CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Russian spies may have moved in next door to target your network
Infosec in brief Not to make you paranoid, but that business across the street could, under certain conditions, serve as a launching point for Russian cyber spies to compromise your network. Using wha ...
-
Cybersecurity News
Fortune 1000’s Hidden Threat: 30,000 Exposed APIs and 100,000 API Vulnerabilities Unveiled
Image: EscapeThe State of API Exposure 2024 report from the Escape team has unveiled a staggering number of exposed and vulnerable APIs within some of the world’s largest organizations. This comprehen ...
-
Trend Micro
Game of Emperor: Unveiling Long Term Earth Estries Cyber Intrusions
APT & Targeted Attacks Since 2023, APT group Earth Estries has aggressively targeted key industries globally with sophisticated techniques and new backdoors, like GHOSTSPIDER and MASOL RAT, for prolon ...
-
Help Net Security
Week in review: 0-days exploited in Palo Alto Networks firewalls, two unknown Linux backdoors identified
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: 2,000 Palo Alto Networks devices compromised in latest attacks Attackers have compromised around 2,000 ...
-
Cybersecurity News
CVE-2024-9511 (CVSS 9.8): Critical Flaw in FluentSMTP Plugin Exposes Over 300,000 WordPress Sites to Potential Takeover
A critical-severity vulnerability has been discovered in FluentSMTP, a widely used WordPress plugin designed to optimize email deliverability. Tracked as CVE-2024-9511 and assigned a CVSS v3.1 score o ...
-
BleepingComputer
Hackers abuse Avast anti-rootkit driver to disable defenses
A new malicious campaign is using a legitimate but old and vulnerable Avast Anti-Rootkit driver to evade detection and take control of the target system by disabling security components. The malware t ...
-
TheCyberThrone
PaloAlto devices are under massive exploitation
Researchers from Shadowserver have revealed that approximately 2,000 Palo Alto Networks firewalls have been compromised leavaraging recently discovered zeroday bugs. namely CVE-2024-0012 and CVE-2024 ...
-
Cybersecurity News
CVE-2024-8811: WinZip Flaw Allows Malicious Code Execution
Security researchers have uncovered a critical vulnerability in WinZip, a widely-used file archiving tool, that could allow attackers to bypass crucial security measures and potentially execute malici ...
-
Ars Technica
Spies hack Wi-Fi networks in far-off land to launch attack on target next door
While stalking its target, GruesomeLarch performed credential-stuffing attacks that compromised the passwords of several accounts on a web service platform used by the organization's employees. Two-fa ...
-
Cybersecurity News
Wowza Streaming Engine Vulnerabilities Expose Thousands of Servers to Attack
Ryan Emmons, Lead Security Researcher at Rapid7, has discovered multiple vulnerabilities in Wowza Streaming Engine, a popular media server software. The vulnerabilities could allow a remote attacker t ...