CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Dark Reading
Single HTTP Request Can Exploit 6M WordPress Sites
Source: Primakov via ShutterstockA WordPress plug-in installed more than 6 million times is vulnerable to a cross-site scripting flaw (XSS) that allows attackers to escalate privileges and potentially ... Read more
-
security.nl
'Nederland telt ruim tweehonderd Zimbra-mailservers met kritiek beveiligingslek'
Ruim tweehonderd Zimbra-mailservers in Nederland missen een beveiligingsupdate voor een op grote schaal aangevallen kritieke kwetsbaarheid, zo meldt The Shadowserver Foundation op basis van eigen onde ... Read more
-
The Hacker News
Critical Apache Avro SDK Flaw Allows Remote Code Execution in Java Applications
Open Source / Software Security A critical security flaw has been disclosed in the Apache Avro Java Software Development Kit (SDK) that, if successfully exploited, could allow the execution of arbitra ... Read more
-
Cybersecurity News
Cacti Network Monitoring Tool Patches Security Flaws, Including RCE Vulnerability
Popular open-source network monitoring tool, Cacti, has released an urgent security update addressing multiple vulnerabilities, including a critical Remote Code Execution (RCE) flaw.The update, versio ... Read more
-
Cybersecurity News
CSP Bypass: A New Open-Source Tool for Ethical Hackers to Overcome Content Security Policies
Renowned security researcher Renniepak, the founder of Hacker Hideout, has launched an open-source tool called CSP Bypass. This tool is designed to assist ethical hackers and security researchers in i ... Read more
-
The Cyber Express
Apple Patches iOS Security Flaw That Could Reveal Saved Passwords
Apple has released new updates for iOS and iPadOS to fix two important security problems affecting many iPhone and iPad models. These Apple updates, now available as iOS 18.0.1 and iPadOS 18.0.1, fix ... Read more
-
Cybersecurity News
MediaTek Patches Critical Vulnerabilities in Smartphone, Tablet, and IoT Chipsets
MediaTek, a leading semiconductor company, has issued an October 2024 Product Security Bulletin addressing critical vulnerabilities affecting a wide range of its chipsets, including those used in smar ... Read more
-
Cybersecurity News
Privilege Escalation and Remote Code Execution Threaten Cisco Routers: No Updates Available
In a recent security advisory, Cisco revealed multiple vulnerabilities impacting its Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers, which could potentially expose busine ... Read more
-
Cybersecurity News
Redis Patches for Multi Flaws, Including Potential RCE (CVE-2024-31449)
Redis, a popular open-source data structure store often used as a database, cache, and message broker, has urged users to update their installations immediately following the discovery of three new se ... Read more
-
Cybersecurity News
CVE-2024-47191: Critical Flaw in OATH-Toolkit PAM Module Could Lead to Root Exploits
A serious vulnerability has been identified in the OATH-Toolkit’s PAM module, exposing systems to potential root-level exploits when handling one-time password (OTP) authentication. This issue, tracke ... Read more