CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
14-Year Vulnerability in qBittorrent Leaves Millions Exposed to RCE Attacks
Image: Sharp SecuritySharp Security has unveiled a critical vulnerability that has lingered in the popular torrent client qBittorrent for over 14 years, leaving countless users exposed to potential cy ... Read more
-
Cybersecurity News
ServiceNow Patches Critical Sandbox Escape Vulnerability – CVE-2024-8923 (CVSS 9.8)
ServiceNow, a leading cloud-based enterprise platform, has recently addressed two significant vulnerabilities, CVE-2024-8923 and CVE-2024-8924, which posed serious risks to organizations using its Now ... Read more
-
Cybersecurity News
CVE-2024-48074: RCE Flaw Discovered in DrayTek Vigor2960 Routers, PoC Published
Security researchers have uncovered a critical remote code execution (RCE) vulnerability in DrayTek Vigor2960 routers, a popular choice for businesses requiring a robust VPN solution.The vulnerability ... Read more
-
Cybersecurity News
Over 6 Million Sites at Risk: Severe Privilege Escalation Flaw CVE-2024-50550 in LiteSpeed Cache Plugin
Rafie Muhammad, a Security Researcher at Patchstack, reveals a severe security vulnerability in the LiteSpeed Cache plugin—a popular WordPress caching plugin with over six million active installations ... Read more
-
Cybersecurity News
Researcher Exposes Critical Vulnerabilities in Google Cloud
In a recent in-depth analysis, Christophe Tafani-Dereeper, a prominent Cloud Security Researcher at DATADOG, highlights critical vulnerabilities within Google Cloud’s default service accounts that put ... Read more
-
Cybersecurity News
Interlock Ransomware: New Threat Targets Windows & FreeBSD
A new ransomware group dubbed “Interlock” has emerged, setting its sights on both Windows and FreeBSD operating systems. This multi-platform approach signals a concerning trend in the ransomware lands ... Read more
-
The Register
Windows Themes zero-day bug exposes users to NTLM credential theft
There's a Windows Themes spoofing zero-day bug on the loose that allows attackers to steal people's NTLM credentials. That's the bad news. The good news: Acros Security's 0patch has developed a free m ... Read more
-
BleepingComputer
QNAP patches second zero-day exploited at Pwn2Own to get root
QNAP has released security patches for a second zero-day bug exploited by security researchers during last week's Pwn2Own hacking contest. This critical SQL injection (SQLi) vulnerability, tracked as ... Read more
-
Cybersecurity News
Microsoft Boosts Email Security with General Availability of Inbound SMTP DANE with DNSSEC
Microsoft announced the general availability of Inbound SMTP DANE with DNSSEC for Exchange Online, marking a significant step forward in email security. This powerful feature combines two robust secur ... Read more
-
Help Net Security
Ransomware hits web hosting servers via vulnerable CyberPanel instances
A threat actor – or possibly several – has hit approximately 22,000 vulnerable instances of CyberPanel and encrypted files on the servers running it with the PSAUX and other ransomware. The PSAUX rans ... Read more