CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
0patch.com
Micropatches for Windows Installer Elevation of Privilege Vulnerability (CVE-2024-38014)
September 2024 Windows Updates brought a patch for CVE-2024-38014, a privilege escalation vulnerability in Windows Installer that could allow a local low-privileged attacker to execute arbitrary code ... Read more
-
Cybersecurity News
CVE-2024-29824: Critical Vulnerability in Ivanti Endpoint Manager Actively Exploited, PoC Published
Successfully exploiting using Burp | Image: Horizon3The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding the active exploitation of a critical vulnerability ... Read more
-
security.nl
VS waarschuwt voor misbruik van SQL Injection-lek in Ivanti Endpoint Manager
Aanvallers maken actief misbruik van een kritiek SQL Injection-lek in Ivanti Endpoint Manager (EPM), zo waarschuwt het Cybersecurity and Infrastructure Security Agency (CISA) van het Amerikaanse minis ... Read more
-
BleepingComputer
CISA: Network switch RCE flaw impacts critical infrastructure
U.S. cybersecurity agency CISA is warning about two critical vulnerabilities that allow authentication bypass and remote code execution in Optigo Networks ONS-S8 Aggregation Switch products used in cr ... Read more
-
security.nl
Honderdduizenden DrayTek-routers via kritiek lek op afstand over te nemen
Honderdduizenden routers van fabrikant DrayTek bevatten een kritiek beveiligingslek waardoor ze op afstand door aanvallers zijn over te nemen. Dat stelt securitybedrijf Forescout op basis van eigen on ... Read more
-
BleepingComputer
Critical Zimbra RCE flaw exploited to backdoor servers using emails
Hackers are actively exploiting a recently disclosed RCE vulnerability in Zimbra email servers that can be triggered simply by sending specially crafted emails to the SMTP server. The Zimbra remote co ... Read more
-
security.nl
Securitybedrijf meldt grootschalig misbruik van lek in Zimbra-mailservers
Aanvallers maken actief misbruik van een kwetsbaarheid waardoor het mogelijk is om commando's op Zimbra-mailservers uit te voeren, zo waarschuwt securitybedrijf Proofpoint. Zimbra kwam vorige maand me ... Read more
-
The Hacker News
Alert: Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit
Vulnerability / Data Breach Cybersecurity researchers have disclosed that 5% of all Adobe Commerce and Magento stores have been hacked by malicious actors by exploiting a security vulnerability dubbed ... Read more
-
Help Net Security
Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519)
Attackers are actively exploiting CVE-2024-45519, a critical Zimbra vulnerability that allows them to execute arbitrary commands on vulnerable installations. Proofpoint’s threat researchers say that t ... Read more
-
The Register
'Patch yesterday': Zimbra mail servers under siege through RCE vuln
"Patch yesterday" is the advice from infosec researchers as the latest critical vulnerability affecting Zimbra mail servers is now being mass-exploited. The remote code execution vulnerability (CVE-20 ... Read more