CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Samsung phone users under attack, Google warns
A nasty bug in Samsung's mobile chips is being exploited by miscreants as part of an exploit chain to escalate privileges and then remotely execute arbitrary code, according to Google security researc ... Read more
-
Trend Micro
Understanding the Initial Stages of Web Shell and VPN Threats: An MXDR Analysis
MXDR case 2: VPN compromise leading to lateral movement A VPN account compromise occurs when a malicious actor gains access to a VPN account through methods such as phishing, exploiting vulnerabilitie ... Read more
-
The Register
Warning! FortiManager critical vulnerability under active attack
Fortinet has gone public with news of a critical flaw in its software management platform. The security vendor apparently began informing customers privately about the issue a few days ago but has sin ... Read more
-
Dark Reading
Lazarus Group Exploits Chrome Zero-Day in Latest Campaign
Source: MAHATHIR MOHD YASIN via ShutterstockNorth Korea's infamous Lazarus Group is using a well-designed fake game website, a now-patched Chrome zero-day bug, professional LinkedIn accounts, AI-gener ... Read more
-
Google Cloud
Investigating FortiManager Zero-Day Exploitation (CVE-2024-47575)
Written by: Foti Castelan, Max Thauer, JP Glab, Gabby Roncone, Tufail Ahmed, Jared Wilson Summary In October 2024, Mandiant collaborated with Fortinet to investigate the mass exploitation of FortiMana ... Read more
-
Dark Reading
Microsoft SharePoint Vuln Is Under Active Exploit
Source: Ascannio via Alamy Stock PhotoA high-severity flaw in Microsoft SharePoint, tracked as CVE-2024-38094, is under active exploit.The bug is a deserialization vulnerability, which is often used a ... Read more
-
The Register
Microsoft SharePoint RCE flaw exploits in the wild – you've had 3 months to patch
A Microsoft SharePoint bug that can allow an attacker to remotely inject code into vulnerable versions is under active exploitation, according to the US Cybersecurity and Infrastructure Security Agenc ... Read more
-
BleepingComputer
Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day
The North Korean Lazarus hacking group exploited a Google Chrome zero-day tracked as CVE-2024-4947 through a fake decentralized finance (DeFi) game targeting individuals in the cryptocurrency space. K ... Read more
-
Cybersecurity News
Fortinet Warns of Actively Exploited Flaw in FortiManager: CVE-2024-47575 (CVSS 9.8)
Fortinet has issued a security advisory for its FortiManager platform, addressing a critical vulnerability—CVE-2024-47575—which has been actively exploited in the wild. This vulnerability, rated at CV ... Read more
-
security.nl
Fortinet waarschuwt voor actief misbruikte kwetsbaarheid in FortiManager
Fortinet waarschuwt klanten voor een actief misbruikte kwetsbaarheid in FortiManager en FortiManager Cloud waardoor een ongeauthenticeerde aanvaller het systeem op afstand kan overnemen. FortiManager ... Read more