CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
CISA KEV Catalog Update Part VI – November 2024
The US CISA has added the following vulnerabilities to its Known Exploited Vulnerabilities Catalog based on the evidence of active exploitationCVE-2024-44308 With no CVSS score assigned yet, Apple iOS ... Read more
-
The Hacker News
Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign
Vulnerability / Cyber Attack As many as 2,000 Palo Alto Networks devices are estimated to have been compromised as part of a campaign abusing the newly disclosed security flaws that have come under ac ... Read more
-
The Register
'Alarming' bugs lay low in Ubuntu Server utility for 10 years
Researchers at Qualys refuse to release exploit code for five bugs in the Linux world's needrestart utility that allow unprivileged local attackers to gain root access without any user interaction. Th ... Read more
-
Cybersecurity News
Researchers Uncover XenoRAT’s New Tactics Leveraging Excel XLL Files and Advanced Obfuscation
Hunt researchers have discovered a novel deployment of XenoRAT, an open-source remote access tool (RAT), leveraging Excel XLL files and advanced obfuscation methods. Known for targeting gamers and pos ... Read more
-
TheCyberThrone
Oracle Agile PLM Vulnerability CVE-2024-21287 Exploited in wild
Oracle has released an alert about a critical vulnerability in its Agile Product Lifecycle Management (PLM) software, allows attackers to remotely access sensitive files without any authentication, an ... Read more
-
Help Net Security
2,000 Palo Alto Networks devices compromised in latest attacks
Attackers have compromised around 2,000 Palo Alto Networks firewalls by leveraging the two recently patched zero-days (CVE-2024-0012 and CVE-2024-9474), Shadowserver Foundation’s internet-wide scannin ... Read more
-
security.nl
Beveiligingslek in 7-Zip maakt remote code execution mogelijk
Een beveiligingslek in de populaire archiveringssoftware 7-Zip maakt remote code execution mogelijk. Op 19 juni van dit jaar verscheen een versie waarin het probleem is verholpen, maar in de release n ... Read more
-
Cybersecurity News
Critical VMware vCenter Server Flaws Under Active Attack: CISA Issues Urgent Warning
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding two critical vulnerabilities in VMware vCenter Server that are currently being exploited in the ... Read more
-
Cybersecurity News
CVE-2024-52940: AnyDesk Vulnerability Exposes User IP Addresses, PoC Published
Image: Ebrahim ShafieiA newly discovered vulnerability in popular remote desktop software AnyDesk could allow attackers to uncover users’ IP addresses, posing significant privacy risks. Security resea ... Read more
-
The Hacker News
Google's AI-Powered OSS-Fuzz Tool Finds 26 Vulnerabilities in Open-Source Projects
Artificial Intelligence / Software Security Google has revealed that its AI-powered fuzzing tool, OSS-Fuzz, has been used to help identify 26 vulnerabilities in various open-source code repositories, ... Read more