CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
0patch Uncovers and Patches New Windows Zero-Day Vulnerability, Microsoft Scrambles to Re-Fix Flaw
Security researchers at 0patch have discovered a new zero-day vulnerability in Microsoft Windows, exposing users to potential credential theft. This revelation comes on the heels of Microsoft’s attemp ... Read more
-
Cybersecurity News
Denial-of-Service Vulnerability Found in Squid Proxy Server (CVE-2024-45802)
A recent security advisory from the SQUID project has highlighted a critical Denial-of-Service (DoS) vulnerability, tracked as CVE-2024-45802 (CVSS 7.5), in Squid, a popular open-source caching proxy ... Read more
-
Cybersecurity News
ThreatFabric Reveals Dangerous Upgrades in LightSpy Spyware – 28 Plugins Targeting iOS Devices
Image: ThreatFabricThreatFabric released a report detailing advancements in the LightSpy implant, an iOS spyware first identified in 2020, which has evolved into a more complex and damaging tool. The ... Read more
-
Cybersecurity News
New Chrome Security Patch Targets Critical CVE-2024-10487 & 10488 Flaws – Update Immediately
Google has just released an urgent update for its Chrome browser, addressing two serious security vulnerabilities that could potentially allow attackers to take control of users’ systems. The vulnerab ... Read more
-
Cybersecurity News
CVE-2024-45656: A 9.8 Severity Threat to IBM Power Systems Security
A critical vulnerability has been discovered in IBM Power Systems servers, potentially allowing unauthorized access and complete control over affected systems. The flaw, identified as CVE-2024-45656, ... Read more
-
Cybersecurity News
Divulge, Dedsec, and Duck: The Rise of Advanced Stealer Malware
CYFIRMA has recently exposed a trio of malicious stealers—Divulge, Dedsec, and Duck Stealers—highlighting their proliferation across GitHub, Discord, and Telegram. These stealers, leveraging advanced ... Read more
-
Trend Micro
Attacker Abuses Victim Resources to Reap Rewards from Titan Network
Cyber Threats In this blog entry, we discuss how an attacker took advantage of the Atlassian Confluence vulnerability CVE-2023-22527 to connect servers to the Titan Network for cryptomining purposes. ... Read more
-
The Register
How to jailbreak ChatGPT and trick the AI into writing exploit code using hex encoding
OpenAI's language model GPT-4o can be tricked into writing exploit code by encoding the malicious instructions in hexadecimal, which allows an attacker to jump the model's built-in security guardrails ... Read more
-
Dark Reading
Recurring Windows Flaw Could Expose User Credentials
Source: tdhster via ShutterstockAll versions of Windows clients, from Windows 7 through current Windows 11 versions, contain a 0-day vulnerability that could allow attackers to capture NTLM authentica ... Read more
-
BleepingComputer
New Windows Themes zero-day gets free, unofficial patches
Free unofficial patches are now available for a new Windows Themes zero-day vulnerability that allows attackers to steal a target's NTLM credentials remotely. NTLM has been extensively exploited in NT ... Read more