CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Help Net Security
Week in review: PostgreSQL databases under attack, new Chrome zero-day actively exploited
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: PostgreSQL databases under attack Poorly protected PostgreSQL databases running on Linux machines are ... Read more
-
TheCyberThrone
PoC Exploit for Microsoft bug CVE-2024-38054 released
Security researcher ‘Frost’ has released proof-of-concept exploit code for the high-severity vulnerability in the Kernel Streaming WOW Thunk Service Driver could enable local attackers to escalate pri ... Read more
-
seclists.org
Re: [SYSS-2024-038] DiCal-RED - Use of Password Hash Instead of Password for Authentication
Full Disclosure mailing list archives Re: [SYSS-2024-038] DiCal-RED - Use of Password Hash Instead of Password for Authentication From: Jeffrey Walton <noloader () gmail com> Date: Thu, 22 Aug 2024 18 ... Read more
-
seclists.org
SCHUTZWERK-SA-2024-004: Buffer overread in U-Boot DHCP
Full Disclosure mailing list archives SCHUTZWERK-SA-2024-004: Buffer overread in U-Boot DHCP From: David Brown via Fulldisclosure <fulldisclosure () seclists org> Date: Fri, 23 Aug 2024 13:46:12 +0200 ... Read more
-
TheCyberThrone
Velvet Ant APT exploits Cisco bug CVE-2024-20399
Security researchers discovered that the China-linked APT group Velvet Ant has exploited the recently disclosed zero-day CVE-2024-20399 in Cisco switches to take over the network devices.Last month, C ... Read more
-
The Hacker News
CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September
Vulnerability / Government Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has placed a security flaw impacting Versa Director to its Known Exploited Vulnerabilities (KEV) ca ... Read more
-
TheCyberThrone
SolarWinds fixes CVE-2024-28987 in WHD Product
SolarWinds has released an update to a new security flaw in its Web Help Desk (WHD) software that could allow remote unauthenticated attackers to gain unauthorized access to vulnerable instances.The v ... Read more
-
TheCyberThrone
Sonicwall fixes CVE-2024-40766 in SonicOS
SonicWall has released patch for a critical vulnerability affecting their SonicOS and could allow unauthorized access to SonicWall firewalls, potentially leading to a complete system compromise.The v ... Read more
-
Cybersecurity News
CVE-2024-39717: Versa Networks Director GUI Flaw Under Active Attack, CISA Issues Urgent Patching Directive
In a recent cybersecurity alert, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has highlighted the active exploitation of a severe vulnerability identified as CVE-2024-39717. This f ... Read more
-
Cybersecurity News
ALBeast Vulnerability Exposes Thousands of AWS Applications to Critical AuthN/AuthZ Bypass
ALBeast attack demonstration | Image: MiggoA new configuration-based vulnerability, dubbed ALBeast, has been uncovered by Miggo Research, affecting a staggering number of applications relying on AWS A ... Read more