CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CrowdStrike.com
January 2025 Patch Tuesday: 10 Critical Vulnerabilities and Eight Zero-Days Among 159 CVEs
Microsoft has released security updates for 159 vulnerabilities in its January 2025 Patch Tuesday rollout. Among these are 10 Critical vulnerabilities and eight zero-days affecting the Windows Hyper-V ... Read more
-
TheCyberThrone
CVE-2023-37936 impacts Fortinet FortiSwitch
CVE-2023-37936 is a critical security vulnerability identified in Fortinet FortiSwitch devices. This vulnerability is particularly severe due to its potential to allow unauthorized code execution, lea ... Read more
-
Ars Technica
Microsoft patches Windows to eliminate Secure Boot bypass threat
For the past seven months—and likely longer—an industry-wide standard that protects Windows devices from firmware infections could be bypassed using a simple technique. On Tuesday, Microsoft finally p ... Read more
-
CrowdStrike.com
January 2025 Patch Tuesday: 10 Critical Vulnerabilities and Eight Zero-Days Among 159 CVEs
Microsoft has released security updates for 159 vulnerabilities in its January 2025 Patch Tuesday rollout. Among these are 10 Critical vulnerabilities and eight zero-days affecting the Windows Hyper-V ... Read more
-
The Hacker News
New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits
Vulnerability / Cybersecurity Details have emerged about a now-patched security vulnerability that could allow a bypass of the Secure Boot mechanism in Unified Extensible Firmware Interface (UEFI) sys ... Read more
-
The Hacker News
Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer
Threat actors have been observed concealing malicious code in images to deliver malware such as VIP Keylogger and 0bj3ctivity Stealer as part of separate campaigns. "In both campaigns, attackers hid m ... Read more
-
security.nl
Bootloader-beveiligingslek laat aanvallers UEFI Secure Boot omzeilen
Een kwetsbaarheid in een bootloader-applicatie maakt het mogelijk voor aanvallers om UEFI Secure Boot te omzeilen en zo het systeem te compromitteren. Het probleem is inmiddels door de betrokken lever ... Read more
-
Help Net Security
Configuration files for 15,000 Fortinet firewalls leaked. Are yours among them?
A threat actor has leaked configuration files (aka configs) for over 15,000 Fortinet Fortigate firewalls and associated admin and user credentials. The collection has been leaked on Monday and publici ... Read more
-
Dark Reading
Trusted Apps Sneak a Bug Into the UEFI Boot Process
Source: Ognyan Yosifov via Alamy Stock PhotoA vulnerability in trusted system recovery programs could allow privileged attackers to inject malware directly into the system startup process in Unified E ... Read more
-
TheCyberThrone
Ivanti fixes Critical Security Vulnerabilities in EPM
OverviewIvanti has recently addressed multiple critical and high-severity vulnerabilities in its Endpoint Manager (EPM) software. These vulnerabilities could allow unauthorized access, remote code exe ... Read more