CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Google: 70% of exploited flaws disclosed in 2023 were zero-days
Google Mandiant security analysts warn of a worrying new trend of threat actors demonstrating a better capability to discover and exploit zero-day vulnerabilities in software. Specifically, of the 138 ...
-
The Register
Critical default credential bug in Kubernetes Image Builder allows SSH root access
A critical bug in Kubernetes Image Builder could allow unauthorized SSH access to virtual machines (VMs) thanks to default credentials being enabled during the image build process. Image Builder is a ...
-
The Register
SolarWinds critical hardcoded credential bug under active exploit
A critical, hardcoded login credential in SolarWinds' Web Help Desk line has been exploited in the wild by criminals, according to the US Cybersecurity and Infrastructure Security Agency, which has ad ...
-
BleepingComputer
SolarWinds Web Help Desk flaw is now exploited in attacks
CISA has added three flaws to its 'Known Exploited Vulnerabilities' (KEV) catalog, among which is a critical hardcoded credentials flaw in SolarWinds Web Help Desk (WHD) that the vendor fixed in late ...
-
Dark Reading
Hybrid Work Exposes New Vulnerabilities in Print Security
Source: Magnetic Mcc via ShutterstockThe shift to hybrid work models has exposed new vulnerabilities in corporate print infrastructure and heightened security risks at many organizations.The risks run ...
-
BleepingComputer
Critical Kubernetes Image Builder flaw gives SSH root access to VMs
A critical vulnerability in Kubernetes could allow unauthorized SSH access to a virtual machine running an image created with the Kubernetes Image Builder project. Kubernetes is an open-source platfor ...
-
TheCyberThrone
Google Chrome Version 130 Released
Google has released the new version of its Chrome browser and fixes around 17 vulnerabilities ranging between high and medium and low.High Severity CVE-2024-9954: Use after free in AI.Medium Severity ...
-
security.nl
Besmette advertenties gebruikten IE-lek voor 'zero-click' malware-infectie
Aanvallers hebben recentelijk besmette advertenties gebruikt om Windowsgebruikers zonder enige interactie met malware te infecteren. Daarbij werd gebruikgemaakt van een kwetsbaarheid in Internet Explo ...
-
BleepingComputer
Malicious ads exploited Internet Explorer zero day to drop malware
The North Korean hacking group ScarCruft launched a large-scale attack in May that leveraged an Internet Explorer zero-day flaw to infect targets with the RokRAT malware and exfiltrate data. ScarCruft ...
-
Krypt3ia
Threat Actor Profile: TA-RedAnt
Overview: Aliases: No known aliases Country of Origin: Likely from East Asia (speculated), with no firm attribution yet. Motivation: Primarily espionage and financially motivated attacks, potentially ...