CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Kaspersky
Improvements to our SIEM for Q3 2024 | Kaspersky official blog
SIEM Rules for detecting atypical behavior in container infrastructure at the data collection stage, and other updates to our SIEM system. November 2, 2024 Clearly, the sooner malicious actions come t ... Read more
-
BleepingComputer
Microsoft SharePoint RCE bug exploited to breach corporate network
A recently disclosed Microsoft SharePoint remote code execution (RCE) vulnerability tracked as CVE-2024-38094 is being exploited to gain initial access to corporate networks. CVE-2024-38094 is a high- ... Read more
-
TheCyberThrone
Apache Lucene fixes CVE-2024-43383
Apache Lucene.NET, an open-source search library has been discovered having a security flaw that could allow attackers to remotely execute malicious code.The vulnerability tracked as CVE-2024-43383 wi ... Read more
-
Cybersecurity News
PoC Exploit Releases for Spring WebFlux Authorization Bypass – CVE-2024-38821
Image: Mouad KondahThe researcher published the technical details and a proof-of-concept (PoC) exploit for CVE-2024-38821 (CVSS 9.1). This vulnerability, affecting versions of Spring WebFlux, allows a ... Read more
-
Cybersecurity News
PythonRatLoader: The Malware Loader That’s Turning Phishing Into a Multi-Stage Attack
Attack Flow | Image: CofenseA recent report by Adam Martin and Kian Buckley Maher from the Cofense Phishing Defense Center (PDC) has revealed a sophisticated malware loader, PythonRatLoader, that is b ... Read more
-
Dark Reading
Critical Auth Bugs Expose Smart Factory Gear to Cyberattack
Source: frans lemmens via Alamy Stock PhotoCritical security vulnerabilities affecting factory automation software from Mitsubishi Electric and Rockwell Automation could variously allow remote code ex ... Read more
-
BleepingComputer
Synology hurries out patches for zero-days exploited at Pwn2Own
Synology, a Taiwanese network-attached storage (NAS) appliance maker, patched two critical zero-days exploited during last week's Pwn2Own hacking competition within days. Midnight Blue security resear ... Read more
-
The Cyber Express
Nearly 1 Million Vulnerable Fortinet, SonicWall Devices Exposed to the Web
Nearly 1 million Fortinet and SonicWall devices with actively exploited vulnerabilities are exposed on the internet, according to Cyble’s weekly vulnerability report published today. The report also l ... Read more
-
TheCyberThrone
Microsoft Sharepoint Server CVE-2024-38094 Exploited
Threat actors have exploited a vulnerability in Microsoft SharePoint Server, identified as CVE-2024-38094, allowing them to gain complete domain access and compromise critical systems. The Rapid7 inci ... Read more
-
TheCyberThrone
WordPress Plugin LiteSpeed Cache Flaw CVE-2024-50550
Security researcher has identified a vulnerability in the LiteSpeed Cache plugin that could compromise WordPress sites with its unauthenticated privilege escalation capabilities.The vulnerability trac ... Read more