CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
Critical VMware vCenter Server Flaws Under Active Attack: CISA Issues Urgent Warning
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding two critical vulnerabilities in VMware vCenter Server that are currently being exploited in the ... Read more
-
Cybersecurity News
CVE-2024-52940: AnyDesk Vulnerability Exposes User IP Addresses, PoC Published
Image: Ebrahim ShafieiA newly discovered vulnerability in popular remote desktop software AnyDesk could allow attackers to uncover users’ IP addresses, posing significant privacy risks. Security resea ... Read more
-
The Hacker News
Google's AI-Powered OSS-Fuzz Tool Finds 26 Vulnerabilities in Open-Source Projects
Artificial Intelligence / Software Security Google has revealed that its AI-powered fuzzing tool, OSS-Fuzz, has been used to help identify 26 vulnerabilities in various open-source code repositories, ... Read more
-
Cybersecurity News
CVE-2024-10220: Kubernetes Vulnerability Allows Arbitrary Command Execution
A high-severity vulnerability has been discovered in Kubernetes, potentially allowing attackers to execute arbitrary commands outside of container boundaries. Tracked as CVE-2024-10220 and assigned a ... Read more
-
TheCyberThrone
10 Year Old Utility Package Flaw Haunts Ubuntu OS
Security researchers from Qualys TRU has discovered vulnerabilities in a utility package in Ubuntu OS that could enable local users to escalate their privileges to root without user interaction.In tot ... Read more
-
Cybersecurity News
CVE-2024-42450 (CVSS 10): Versa Networks Addresses Critical Vulnerability in Versa Director
Versa Networks has issued a security advisory addressing a critical vulnerability (CVE-2024-42450) affecting its Versa Director software. The vulnerability, which carries a CVSS score of 10, could all ... Read more
-
Cybersecurity News
Earth Kasha Expands Operations: New LODEINFO Malware Hits Government and High-Tech
An overview of relationships of Earth Kasha | Image: Trend MicroIn a detailed report by Trend Micro, the emergence of a new LODEINFO malware campaign has been linked to Earth Kasha, a threat group ope ... Read more
-
Cybersecurity News
2024 CWE Top 25: Critical Software Weaknesses Revealed
The Common Weakness Enumeration (CWE) Top 25 list for 2024 has been released, and it provides a critical roadmap for addressing the most pervasive and hazardous vulnerabilities that plague modern soft ... Read more
-
Cybersecurity News
WorkflowKit Race Vulnerability (CVE-2024-27821): Researcher Reveals Exploit that Let Malicious Apps Hijack Shortcuts
Security researcher Snoolie K has published an in-depth analysis of a significant security flaw in WorkflowKit, which has been assigned CVE-2024-27821. This vulnerability, dubbed the “WorkflowKit Race ... Read more
-
Cybersecurity News
FrostyGoop: New ICS Malware Exploits Modbus TCP Protocol
Recently, Palo Alto Networks has released an in-depth analysis of FrostyGoop, also known as BUSTLEBERM, a sophisticated malware targeting operational technology (OT). This malware gained attention in ... Read more