CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Dark Reading
Near-'perfctl' Fileless Malware Targets Millions of Linux Servers
Source: J Poulssen via Alamy Stock PhotoA multipurpose and mysterious malware dropper has been terrorizing Linux servers worldwide for years, infecting untold thousands of victims with cryptomining an ... Read more
-
Ars Technica
Attackers exploit critical vulnerability recently patched in Zimbra servers
Attackers are actively exploiting a critical vulnerability in mail servers sold by Zimbra in an attempt to remotely execute malicious commands that install a backdoor, researchers warn. The vulnerabil ... Read more
-
Ars Technica
Attackers exploit critical Zimbra vulnerability using cc’d email addresses
Attackers are actively exploiting a critical vulnerability in mail servers sold by Zimbra in an attempt to remotely execute malicious commands that install a backdoor, researchers warn. The vulnerabil ... Read more
-
The Register
700K+ DrayTek routers are sitting ducks on the internet, open to remote hijacking
Fourteen newly found bugs in DrayTek Vigor routers — including one critical remote-code-execution flaw that received a perfect 10 out of 10 CVSS severity rating — could be abused by crooks looking to ... Read more
-
Dark Reading
Unix Printing Vulnerabilities Enable Easy DDoS Attacks
Source: sofiacorte via ShutterstockIt turns out that remote code execution is not the only way attackers can leverage a critical set of four vulnerabilities that a researcher recently disclosed in the ... Read more
-
The Register
Two simple give-me-control security bugs found in Optigo network switches used in critical manufacturing
Two trivial but critical security holes have been found in Optigo's Spectra Aggregation Switch, and so far no patch is available. The vulnerabilities, both with CVSS v4 severity scores of 9.3, can be ... Read more
-
BleepingComputer
Critical Ivanti RCE flaw with public exploit now used in attacks
CISA warned today that a critical Ivanti vulnerability that can let threat actors gain remote code execution on vulnerable Endpoint Manager (EPM) appliances is now actively exploited in attacks. Ivant ... Read more
-
Palo Alto Networks Blog
The Top 5 Largest Scale Intrusions in 2023
What Powered Them? Large-scale cyber intrusions increased during 2023, exploiting vulnerabilities in web applications and internet-facing software. Attackers favored this attack vector even more than ... Read more
-
Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News
Decade-Old Linux Vulnerability Can Be Exploited for DDoS Attacks on CUPS
This article explores the Linux vulnerability discovered by Simone Margaritelli, which, according to cybersecurity companies Uptycs and Akamai, can be exploited for additional malicious purposes, incl ... Read more
-
0patch.com
Micropatches for Windows Installer Elevation of Privilege Vulnerability (CVE-2024-38014)
September 2024 Windows Updates brought a patch for CVE-2024-38014, a privilege escalation vulnerability in Windows Installer that could allow a local low-privileged attacker to execute arbitrary code ... Read more