CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
Phobos Ransomware Administrator Extradited to US to Face Charges
Evgenii Ptitsyn, a Russian national, faces a 13-count indictment for his alleged role in a global ransomware scheme that extorted millions from over 1,000 victims.In a significant victory for internat ... Read more
-
The Hacker News
Warning: VMware vCenter and Kemp LoadMaster Flaws Under Active Exploitation
Vulnerability / Data Security Now-patched security flaws impacting Progress Kemp LoadMaster and VMware vCenter Server have come under active exploitation in the wild, it has emerged. The U.S. Cybersec ... Read more
-
Cybersecurity News
From CVE to PoC: A Collection Maps Windows Privilege Escalation Landscape
Security researcher Michael Zhmaylo has assembled a comprehensive collection of publicly disclosed exploits for Local Privilege Escalation (LPE) vulnerabilities affecting Microsoft Windows operating s ... Read more
-
Cybersecurity News
CVE-2024-52308: GitHub CLI Vulnerability Could Allow Remote Code Execution
A critical security vulnerability (CVE-2024-52308) in the GitHub Command Line Interface (CLI) has been identified, potentially enabling remote code execution (RCE) on users’ workstations. This vulnera ... Read more
-
Cybersecurity News
LibreNMS Vulnerability (CVE-2024-51092): Mitigating the Risk of Server Compromise
A recent security advisory from the LibreNMS project has revealed a severe vulnerability (CVE-2024-51092) affecting versions up to 24.9.1 of the widely-used network monitoring platform. The flaw, rate ... Read more
-
Cybersecurity News
Actively Exploited VMware Vulnerabilities (CVE-2024-38812 & CVE-2024-38813) Threaten Virtualized Infrastructure
Broadcom has updated an urgent security advisory following confirmation of in-the-wild exploitation of two critical vulnerabilities affecting its vCenter Server platform: CVE-2024-38812 and CVE-2024-3 ... Read more
-
Cybersecurity News
Trio of Apache Tomcat Flaws Disclosed: Authentication Bypass, HTTP/2 Request Mix-Up, and XSS Flaw
The Apache Software Foundation has recently disclosed three new vulnerabilities affecting Apache Tomcat, a widely-used open-source web server and servlet container. These vulnerabilities, ranging from ... Read more
-
Cybersecurity News
CVE-2024-31141: Apache Kafka Vulnerability Exposes User Data to Potential Attackers
A newly discovered vulnerability in Apache Kafka, the popular open-source event streaming platform, could allow attackers to gain unauthorized access to sensitive information. The vulnerability, track ... Read more
-
Cybersecurity News
Critical Vulnerabilities Found in Baxter Life2000 Ventilation System
The Baxter Life2000 Ventilation System, a key healthcare device used in critical infrastructure sectors, has been found to contain multiple severe vulnerabilities. These issues, detailed in a recent s ... Read more
-
Trend Micro
Spot the Difference: Earth Kasha's New LODEINFO Campaign And The Correlation Analysis With The APT10 Umbrella
This blog is based on a presentation by the authors at Virus Bulletin 2024. Introduction LODEINFO is a malware used in attacks targeting mainly Japan since 2019. Trend Micro has been tracking the grou ... Read more