CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Google fixes Android kernel zero-day exploited in targeted attacks
Image: MidjourneyAndroid security updates this month patch 46 vulnerabilities, including a high-severity remote code execution (RCE) exploited in targeted attacks. The zero-day, tracked as CVE-2024-36 ... Read more
-
Dark Reading
20K Ubiquiti IoT Cameras & Routers Are Sitting Ducks for Hackers
Source: Nirbokphoto.com via Alamy Stock PhotoTens of thousands of small office/home office (SOHO) devices sold by Ubiquiti Inc. are vulnerable on the open Internet to a five-year-old bug, researchers ... Read more
-
Dark Reading
Critical Apache OfBiz Vulnerability Allows Preauth RCE
Brian Jackson via Alamy Stock PhotoA critical pre-authentication remote code execution (RCE) security vulnerability in Apache OFBiz could open organizations to data theft, lateral movement by threat a ... Read more
-
TheCyberThrone
Apache OFBiz fixes CVE-2024-38856
Apache OFBiz has released an urgent security advisory due to the potential for unauthorized code execution.The vulnerability tracked as CVE-2024-38856 stems into an incorrect authorization handling wi ... Read more
-
Help Net Security
Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856)
CVE-2024-38856, an incorrect authorization vulnerability affecting all but the latest version of Apache OFBiz, may be exploited by remote, unauthenticated attackers to execute arbitrary code on vulner ... Read more
-
Dark Reading
Russia's 'Fighting Ursa' APT Uses Car Ads to Install HeadLace Malware
Source: Uwe Deffner via Alamy Stock PhotoA prolific Russian threat actor known as Fighting Ursa is targeting diplomats through a used-car sale email scheme that then distributes HeadLace backdoor malw ... Read more
-
Cyber Security News
APT41 Hackers Attacking Research Institute with ShadowPad and Cobalt Strike
Cisco Talos has unearthed a sophisticated cyber-espionage campaign targeting a Taiwanese government-affiliated research institute. The attack, attributed to the notorious Chinese hacking group APT41, ... Read more
-
The Cyber Express
Immediate Action Required: Critical Apache InLong Vulnerability Exploitable
The Apache InLong project, a widely used data integration framework designed for managing large-scale data streams, has issued an urgent security advisory regarding a critical vulnerability in its Tub ... Read more
-
Cyber Security News
Rockwell Automation Devices Flaw Let Hackers Gain Unauthorized Access
A critical security vulnerability in Rockwell Automation’s ControlLogix and GuardLogix controllers has been discovered. This vulnerability could potentially allow attackers to bypass security measures ... Read more
-
Cyber Security News
Leaked Wallpaper Exploit Let Attackers Escalate Privilege on Windows Systems
A critical security flaw in Windows’ wallpaper handling mechanism has been uncovered. It allows attackers to gain system-level privileges on affected machines. Security researcher Andrea Pierini discl ... Read more