CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
'Patch yesterday': Zimbra mail servers under siege through RCE vuln
"Patch yesterday" is the advice from infosec researchers as the latest critical vulnerability affecting Zimbra mail servers is now being mass-exploited. The remote code execution vulnerability (CVE-20 ... Read more
-
tripwire.com
Tripwire Patch Priority Index for September 2024
Tripwire's September 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft.First on the list are patches for Microsoft Excel, Visio, and Publisher that resolve remote ... Read more
-
The Hacker News
Researchers Sound Alarm on Active Attacks Exploiting Critical Zimbra Postjournal Flaw
Email Security / Vulnerability Cybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor's Zimbra Collaboration. Enterprise security ... Read more
-
Cybersecurity News
PoC Exploit Releases for Zimbra RCE Flaw CVE-2024-45519: Mass Exploitation Detected
Image: ptswarmZimbra, one of the most widely used email and collaboration platforms globally, has recently been identified as vulnerable to a critical security flaw that could allow attackers to take ... Read more
-
Cybersecurity News
Microarchitectural Control-flow Integrity (μCFI): Thwarting Timing & Hijacking Attacks
CPU-specific formal verification flow | Image: COMSECIn a study, researchers from COMSEC, the computer security group at ETH Zurich’s Department of Information Technology and Electrical Engineering (D ... Read more
-
Cybersecurity News
CVE-2024-8940 (CVSS 10): Critical Flaw in Scriptcase Low-Code Platform Leaves Developers at Risk
Developers using the popular low-code platform Scriptcase are urged to update their software immediately after discovering three critical vulnerabilities that could expose their applications to seriou ... Read more
-
Cybersecurity News
CVE-2024-9194: SQLi Flaw Discovered in Octopus Server, Urgent Patch Recommended
Octopus Deploy, a leading continuous delivery platform used by thousands of software teams worldwide, has released a critical security update to address a severe vulnerability (CVE-2024-9194) in its O ... Read more
-
TheCyberThrone
WordPress Plugin GiveWP Bug CVE-2024-8353
A critical vulnerability has been discovered in the popular GiveWP donation plugin for WordPress, potentially allowing unauthenticated attackers to take complete control of affected websites.The vulne ... Read more
-
Cybersecurity News
CVE-2024-47070: Critical Flaw in authentik Identity Provider Allows Authentication Bypass
A critical security vulnerability (CVE-2024-47070) has been discovered in the popular Identity Provider (IdP) and Single Sign-On (SSO) solution, authentik. Rated with a high CVSS score of 9.1, this fl ... Read more
-
BleepingComputer
Arc browser launches bug bounty program after fixing RCE bug
The Browser Company has introduced an Arc Bug Bounty Program to encourage security researchers to report vulnerabilities to the project and receive rewards. This development comes in response to a cri ... Read more