CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
Analysis & PoC Exploits Released for Palo Alto Zero-Days – CVE-2024-0012 and CVE-2024-9474
Image: WatchtowrIn a recent analysis, security researcher Sonny from watchTowr unveiled the technical intricacies of two zero-day vulnerabilities affecting Palo Alto Networks’ Next-Generation Firewall ... Read more
-
Cybersecurity News
CVE-2024-21697: High Severity Flaw in Sourcetree Enables Remote Code Execution
Atlassian has issued a security advisory warning of a critical remote code execution (RCE) vulnerability in its popular Sourcetree software for Mac and Windows. Tracked as CVE-2024-21697 and scoring a ... Read more
-
Cybersecurity News
Google Chrome Patches High-Severity Flaw CVE-2024-11395 in Latest Stable Release
Google has released a new stable version of its Chrome browser for desktop, addressing three security vulnerabilities, including one high-severity flaw. The update, versions 131.0.6778.85/.86 for Wind ... Read more
-
Cybersecurity News
CVE-2024-21287: Critical Zero-Day Exploited in Oracle Agile PLM
Oracle has issued an urgent security alert regarding a critical vulnerability in its Agile Product Lifecycle Management (PLM) software, tracked as CVE-2024-21287. This flaw allows attackers to remotel ... Read more
-
Cybersecurity News
CVE-2024-47533 (CVSS 9.8): Cobbler Vulnerability Exposes Linux Servers to Compromise
CVE-2024-47533 exposes Cobbler servers to unauthorized access and control, enabling attackers to manipulate system configurations.A critical vulnerability has been discovered in Cobbler, a popular Lin ... Read more
-
Cybersecurity News
CVE-2024-42057: Exploited by Helldown Ransomware to Target Linux
Helldown ransom note from xml configuration | Image: SekoiaSekoia’s Threat Detection & Research (TDR) team uncovers a Linux variant of the Helldown ransomware, expanding the threat landscape.The Helld ... Read more
-
Cybersecurity News
Wget Vulnerability (CVE-2024-10524) Opens Door to SSRF Attacks
A newly discovered vulnerability in the popular Wget download utility could allow attackers to launch server-side request forgery (SSRF) attacks.Security researcher Goni Golan from JFrog has identifie ... Read more
-
Cybersecurity News
CVE-2024-47208 & CVE-2024-48962: Apache OFBiz Exposed to Remote Code Execution
The Apache Software Foundation has released important security updates to address two critical vulnerabilities in Apache OFBiz, a popular open-source suite of business applications. These vulnerabilit ... Read more
-
BleepingComputer
Apple fixes two zero-days used in attacks on Intel-based Macs
Apple released emergency security updates to fix two zero-day vulnerabilities that were exploited in attacks on Intel-based Mac systems. "Apple is aware of a report that this issue may have been explo ... Read more
-
BleepingComputer
CISA tags Progress Kemp LoadMaster flaw as exploited in attacks
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added three new flaws in its Known Exploited Vulnerabilities (KEV) catalog, including a critical OS command injection impacting Progr ... Read more