CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
Synology Fixes Critical Vulnerabilities in Synology Photos and BeePhotos After Pwn2Own Exposure
Synology has released security updates to address critical vulnerabilities in Synology Photos and BeePhotos, its photo management applications for network-attached storage (NAS), and personal cloud st ...
-
Cybersecurity News
CVE-2022-45157 (CVSS 9.1): Critical Security Flaw in Rancher Exposes vSphere Credentials in Plaintext
Image: SUSEThe SUSE Rancher Security team has recently issued a high-severity advisory, CVE-2022-45157, warning users of a critical vulnerability affecting Rancher’s handling of vSphere’s Cloud Provid ...
-
Cybersecurity News
Researcher Details CVE-2024-38812 (CVSS 9.8): Critical RCE Flaw in VMware vCenter
The SonicWall Capture Labs Threat Research Team has published an in-depth analysis of CVE-2024-38812, a critical heap-overflow vulnerability found in VMware vCenter Server. This vulnerability affects ...
-
Cybersecurity News
WhatsUp Gold Users Beware: Critical Authentication Bypass Flaw Exposed – CVE-2024-7763 (CVSS 9.8)
Progress Software has disclosed a severe new vulnerability in its popular network monitoring solution, WhatsUp Gold, that exposes organizations to potential cyberattacks by allowing unauthorized acces ...
-
Cybersecurity News
Healthcare Under Fire: HeptaX Campaign Steals and Manipulates Sensitive Data
Infection chain | Image: CRILCyble Research and Intelligence Labs (CRIL) has recently uncovered a covert and sophisticated cyberespionage campaign dubbed “HeptaX,” which exploits Remote Desktop Protoc ...
-
TheCyberThrone
Siemens fixes Critical Vulnerability CVE-2024-47901
Siemens has released patches for multiple vulnerabilities in its InterMesh wireless alarm reporting system that could allow an unauthenticated, remote attacker to execute arbitrary code with root priv ...
-
InfoSec Write-ups
CVE-2024–25600: WordPress Bricks Builder Remote Code Execution Vulnerability -$$$$ BOUNTY
Overview:The CVE-2024–25600 vulnerability is a high-severity flaw in the Bricks Builder plugin for WordPress, disclosed on February 26, 2024. It allows unauthenticated remote code execution (RCE), per ...
-
The Register
Senator accuses sloppy domain registrars of aiding Russian disinfo campaigns
in brief Senate intelligence committee chair Mark Warner (D-VA) is demanding to know why, in the wake of the bust-up of a massive online Russian disinformation operation, the names of six US-based dom ...
-
BleepingComputer
Fog ransomware targets SonicWall VPNs to breach corporate networks
Fog and Akira ransomware operators are increasingly breaching corporate networks through SonicWall VPN accounts, with the threat actors believed to be exploiting CVE-2024-40766, a critical SSL VPN acc ...
-
Help Net Security
Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Fortinet releases patches for publicly undisclosed critical FortiManager vulnerability In the last cou ...