CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
CISA warns of Jenkins RCE bug exploited in ransomware attacks
CISA has added a critical Jenkins vulnerability that can be exploited to gain remote code execution to its catalog of security bugs, warning that it's actively exploited in attacks. Jenkins is a wide ... Read more
-
The Register
Multiple flaws in Microsoft macOS apps unpatched despite potential risks
Cisco Talos says eight vulnerabilities in Microsoft's macOS apps could be abused by nefarious types to record video and sound from a user's device, access sensitive data, log user input, and escalate ... Read more
-
cloudsecurityalliance.org
Return of the RCE: Addressing the regreSSHion Vulnerability – CVE-2024-6378
Originally published by Pentera. A Regrettable Resurgence On July 1, 2024, the Qualys Threat Research Unit (TRU) published their discovery of an unauthenticated remote code execution (RCE) vulnerabili ... Read more
-
TheCyberThrone
PoC for IvantiTM vulnerability CVE-2024-7593 released
To limit the exploitability of this vulnerability, Ivanti recommends limiting Admin Access to the Management Interface internal to the network through the private / corporate network.The researchers a ... Read more
-
Cyber Security News
New Kubernetes Vulnerability Allows Attackers to Access Clusters Remotely
A critical vulnerability tracked as CVE-2024-7646, has been uncovered in the widely used ingress-nginx Kubernetes controller. The flaw allows attackers to bypass annotation validation, poses a signifi ... Read more
-
Cyber Security News
Microsoft macOS Apps Vulnerability Allows Hackers to Record Audio/Video
Cisco Talos has identified eight security vulnerabilities in Microsoft applications running on the macOS operating system, raising concerns about potential exploitation by adversaries. These vulnerabi ... Read more
-
Cyber Security News
Windows Secure Channel RCE Vulnerability Let Attackers Inject Malicious Files Remotely
A recent analysis of a security vulnerability in Microsoft’s Secure Channel revealed a critical flaw that could be exploited for remote code execution. The vulnerability was initially identified as an ... Read more
-
Cyber Security News
Linux Kernal Vulnerability Let Attackers Bypass CPU & Write on Memory
Researchers uncovered a vulnerability in the Linux kernel’s dmam_free_coherent() function, which stems from a race condition caused by the improper order of operations when freeing DMA (Direct Memory ... Read more
-
Cybersecurity News
HookChain: The Technique That Bypass Exposes EDR in 94% of Security Solutions
Image Credit: M4v3r1ckIn an ever-evolving cybersecurity landscape, where threats are becoming more sophisticated by the day, the focus on Endpoint Detection and Response (EDR) systems has never been m ... Read more
-
The Hacker News
Microsoft Patches Zero-Day Flaw Exploited by North Korea’s Lazarus Group
A newly patched security flaw in Microsoft Windows was exploited as a zero-day by Lazarus Group, a prolific state-sponsored actor affiliated with North Korea. The security vulnerability, tracked as CV ... Read more