CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
Urgent Security Update: Guix System Patches Critical Vulnerability
A critical security vulnerability has been discovered in the widely-used Guix system, particularly affecting the guix-daemon. This flaw could allow local users to escalate privileges, potentially tamp ...
-
Cybersecurity News
Virtual Hard Drives: The New Bypass for Secure Email Gateways and Antivirus Scanners
XWorm execution flow | Image: Netskope Threat LabsIn a recent report by Kahng An, part of the Cofense Intelligence Team, a critical vulnerability in the detection capabilities of Secure Email Gateways ...
-
Cybersecurity News
Hardcoded Cloud Credentials Found in Popular Mobile Apps: A Major Security Flaw
In a recent report by Symantec, a critical security issue has been uncovered in several widely-used mobile applications across both Android and iOS platforms. These apps have been found to contain har ...
-
Cybersecurity News
Cryptojacking Alert: Hackers Exploit gRPC and HTTP/2 to Deploy Miners
Attack chain | Image: Trend MicroTrend Micro researchers have uncovered a new and unconventional method used by cybercriminals to deploy the SRBMiner cryptominer on Docker remote API servers. This att ...
-
Cybersecurity News
Inside China’s State-Sponsored Hacking Competitions: Talent Spotting and Global Outreach
Source: CTFWar.A new report by the Atlantic Council sheds light on China’s sophisticated and highly structured Capture the Flag (CTF) competition framework, which is helping the country become a globa ...
-
TheCyberThrone
CISA adds SharePoint vulnerability to its KEV Catalog
The US CISA has added Microsoft SharePoint vulnerability to its Known Exploited Vulnerability Catalog based on the evidence of active exploitationCVE-2024-38094 With a CVSS score of 7.2, Microsoft Sha ...
-
Trend Micro
Unmasking Prometei: A Deep Dive Into Our MXDR Findings
Cyber Threats How does Prometei insidiously operate in a compromised system? This Managed Extended Detection and Response investigation conducted with the help of Trend Vision One provides a comprehen ...
-
Dark Reading
Samsung Zero-Day Vuln Under Active Exploit, Google Warns
Source: B Christopher via Alamy Stock PhotoA zero-day vulnerability, tracked as CVE-2024-44068, has been discovered in Samsung's mobile processors and is being used in an exploit chain for arbitrary c ...
-
Dark Reading
OPA for Windows Vulnerability Exposes NTLM Hashes
Source: adison pangchai via ShutterstockOrganizations using Open Policy Agent (OPA) for Windows should consider updating to v0.68.0 or later to protect against an authentication hash leakage vulnerabi ...
-
DoublePulsar
Burning Zero Days: FortiJump FortiManager vulnerability used by nation state in espionage via MSPs
Yes, I’ve made a logo in crayon and named this FortiJump.Did you know there’s widespread exploitation of FortiNet products going on using a zero day, and that there’s no CVE? Now you do.I’ve even made ...