CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
security.nl
Windows-kwetsbaarheid sinds juni misbruikt voor installatie van rootkit
Aanvallers hebben sinds juni een kwetsbaarheid in Windows gebruikt voor de installatie van een rootkit, zo stelt securitybedrijf Gen Digital. Microsoft rolde vorige week dinsdag een beveiligingsupdate ... Read more
-
TheCyberThrone
CISA adds Jenkins bug CVE-2024-23897 to its KEV Catalog
The U.S. CISA added a Jenkins Command Line Interface (CLI) Path Traversal vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.Jenkins has addressed the vulnerability tracked as CVE-2024 ... Read more
-
security.nl
VS waarschuwt voor Jenkins-lek gebruikt bij ransomware-aanvallen
Het cyberagentschap van de Amerikaanse overheid waarschuwt voor een kritieke path traversal-kwetsbaarheid in Jenkins die bij ransomware-aanvallen is ingezet. Jenkins is een open source automatiserings ... Read more
-
The Cyber Express
Critical Remote Code Execution Vulnerability Addressed in GiveWP Plugin
The GiveWP plugin, a widely used donation and fundraising tool for WordPress, has recently undergone a crucial update to address a severe security flaw. This GiveWP vulnerability, discovered by the re ... Read more
-
Cybersecurity News
Lazarus Group Exploits Microsoft Zero-Days CVE-2024-38193, Patch Urgently
Last week, Microsoft addressed multiple high-severity security vulnerabilities in its security updates, some of which have already been exploited by hackers. For instance, the CVE-2024-38193 (CVSS 7.8 ... Read more
-
The Hacker News
CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks
Vulnerability / Ransomware The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw impacting Jenkins to its Known Exploited Vulnerabilities (KEV) catalog, f ... Read more
-
Cyber Security News
PoC Exploit Released for Windows 0-Day Downgrade Attack
A proof-of-concept (PoC) exploit has been publicly released for a pair of critical zero-day vulnerabilities in Microsoft Windows that enable a novel “downgrade attack.” The flaws tracked as CVE-2024-3 ... Read more
-
BleepingComputer
Windows driver zero-day exploited by Lazarus hackers to install rootkit
Image: Midjourney The notorious North Korean Lazarus hacking group exploited a zero-day flaw in the Windows AFD.sys driver to elevate privileges and install the FUDModule rootkit on targeted systems. ... Read more
-
Cybersecurity News
PoC Exploit for Windows 0-Day Flaws CVE-2024-38202 and CVE-2024-21302 Released
Researchers have published the technical details and proof-of-concept (PoC) exploit code for two critical zero-day vulnerabilities in Windows, tracked as CVE-2024-38202 and CVE-2024-21302. These vulne ... Read more
-
Cybersecurity News
CVE-2024-5932 (CVSS 10): Critical RCE Vulnerability Impacts 100k+ WordPress Sites
A critical security flaw (CVE-2024-5932) in the popular GiveWP WordPress plugin has left over 100,000 websites vulnerable to remote code execution and unauthorized file deletion. This vulnerability, s ... Read more