CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Critical flaw in NVIDIA Container Toolkit allows full host takeover
A critical vulnerability in NVIDIA Container Toolkit impacts all AI applications in a cloud or on-premise environment that rely on it to access GPU resources. The security issue is tracked as CVE-2024 ... Read more
-
Help Net Security
Week in review: Windows Server 2025 gets hotpatching option, PoC for SolarWinds WHD flaw released
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Windows Server 2025 gets hotpatching option, without reboots Organizations that plan to upgrade to Win ... Read more
-
seclists.org
SEC Consult SA-20240925-0 :: Uninstall Password Bypass in BlackBerry CylanceOPTICS Windows Installer Package (CVE-2024-35214)
Full Disclosure mailing list archives From: SEC Consult Vulnerability Lab via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 25 Sep 2024 06:38:24 +0000 SEC Consult Vulnerability Lab Securi ... Read more
-
Cybersecurity News
CVE-2024-43917 (CVSS 9.3): Unpatched SQLi Flaw in TI WooCommerce Wishlist Threatens 100,000+ Sites
A critical security vulnerability has been discovered in the widely-used WordPress plugin, TI WooCommerce Wishlist, potentially exposing over 100,000 websites to malicious attacks. The flaw, tracked a ... Read more
-
Darktrace
Post-Exploitation Activities of Ivanti CS/PS Appliances
Darktrace’s teams have observed a surge in malicious activities targeting Ivanti Connect Secure (CS) and Ivanti Policy Secure (PS) appliances. Learn more!What are 'Unknown Unknowns'?When critical vuln ... Read more
-
Cybersecurity News
SloppyLemming’s Espionage Campaign Targets South Asia
A recent report from Cloudforce One has detailed a cyber espionage campaign orchestrated by a threat actor dubbed SloppyLemming, targeting government, defense, telecommunications, and energy sectors a ... Read more
-
Cybersecurity News
Critical WatchGuard Vulnerabilities Discovered: CVE-2024-6592 and CVE-2024-6593
Cybersecurity firm RedTeam Pentesting GmbH has disclosed two critical vulnerabilities, CVE-2024-6592 and CVE-2024-6593, in WatchGuard’s Authentication Gateway (also known as Single Sign-On Agent) and ... Read more
-
Dark Reading
Novel Exploit Chain Enables Windows UAC Bypass
Source: Panther Media GmbH via Alamy Stock PhotoResearchers have flagged a weakness they're tracking as CVE-2024-6769, calling it a combination user access control (UAC) bypass/privilege escalation vu ... Read more
-
The Hacker News
Progress Software Releases Patches for 6 Flaws in WhatsUp Gold – Patch Now
Software Security / Vulnerability Progress Software has released another round of updates to address six security flaws in WhatsUp Gold, including two critical vulnerabilities. The issues, the company ... Read more
-
TheCyberThrone
CUPS Vulnerability affecting Linux Print Server
There’s has been a spotlight on one of the vulnerability reported critical unauthenticated remote code execution flaws affecting Linux systems.Security researcher Simone Margaritelli discovered this v ... Read more