tech
An overview of relationships of Earth Kasha | Image: Trend MicroIn a detailed report by Trend Micro, the emergence of a new LODEINFO malware campaign has been linked to Earth Kasha, a threat group ope ... Read more
-
Cybersecurity News
2024 CWE Top 25: Critical Software Weaknesses Revealed
The Common Weakness Enumeration (CWE) Top 25 list for 2024 has been released, and it provides a critical roadmap for addressing the most pervasive and hazardous vulnerabilities that plague modern soft ... Read more
-
Cybersecurity News
WorkflowKit Race Vulnerability (CVE-2024-27821): Researcher Reveals Exploit that Let Malicious Apps Hijack Shortcuts
Security researcher Snoolie K has published an in-depth analysis of a significant security flaw in WorkflowKit, which has been assigned CVE-2024-27821. This vulnerability, dubbed the “WorkflowKit Race ... Read more
-
Cybersecurity News
FrostyGoop: New ICS Malware Exploits Modbus TCP Protocol
Recently, Palo Alto Networks has released an in-depth analysis of FrostyGoop, also known as BUSTLEBERM, a sophisticated malware targeting operational technology (OT). This malware gained attention in ... Read more
-
Cybersecurity News
New Attack Vector: Misconfigured Jupyter Servers Targeted for Illegal Streaming
Aqua Nautilus security researchers have uncovered a novel attack vector where threat actors exploit misconfigured servers, particularly JupyterLab and Jupyter Notebook environments, to hijack computin ... Read more
-
Cybersecurity News
Critical Vulnerability in D-Link EOL Routers Allows Remote Code Execution
D-Link has issued a security announcement concerning several End-of-Life (EOL) and End-of-Service (EOS) router models, including the DSR-150, DSR-150N, DSR-250, and DSR-250N. The advisory highlights a ... Read more
-
huntress.com
You Can Run, But You Can’t Hide: Defender Exclusions | Huntress
The endpoint team at Huntress is focused on providing telemetry and protections around real adversary threats. One thing we've noticed that's often overlooked is adversaries leveraging Microsoft Defen ... Read more
-
TheCyberThrone
CISA adds VMware twin flaws to KEV Catalog
The US CISA has added VMware vulnerabilities to its Known Exploited Vulnerability Catalog based on the evidence of active exploitation. A detailed write-up about these vulnerabilities has been already ... Read more
-
BleepingComputer
Ubuntu Linux impacted by decade-old 'needrestart' flaw that gives root
Five local privilege escalation (LPE) vulnerabilities have been discovered in the needrestart utility used by Ubuntu Linux, which was introduced over 10 years ago in version 21.04. The flaws were disc ... Read more
-
TheCyberThrone
Apple addressed twin flaws with an emergency patch release
Apple has released security patches to address vulnerabilities in its products that are being actively exploited by cybercriminalsThe first vulnerability tracked as CVE-2024-44308 stems in the JavaScr ... Read more