CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
seclists.org
SEC Consult SA-20241030-0 :: Query Filter Injection in Ping Identity PingIDM (formerly known as ForgeRock Identity Management) (CVE-2024-23600)
Full Disclosure mailing list archives From: SEC Consult Vulnerability Lab via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 30 Oct 2024 09:57:55 +0000 SEC Consult Vulnerability Lab Securi ...
-
BleepingComputer
LiteSpeed Cache WordPress plugin bug lets hackers get admin access
The free version of the popular WordPress plugin LiteSpeed Cache has fixed a dangerous privilege elevation flaw on its latest release that could allow unauthenticated site visitors to gain admin right ...
-
The Hacker News
New LightSpy Spyware Version Targets iPhones with Increased Surveillance Tactics
Spyware / Mobile Security Cybersecurity researchers have discovered an improved version of an Apple iOS spyware called LightSpy that not only expands on its functionality, but also incorporates destru ...
-
Help Net Security
Sophos mounted counter-offensive operation to foil Chinese attackers
Sophos conducted defensive and counter-offensive operation over the last five years with multiple interlinked nation-state adversaries based in China targeting perimeter devices, including Sophos Fire ...
-
security.nl
VS waarschuwt voor misbruik van 'Miracle Exploit' in Oracle-producten
Het Amerikaanse ministerie van Volksgezondheid en het Cybersecurity and Infrastructure Security Agency (CISA) van het Amerikaanse ministerie van Homeland Security waarschuwen voor misbruik van verschi ...
-
The Hacker News
LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites
Vulnerability / Website Security A high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could allow an unauthenticated threat actor to elevate their privileg ...
-
security.nl
Groot aantal Xlight ftp-servers op internet via kritiek lek op afstand over te nemen
Een groot aantal Xlight ftp-servers die vanaf internet benaderbaar zijn bevatten een kritieke kwetsbaarheid waardoor de systemen op afstand door een ongeauthenticeerde aanvaller zijn over te nemen. Da ...
-
security.nl
Fortinet geeft ip-adressen gebruikt bij aanvallen op FortiManager-servers
Fortinet heeft meer informatie gegeven over de aanvallen waar FortiManager-servers al maanden het doelwit van zijn, waaronder ip-adressen die de aanvallers gebruiken. Aanvallers maken al zeker sinds j ...
-
Cybersecurity News
CVE-2024-10392 (CVSS 9.8): Popular WordPress AI Plugin Exposed to Critical Security Risk
Website owners using the AI Power: Complete AI Pack plugin are urged to update to the latest version immediately to patch a critical vulnerability that could lead to complete site takeover.The flaw, t ...
-
Cybersecurity News
CVE-2024-43383: Critical Flaw in Apache Lucene.NET Exposes Users to Remote Code Execution
Developers using Apache Lucene.NET are urged to update their systems immediately following the discovery of a serious security flaw that could allow attackers to remotely execute malicious code.The vu ...