CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
security.nl
VS waarschuwt voor Jenkins-lek gebruikt bij ransomware-aanvallen
Het cyberagentschap van de Amerikaanse overheid waarschuwt voor een kritieke path traversal-kwetsbaarheid in Jenkins die bij ransomware-aanvallen is ingezet. Jenkins is een open source automatiserings ... Read more
-
The Cyber Express
Critical Remote Code Execution Vulnerability Addressed in GiveWP Plugin
The GiveWP plugin, a widely used donation and fundraising tool for WordPress, has recently undergone a crucial update to address a severe security flaw. This GiveWP vulnerability, discovered by the re ... Read more
-
Cybersecurity News
Lazarus Group Exploits Microsoft Zero-Days CVE-2024-38193, Patch Urgently
Last week, Microsoft addressed multiple high-severity security vulnerabilities in its security updates, some of which have already been exploited by hackers. For instance, the CVE-2024-38193 (CVSS 7.8 ... Read more
-
The Hacker News
CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks
Vulnerability / Ransomware The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw impacting Jenkins to its Known Exploited Vulnerabilities (KEV) catalog, f ... Read more
-
Cyber Security News
PoC Exploit Released for Windows 0-Day Downgrade Attack
A proof-of-concept (PoC) exploit has been publicly released for a pair of critical zero-day vulnerabilities in Microsoft Windows that enable a novel “downgrade attack.” The flaws tracked as CVE-2024-3 ... Read more
-
BleepingComputer
Windows driver zero-day exploited by Lazarus hackers to install rootkit
Image: Midjourney The notorious North Korean Lazarus hacking group exploited a zero-day flaw in the Windows AFD.sys driver to elevate privileges and install the FUDModule rootkit on targeted systems. ... Read more
-
Cybersecurity News
PoC Exploit for Windows 0-Day Flaws CVE-2024-38202 and CVE-2024-21302 Released
Researchers have published the technical details and proof-of-concept (PoC) exploit code for two critical zero-day vulnerabilities in Windows, tracked as CVE-2024-38202 and CVE-2024-21302. These vulne ... Read more
-
Cybersecurity News
CVE-2024-5932 (CVSS 10): Critical RCE Vulnerability Impacts 100k+ WordPress Sites
A critical security flaw (CVE-2024-5932) in the popular GiveWP WordPress plugin has left over 100,000 websites vulnerable to remote code execution and unauthorized file deletion. This vulnerability, s ... Read more
-
Cybersecurity News
F5 Issues Security Advisories for NGINX Plus (CVE-2024-39792) & BIG-IP Next Central Manager (CVE-2024-39809)
F5, a prominent provider of application delivery and security solutions, has recently released security advisories addressing vulnerabilities in two of its products: NGINX Plus and BIG-IP Next Central ... Read more
-
Cybersecurity News
PrestaShop Websites Under Attack: GTAG Websocket Skimmer Steals Credit Card Data
Security researchers at Sucuri have discovered a new credit card skimmer exploiting a vulnerability in PrestaShop websites. This sophisticated attack uses a WebSocket connection to pilfer sensitive cu ... Read more