CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day
The North Korean Lazarus hacking group exploited a Google Chrome zero-day tracked as CVE-2024-4947 through a fake decentralized finance (DeFi) game targeting individuals in the cryptocurrency space. K ... Read more
-
Cybersecurity News
Fortinet Warns of Actively Exploited Flaw in FortiManager: CVE-2024-47575 (CVSS 9.8)
Fortinet has issued a security advisory for its FortiManager platform, addressing a critical vulnerability—CVE-2024-47575—which has been actively exploited in the wild. This vulnerability, rated at CV ... Read more
-
security.nl
Fortinet waarschuwt voor actief misbruikte kwetsbaarheid in FortiManager
Fortinet waarschuwt klanten voor een actief misbruikte kwetsbaarheid in FortiManager en FortiManager Cloud waardoor een ongeauthenticeerde aanvaller het systeem op afstand kan overnemen. FortiManager ... Read more
-
BleepingComputer
Fortinet warns of new critical FortiManager flaw used in zero-day attacks
Fortinet publicly disclosed today a critical FortiManager API vulnerability, tracked as CVE-2024-47575, that was exploited in zero-day attacks to steal sensitive files containing configurations, IP ad ... Read more
-
TheCyberThrone
PoC Exploit released for Microsoft flaw CVE-2024-43532
Researcher from Akamai has released a proof-of-concept (PoC) exploit code for a critical Elevation of Privilege vulnerability, that’s tracked as CVE-2024-43532 with a CVSS score of 8.8.This vulnerabil ... Read more
-
Cybersecurity News
Fake Crypto Game Hides Chrome Zero-Day CVE-2024-4947 Attack by Lazarus APT
Kaspersky Labs has uncovered a sophisticated campaign by the Lazarus APT group, utilizing a fake cryptocurrency game to lure unsuspecting investors and infect their systems with malware. The attackers ... Read more
-
Cybersecurity News
GitLab Security Alert: CVE-2024-8312 and CVE-2024-6826 Patched
GitLab has issued a security update to address two significant vulnerabilities affecting multiple versions of its Community Edition (CE) and Enterprise Edition (EE) software. Users are strongly urged ... Read more
-
The Hacker News
CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)
Vulnerability / Threat Intelligence A high-severity flaw impacting Microsoft SharePoint has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure ... Read more
-
security.nl
'Spionagegroep gebruikte tankspelletje om Chrome-gebruikers te infecteren'
Een vanuit Noord-Korea opererende spionagegroep gebruikte een tankspelletje om gebruikers van Google Chrome via een kwetsbaarheid met malware te infecteren, zo meldt antivirusbedrijf Kaspersky. Op het ... Read more
-
Kaspersky
The Crypto Game of Lazarus APT: Investors vs. Zero-days
Introduction Lazarus APT and its BlueNoroff subgroup are a highly sophisticated and multifaceted Korean-speaking threat actor. We closely monitor their activities and quite often see them using their ... Read more