CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
cert.pl
Vulnerability in Stackposts Social Marketing Tool software
CVE ID CVE-2024-7127 Publication date 30 July 2024 Vendor Stackposts Product Social Marketing Tool Vulnerable versions All Vulnerability type (CWE) Improper Neutralization of Input During Web Page Gen ...
-
Cyber Security News
New MOVEit File Transfer Vulnerability Let Attackers Escalate Privileges
Progress Software has disclosed a new high-severity vulnerability in its MOVEit Transfer file transfer solution that could allow attackers to escalate privileges through improper authentication. The v ...
-
Help Net Security
VMware ESXi auth bypass zero-day exploited by ransomware operators (CVE-2024-37085)
Ransomware operators have been leveraging CVE-2024-37085, an authentication bypass vulnerability affecting Active Directory domain-joined VMware ESXi hypervisors, to gain full administrative access to ...
-
The Hacker News
VMware ESXi Flaw Exploited by Ransomware Groups for Admin Access
A recently patched security flaw impacting VMware ESXi hypervisors has been actively exploited by "several" ransomware groups to gain elevated permissions and deploy file-encrypting malware. The attac ...
-
Cyber Security News
Ransomware Gangs Exploiting VMware ESXi Auth Bypass Flaw for Mass Attacks
Microsoft researchers have found a critical vulnerability in VMware’s ESXi hypervisors. Ransomware operators are using this problem to attack systems. This vulnerability, CVE-2024-37085, allows threat ...
-
seclists.org
Bunch of IoT CVEs
Full Disclosure mailing list archives From: Willem Westerhof | Secura <Willem.Westerhof () secura com> Date: Fri, 26 Jul 2024 13:11:06 +0000 Hi all, A list of CVE’s in a bunch of IoT devices that neve ...
-
The Cyber Express
Ransomware Actors Exploit VMware ESXi Hypervisor Bug: Microsoft
Microsoft researchers have observed multiple ransomware operators exploiting a recently patched vulnerability in ESXi hypervisors to gain full administrative control over domain-joined ESXi servers. T ...
-
Ars Technica
Hackers exploit VMware vulnerability that gives them hypervisor admin
AUTHENTICATION NOT REQUIRED — Create new group called "ESX Admins" and ESXi automatically gives it admin rights. Getty Images Microsoft is urging users of VMware’s ESXi hypervisor to take immediate ...
-
The Cyber Express
Weekly Vulnerability Report: Cyble Urges Fixes in SolarWinds, Cisco, Ivanti & Microsoft
Cyble Research & Intelligence Labs (CRIL) researchers have analyzed more than 100 security vulnerabilities in the last two weeks, with flaws in IT products from SolarWinds, Cisco, Ivanti, Microsoft, E ...
-
The Hacker News
Critical Flaw in Acronis Cyber Infrastructure Exploited in the Wild
Enterprise Security / Data Protection Cybersecurity company Acronis is warning that a now-patched critical security flaw impacting its Cyber Infrastructure (ACI) product has been exploited in the wild ...