CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
CISA adds Apple vulnerability CVE-2025-24085 to KEV Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.CVE-2025-24085 Apple Multiple Products Use-After-Free VulnerabilityCVE-202 ...
-
seclists.org
Quorum onQ OS - 6.0.0.5.2064 | Reflected Cross Site Scripting (XSS) | CVE-2024-44449
Full Disclosure mailing list archives From: Shaikh Shahnawaz <sshahnawaz99910 () gmail com> Date: Tue, 28 Jan 2025 13:43:53 +0400 [+] Credits: Shahnawaz Shaikh, Security Researcher at Cybergate Defens ...
-
BleepingComputer
New Aquabotv3 botnet malware targets Mitel command injection flaw
A new variant of the Mirai-based botnet malware Aquabot has been observed actively exploiting CVE-2024-41710, a command injection vulnerability in Mitel SIP phones. The activity was discovered by Akam ...
-
Dark Reading
PrintNightmare Aftermath: Windows Print Spooler is Better. What's Next?
Source: Mashka via ShutterstockThe 2021 PrintNightmare vulnerability exposed multiple deep-rooted security flaws in Microsoft's Print Spooler service, a core Windows component. The flaws, which had pe ...
-
Dark Reading
Unpatched Zyxel CPE Zero-Day Pummeled by Cyberattackers
Source: Timon Schneider via Alamy Stock PhotoNEWS BRIEFA command-injection vulnerability in Zyxel CPE Series devices is being targeted by threat actors, and there's no patch available.The bug, tracked ...
-
BleepingComputer
Laravel admin package Voyager vulnerable to one-click RCE flaw
Three vulnerabilities discovered in the open-source PHP package Voyager for managing Laravel applications could be used for remote code execution attacks. The issues remain unfixed and can be exploite ...
-
Dark Reading
Mirai Variant ‘Aquabot’ Exploits Mitel Device Flaws
Source: Kirill Ivanov via Alamy Stock PhotoYet another Mirai botnet variant is making the rounds, this time offering distributed denial-of-service (DDoS) as-a-service by exploiting flaws in Mitel SIP ...
-
security.nl
'Zyxel CPE-apparaten bevatten actief misbruikt beveiligingslek'
Vijftienhonderd Zyxel CPE (customer-provided equipment) apparaten die vanaf het internet toegankelijk bevatten een actief misbruikt beveiligingslek en een update is niet beschikbaar. Dat laat security ...
-
Help Net Security
Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891)
CVE-2024-40891, a command injection vulnerability in Zyxel CPE Series telecommunications devices that has yet to be fixed by the manufacturer, is being targeted by attackers, cybersecurity company Gre ...
-
The Register
Why is my Mitel phone DDoSing strangers? Oh, it was roped into a new Mirai botnet
A new variant of the Mirai-based malware Aquabot is actively exploiting a vulnerability in Mitel phones to build a remote-controlled botnet, according to Akamai's Security Intelligence and Response Te ...