CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
Windows Zero-day Flaw Let Hackers Downgrade Fully Updated Systems to Old Vulnerabilities
Every software and operating system vendor has been implementing security measures to protect their products. This is because threat actors require a lot of time to find a zero-day but less time to fi ... Read more
-
The Hacker News
Critical Security Flaw in WhatsUp Gold Under Active Attack - Patch Now
Vulnerability / Network Security A critical security flaw impacting Progress Software WhatsUp Gold is seeing active exploitation attempts, making it essential that users move quickly to apply the late ... Read more
-
The Register
Your victim's Windows PC fully patched? Just force undo its updates and exploit away
Black Hat Techniques to forcibly remove security patches from Windows machines so that fixed vulnerabilities are exploitable again were demonstrated this week. These methods are a handy means for rogu ... Read more
-
Cybersecurity News
PoC Exploit Released for Apache OFBiz Remote Code Execution Flaw (CVE-2024-38856)
Today, cybersecurity researcher Zeyad Azima from SecureLayer7 and Youssef Muhammad have published a proof-of-concept (PoC) exploit code for a critical vulnerability (CVE-2024-38856) in the Apache OFBi ... Read more
-
Cybersecurity News
Zero-Day Vulnerability: 18 Years of Exploiting the ‘0.0.0.0’ Flaw
A study revealed a hidden vulnerability that has plagued the world’s largest browsers for 18 years, leaving private and corporate networks susceptible to cyberattacks. Researchers from Oligo Security ... Read more
-
Cybersecurity News
CVE-2024-21302, CVE-2024-38202: Zero-Day Vulnerabilities Expose Windows Systems to “Unpatching” Attacks
At Black Hat 2024, security researcher Alon Leviev from SafeBreach security researcher unveiled two zero-day vulnerabilities (CVE-2024-21302, CVE-2024-38202) that could be exploited to reverse patches ... Read more
-
Cybersecurity News
Cisco Small Business IP Phones Affected by Critical Vulnerabilities, No Patch!
In a recent security advisory, Cisco disclosed multiple critical vulnerabilities affecting their Small Business SPA300 and SPA500 Series IP Phones. These vulnerabilities, identified as CVE-2024-20450, ... Read more
-
Cybersecurity News
Apache CloudStack Releases Critical Patches (CVE-2024-42062 and CVE-2024-42222)
The Apache CloudStack project has issued an urgent security advisory, urging users to update their software immediately to address two critical vulnerabilities, CVE-2024-42062 and CVE-2024-42222. Thes ... Read more
-
seclists.org
KL-001-2024-010: Journyx Unauthenticated XML External Entities Injection
Full Disclosure mailing list archives From: KoreLogic Disclosures via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 7 Aug 2024 18:54:52 -0500 KL-001-2024-010: Journyx Unauthenticated XML ... Read more
-
seclists.org
KL-001-2024-009: Journyx Reflected Cross Site Scripting
Full Disclosure mailing list archives KL-001-2024-009: Journyx Reflected Cross Site Scripting From: KoreLogic Disclosures via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 7 Aug 2024 18:5 ... Read more