CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Iran's Pioneer Kitten hits US networks via buggy Check Point, Palo Alto gear
Iranian government-backed cybercriminals have been hacking into US and foreign networks as recently as this month to steal sensitive data and deploy ransomware, and they're breaking in via vulnerable ... Read more
-
BleepingComputer
Iranian hackers work with ransomware gangs to extort breached orgs
An Iran-based hacking group known as Pioneer Kitten is breaching defense, education, finance, and healthcare organizations across the United States and working with affiliates of several ransomware op ... Read more
-
BleepingComputer
Fortra fixes critical FileCatalyst Workflow hardcoded password issue
Fortra is warning of a critical hardcoded password flaw in FileCatalyst Workflow that could allow attackers unauthorized access to an internal database to steal data and gain administrator privileges. ... Read more
-
The Hacker News
Fortra Issues Patch for High-Risk FileCatalyst Workflow Security Vulnerability
Vulnerability / Data Security Fortra has addressed a critical security flaw impacting FileCatalyst Workflow that could be abused by a remote attacker to gain administrative access. The vulnerability, ... Read more
-
Zero Day Initiative
CVE-2024-37079: VMware vCenter Server Integer Underflow Code Execution Vulnerability
In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Grigory Dorodnov and Guy Lederfein of the Trend Micro Research Team detail a recently patched code execution vulne ... Read more
-
Dark Reading
Hitachi Energy Vulnerabilities Plague SCADA Power Systems
Source: Panchenko Vladimir via ShutterstockHitachi Energy is urging customers of its MicroSCADA X SYS600 product for monitoring and controlling utility power systems to immediately upgrade to a newly ... Read more
-
The Hacker News
APT-C-60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor
Cyber Attack / Vulnerability A South Korea-aligned cyber espionage has been linked to the zero-day exploitation of a now-patched critical remote code execution flaw in Kingsoft WPS Office to deploy a ... Read more
-
cert.pl
Vulnerabilities in HyperView Geoportal Toolkit software
CVE ID CVE-2024-6449 Publication date 28 August 2024 Vendor HyperView Product Geoportal Toolkit Vulnerable versions All through 8.2.4 Vulnerability type (CWE) Permissive Cross-domain Policy with Untru ... Read more
-
security.nl
Apache OFBiz ERP-systemen opnieuw doelwit van aanvallen
Apache OFBiz ERP-systemen zijn opnieuw het doelwit van aanvallen, zo waarschuwt het Cybersecurity and Infrastructure Security Agency (CISA) van het Amerikaanse ministerie van Homeland Security. OFBiz ... Read more
-
cert.pl
Vulnerability in ConnX ESP HR Management software
CVE ID CVE-2024-7269 Publication date 28 August 2024 Vendor ConnX Product ESP HR Management Vulnerable versions All before 6.6 Vulnerability type (CWE) Improper Neutralization of Input During Web Page ... Read more