CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
Google's AI-Powered OSS-Fuzz Tool Finds 26 Vulnerabilities in Open-Source Projects
Artificial Intelligence / Software Security Google has revealed that its AI-powered fuzzing tool, OSS-Fuzz, has been used to help identify 26 vulnerabilities in various open-source code repositories, ... Read more
-
Cybersecurity News
CVE-2024-10220: Kubernetes Vulnerability Allows Arbitrary Command Execution
A high-severity vulnerability has been discovered in Kubernetes, potentially allowing attackers to execute arbitrary commands outside of container boundaries. Tracked as CVE-2024-10220 and assigned a ... Read more
-
TheCyberThrone
10 Year Old Utility Package Flaw Haunts Ubuntu OS
Security researchers from Qualys TRU has discovered vulnerabilities in a utility package in Ubuntu OS that could enable local users to escalate their privileges to root without user interaction.In tot ... Read more
-
Cybersecurity News
CVE-2024-42450 (CVSS 10): Versa Networks Addresses Critical Vulnerability in Versa Director
Versa Networks has issued a security advisory addressing a critical vulnerability (CVE-2024-42450) affecting its Versa Director software. The vulnerability, which carries a CVSS score of 10, could all ... Read more
-
Cybersecurity News
Earth Kasha Expands Operations: New LODEINFO Malware Hits Government and High-Tech
An overview of relationships of Earth Kasha | Image: Trend MicroIn a detailed report by Trend Micro, the emergence of a new LODEINFO malware campaign has been linked to Earth Kasha, a threat group ope ... Read more
-
Cybersecurity News
2024 CWE Top 25: Critical Software Weaknesses Revealed
The Common Weakness Enumeration (CWE) Top 25 list for 2024 has been released, and it provides a critical roadmap for addressing the most pervasive and hazardous vulnerabilities that plague modern soft ... Read more
-
Cybersecurity News
WorkflowKit Race Vulnerability (CVE-2024-27821): Researcher Reveals Exploit that Let Malicious Apps Hijack Shortcuts
Security researcher Snoolie K has published an in-depth analysis of a significant security flaw in WorkflowKit, which has been assigned CVE-2024-27821. This vulnerability, dubbed the “WorkflowKit Race ... Read more
-
Cybersecurity News
FrostyGoop: New ICS Malware Exploits Modbus TCP Protocol
Recently, Palo Alto Networks has released an in-depth analysis of FrostyGoop, also known as BUSTLEBERM, a sophisticated malware targeting operational technology (OT). This malware gained attention in ... Read more
-
Cybersecurity News
New Attack Vector: Misconfigured Jupyter Servers Targeted for Illegal Streaming
Aqua Nautilus security researchers have uncovered a novel attack vector where threat actors exploit misconfigured servers, particularly JupyterLab and Jupyter Notebook environments, to hijack computin ... Read more
-
Cybersecurity News
Critical Vulnerability in D-Link EOL Routers Allows Remote Code Execution
D-Link has issued a security announcement concerning several End-of-Life (EOL) and End-of-Service (EOS) router models, including the DSR-150, DSR-150N, DSR-250, and DSR-250N. The advisory highlights a ... Read more