CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Cyber Express
Critical Veeam Vulnerability CVE-2024-40711 Exploited by Ransomware Groups
Veeam has addressed a severe vulnerability in its widely utilized Backup & Replication tool, CVE-2024-40711. This critical flaw has a staggering Common Vulnerability Scoring System (CVSS) score of 9.8 ... Read more
-
Dark Reading
Iran's APT34 Abuses MS Exchange to Spy on Gulf Gov'ts
Source: Daniren via Alamy Stock PhotoAn Iranian threat actor has been ramping up its espionage against Gulf-state government entities, particularly those within the United Arab Emirates (UAE).APT34 (a ... Read more
-
The Hacker News
Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk
Vulnerability / Kubernetes A critical security flaw has been disclosed in the Kubernetes Image Builder that, if successfully exploited, could be abused to gain root access under certain circumstances. ... Read more
-
The Cyber Express
SolarWinds, Firefox, Windows Face Active Exploitation: CISA Issues Urgent Warning
The Cybersecurity and Infrastructure Security Agency (CISA) has recently added three vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, emphasizing the pressing need for organizatio ... Read more
-
Cybersecurity News
CVE-2024-45216: Critical Authentication Bypass Vulnerability Patched in Apache Solr
Apache Solr, a highly reliable and scalable search platform powering the search functionalities of some of the world’s largest internet sites, has been the target of two newly disclosed security vulne ... Read more
-
Cybersecurity News
Broadcom Warns of High-Risk VMware HCX Vulnerability (CVE-2024-38814)
In a recent security advisory, Broadcom disclosed a significant SQL injection vulnerability (CVE-2024-38814) affecting VMware HCX, a key component used in multi-cloud infrastructures to enable applica ... Read more
-
Cybersecurity News
LockBit Imposter: New Ransomware Leverages AWS for Attacks
The sample’s attack flow | Image: Trend MicroIn a detailed report by Trend Micro, cybersecurity researchers uncovered a sophisticated ransomware operation abusing Amazon Web Services (AWS) infrastruct ... Read more
-
Cybersecurity News
CVE-2024-48904 (CVSS 9.8): Critical Command Injection Vulnerability in Trend Micro Cloud Edge
Trend Micro has issued an urgent security bulletin warning users of a critical command injection vulnerability in its Cloud Edge appliance. This vulnerability, tracked as CVE-2024-48904 and assigned a ... Read more
-
Cybersecurity News
ShadowLogic: The Codeless Backdoor Threatening AI Supply Chains
In a major development in AI cybersecurity, the HiddenLayer Security AI (SAI) team has uncovered a groundbreaking method for embedding backdoors in machine learning models, dubbed ShadowLogic. This ne ... Read more
-
Cybersecurity News
Ragic Enterprise Cloud Database Patches Multi Flaws, Including CVE-2024-9984 (CVSS 9.8)
Taiwan’s Computer Emergency Response Team (TWCERT/CC) has issued a warning regarding multiple vulnerabilities discovered in the Ragic Enterprise Cloud Database, a popular no-code platform for building ... Read more