CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
GitHub Enterprise Server Patches Critical Security Flaw – CVE-2024-9487 (CVSS 9.5)
GitHub has released security updates to address two vulnerabilities in GitHub Enterprise Server, one of which could allow attackers to bypass authentication and gain unauthorized access.The most sever ... Read more
-
Cybersecurity News
Thousands of Fortinet Devices Remain Exposed to RCE CVE-2024-23113 Vulnerability
A recent report from the Shadowserver Foundation has revealed a concerning number of Fortinet devices remain vulnerable to a critical remote code execution (RCE) vulnerability, despite patches being a ... Read more
-
Cybersecurity News
Apache Roller Patches CSRF Flaw CVE-2024-46911 in Latest Update
The Apache Software Foundation has released a security update for Apache Roller, a popular Java-based blogging platform. This update addresses a critical Cross-site Request Forgery (CSRF) vulnerabilit ... Read more
-
Cybersecurity News
Plane Project Management Tool Patches Critical SSRF Flaw – CVE-2024-47830 (CVSS 9.3)
A critical security vulnerability has been discovered and patched in Plane, a popular open-source project management tool. The vulnerability, identified as CVE-2024-47830 and assigned a CVSS score of ... Read more
-
TheCyberThrone
Apache Avro vulnerability CVE-2024-47561
Apache project releases patch for a vulnerability tracked as CVE-2024-47561, that impacts all versions of the software prior to 1.11.4.Apache Avro is a data serialization framework developed as part o ... Read more
-
TheCyberThrone
CISA releases VDP platform Annual report for 2023
The U.S. CISA has released its 2023 Annual Report for the Vulnerability Disclosure Policy (VDP) Platform. Over the past year, the agency concentrated on promoting greater adoption of the VDP Platform ... Read more
-
BleepingComputer
Iranian hackers now exploit Windows flaw to elevate privileges
The Iranian state-sponsored hacking group APT34, aka OilRig, has recently escalated its activities with new campaigns targeting government and critical infrastructure entities in the United Arab Emira ... Read more
-
The Hacker News
OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf
The Iranian threat actor known as OilRig has been observed exploiting a now-patched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. an ... Read more
-
Help Net Security
Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) For October 202 ... Read more
-
TheCyberThrone
TheCyberThrone Security BiWeekly Review – October 12, 2024
Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the weeks ending Saturday, October 5, 12, 2024.Microsoft Patch Tues ... Read more