CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
ThreatFabric Reveals Dangerous Upgrades in LightSpy Spyware – 28 Plugins Targeting iOS Devices
Image: ThreatFabricThreatFabric released a report detailing advancements in the LightSpy implant, an iOS spyware first identified in 2020, which has evolved into a more complex and damaging tool. The ... Read more
-
Cybersecurity News
New Chrome Security Patch Targets Critical CVE-2024-10487 & 10488 Flaws – Update Immediately
Google has just released an urgent update for its Chrome browser, addressing two serious security vulnerabilities that could potentially allow attackers to take control of users’ systems. The vulnerab ... Read more
-
Cybersecurity News
CVE-2024-45656: A 9.8 Severity Threat to IBM Power Systems Security
A critical vulnerability has been discovered in IBM Power Systems servers, potentially allowing unauthorized access and complete control over affected systems. The flaw, identified as CVE-2024-45656, ... Read more
-
Cybersecurity News
Divulge, Dedsec, and Duck: The Rise of Advanced Stealer Malware
CYFIRMA has recently exposed a trio of malicious stealers—Divulge, Dedsec, and Duck Stealers—highlighting their proliferation across GitHub, Discord, and Telegram. These stealers, leveraging advanced ... Read more
-
Trend Micro
Attacker Abuses Victim Resources to Reap Rewards from Titan Network
Cyber Threats In this blog entry, we discuss how an attacker took advantage of the Atlassian Confluence vulnerability CVE-2023-22527 to connect servers to the Titan Network for cryptomining purposes. ... Read more
-
The Register
How to jailbreak ChatGPT and trick the AI into writing exploit code using hex encoding
OpenAI's language model GPT-4o can be tricked into writing exploit code by encoding the malicious instructions in hexadecimal, which allows an attacker to jump the model's built-in security guardrails ... Read more
-
Dark Reading
Recurring Windows Flaw Could Expose User Credentials
Source: tdhster via ShutterstockAll versions of Windows clients, from Windows 7 through current Windows 11 versions, contain a 0-day vulnerability that could allow attackers to capture NTLM authentica ... Read more
-
BleepingComputer
New Windows Themes zero-day gets free, unofficial patches
Free unofficial patches are now available for a new Windows Themes zero-day vulnerability that allows attackers to steal a target's NTLM credentials remotely. NTLM has been extensively exploited in NT ... Read more
-
BleepingComputer
QNAP fixes NAS backup software zero-day exploited at Pwn2Own
QNAP has fixed a critical zero-day vulnerability exploited by security researchers on Thursday to hack a TS-464 NAS device during the Pwn2Own Ireland 2024 competition. Tracked as CVE-2024-50388, the s ... Read more
-
security.nl
QNAP dicht kritiek Pwn2Own-lek dat remote aanvaller NAS laat overnemen
QNAP heeft een beveiligingsupdate uitgebracht voor een kritieke kwetsbaarheid waardoor NAS-apparaten van de fabrikant door een remote aanvaller zijn over te nemen. Via het beveiligingslek, aangeduid a ... Read more