CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
Kaspersky Uncovers Active Exploitation of Fortinet Vulnerability CVE-2023-48788
In a recent investigation, Kaspersky’s Global Emergency Response Team (GERT) uncovered active exploitation of a patched vulnerability in Fortinet FortiClient EMS. This SQL injection vulnerability, ide ...
-
security.nl
Kritiek lek in Fortinet Wireless Manager geeft toegang tot admin session tokens
Een kritieke path traversal-kwetsbaarheid in de Fortinet Wireless Manager (FortiWLM) maakt het voor een ongeauthenticeerde aanvaller mogelijk om toegang tot gevoelige bestanden te krijgen. De impact v ...
-
Kaspersky
Attackers exploiting a patched FortiClient EMS vulnerability in the wild
Introduction During a recent incident response, Kaspersky’s GERT team identified a set of TTPs and indicators linked to an attacker that infiltrated a company’s networks by targeting a Fortinet vulner ...
-
cert.pl
Vulnerability in Govee Home mobile application (Android & iOS)
CVE ID CVE-2023-4617 Publication date 19 December 2024 Vendor Govee Product Govee Home Vulnerable versions All before 5.9 Vulnerability type (CWE) Incorrect Authorization (CWE-863) Report source NASK ...
-
The Hacker News
Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits
Vulnerability / Network Security Fortinet has issued an advisory for a now-patched critical security flaw impacting Wireless LAN Manager (FortiWLM) that could lead to disclosure of sensitive informati ...
-
The Register
Critical security hole in Apache Struts under exploit
A critical security hole in Apache Struts 2 – patched last week – is currently being exploited using publicly available proof-of-concept (PoC) code. Struts is a Java-based web application framework wi ...
-
The Cyber Express
New Android Spyware Detected in Serbian Surveillance Investigation
In February 2024, Serbian journalist Slaviša Milanov was taken to a police station following what seemed like a routine traffic stop. But after his release, the phone that he’d been asked to leave wit ...
-
cybereason.com
CVE-2024-55956: Zero-Day Vulnerability in Cleo Software Could Lead to Data Theft
Key Takeaways Zero-day vulnerability was discovered in 3 Cleo products, tracked as CVE-2024-55956 Cleo is the developer of various managed file transfer platforms with approximately 4,000 customers, m ...
-
TheCyberThrone
Detailing Critical Microsoft CVE-2024-49112 Vulnerability
Microsoft has recently disclosed a critical Remote Code Execution (RCE) vulnerability in its Lightweight Directory Access Protocol (LDAP) service, identified as CVE-2024-49112 Released as part of the ...
-
BleepingComputer
New critical Apache Struts flaw exploited to find vulnerable servers
A recently patched critical Apache Struts 2 vulnerability tracked as CVE-2024-53677 is actively exploited using public proof-of-concept exploits to find vulnerable devices. Apache Struts is an open-so ...