CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Critical SSRF Vulnerability Patched in LNbits Lightning Wallet Server
LNbits, the modular and extendable Lightning Network wallet server, has patched a critical Server-Side Request Forgery (SSRF) vulnerability that exposed internal services to potential exploitation via ...
-
Daily CyberSecurity
High-Severity XXE Vulnerability Found in NAKIVO Backup & Replication
A high-severity security vulnerability has been identified in NAKIVO Backup & Replication, a popular data protection solution. The vulnerability, classified as an XML External Entity (XXE) issue and t ...
-
Trend Micro
Incomplete NVIDIA Patch to CVE-2024-0132 Exposes AI Infrastructure and Data to Critical Risks
Summary: Trend Research identified that NVIDIA’s September 2024 security update for a critical vulnerability (CVE-2024-0132) in the NVIDIA Container Toolkit was incomplete, leaving systems potentially ...
-
The Register
April's Patch Tuesday leaves unlucky Windows Hello users unable to login
Updated Those keen to get their Microsoft PCs patched up as soon as possible have been getting an unpleasant shock when they try to get in using Windows Hello. The patch bundle released yesterday is g ...
-
Dark Reading
CrushFTP Exploitation Continues Amid Disclosure Dispute
Source: lumerb via Alamy Stock PhotoExploitation activity continues against a critical vulnerability in CrushFTP file transfer software, which has been mired in an ongoing disclosure dispute.On April ...
-
BleepingComputer
Hackers target SSRF bugs in EC2-hosted sites to steal AWS credentials
A targeted campaign exploited Server-Side Request Forgery (SSRF) vulnerabilities in websites hosted on AWS EC2 instances to extract EC2 Metadata, which could include Identity and Access Management (IA ...
-
BleepingComputer
Critical FortiSwitch flaw lets hackers change admin passwords remotely
Fortinet has released security patches for a critical vulnerability in its FortiSwitch devices that can be exploited to change administrator passwords remotely. The company says Daniel Rozeboom of the ...
-
Daily CyberSecurity
Google Launches Cloud WAN for Secure, High-Performance Enterprise Networking
To address the expansive network transmission and coverage demands of enterprise and government institutions, Google has unveiled Cloud WAN at its Google NEXT 25 event—a fully managed, enterprise-grad ...
-
Cyber Security News
VMware Patches Multiple 47 Vulnerabilities VMware Tanzu Greenplum Backup & Components
VMware has released critical security updates to address 47 vulnerabilities across multiple VMware Tanzu Greenplum products, including 29 issues in VMware Tanzu Greenplum Backup and Restore and 18 bug ...
-
Cyber Security News
Windows Active Directory Domain Vulnerability Let Attackers Escalate Privileges
Microsoft has disclosed a significant security vulnerability in Active Directory Domain Services that could allow attackers to elevate their privileges to the system level, potentially gaining complet ...