CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Dark Reading
Thousands of DrayTek Routers at Risk From 14 Vulnerabilities
Source: PeterPhoto123 via ShutterstockPotentially tens of thousands of DrayTek routers, including models that many businesses and government agencies use, are at heightened risk of attack via 14 newly ... Read more
-
Dark Reading
CISA Adds High-Severity Ivanti Vulnerability to KEV Catalog
Source: Kristoffer Tripplaar via Alamy Stock PhotoOne of the latest vulnerabilities that the Cybersecurity and Infrastructure Security Agency has added to the Known Exploited Vulnerabilities Catalog i ... Read more
-
AttackIQ
Emulating the Surging Hadooken Malware
On September 12, 2024, AquaSec reported the identification of a new Linux-based malware during an intrusion chain that abused misconfigurations on public-facing Oracle Weblogic Servers. Days later, on ... Read more
-
Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News
New Linux Malware ‘Perfctl’ Targets Millions by Mimicking System Files
New Linux malware ‘Perfctl’ is targeting millions worldwide, mimicking system files to evade detection. This sophisticated malware compromises Linux servers, exploiting vulnerabilities for cryptominin ... Read more
-
BleepingComputer
Over 4,000 Adobe Commerce, Magento shops hacked in CosmicSting attacks
Adobe Commerce and Magento online stores are being targeted in "CosmicSting" attacks at an alarming rate, with threat actors hacking approximately 5% of all stores. The CosmicSting vulnerability (CVE- ... Read more
-
Zero Day Initiative
From Pwn2Own Automotive: More Autel Maxicharger Vulnerabilities
The vulnerable function is responsible for handling ACMP messages received from a websockets server (that can be attacker-controlled). The exact meaning of “ACMP” is unknown but the researchers’ best ... Read more
-
TheCyberThrone
Cloudflare mitigated record 3.8Tbps DDoS attack
Cloudflare has been reported that it has mitigated over 100 hyper-volumetric L3/4 DDoS attacks, with many exceeding 2 billion Pps and 3 Tbps. The largest DDoS attack peaked at 3.8 Tbps, which is the h ... Read more
-
Cybersecurity News
CVE-2024-5102: Avast Antivirus Flaw Could Allow Hackers to Delete Files and Run Code as SYSTEM
A high-severity vulnerability (CVE-2024-5102) has been discovered in Avast Antivirus for Windows, potentially allowing attackers to gain elevated privileges and wreak havoc on users’ systems. This fla ... Read more
-
Help Net Security
Critical Ivanti Endpoint Manager flaw exploited (CVE-2024-29824)
CVE-2024-29824, an unauthenticated SQL Injection vulnerability in Ivanti Endpoint Manager (EPM) appliances, is being exploited by attackers, the Cybersecurity and Infrastructure Security Agency has co ... Read more
-
Cybersecurity News
Linux Servers Under Siege: “Perfctl” Malware Evades Detection for Years
The entire attack flow | Image: Aqua NautilusIn a recent report by Aqua Nautilus researchers Assaf Morag and Idan Revivo, the Linux server community has been alerted to the presence of a particularly ... Read more