CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools
Vulnerability / Cyber Attack A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop so ...
-
The Hacker News
CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the ...
-
Cybersecurity News
CVE-2024-12727 and More: Sophos Issues Urgent Firewall Security Update
Sophos has announced the resolution of three critical security vulnerabilities affecting its Sophos Firewall product, a widely used network security tool. These vulnerabilities, tracked as CVE-2024-12 ...
-
Cybersecurity News
PoC Exploit Released for Databricks Remote Code Execution Vulnerability CVE-2024-49194
A newly discovered vulnerability in the Databricks JDBC Driver (CVE-2024-49194) could allow attackers to remotely execute code on vulnerable systems. The flaw, found by security researchers at Alibaba ...
-
Cybersecurity News
CVE-2024-49576 and CVE-2024-47810: Foxit Addresses Remote Code Execution Flaws
Foxit has released a crucial security update for its widely used Foxit PDF Reader and Foxit PDF Editor. The update, version 2024.4, resolves multiple vulnerabilities that pose significant risks, inclu ...
-
Cybersecurity News
CVE-2024-49775 (CVSS 9.8): Critical Vulnerability in Siemens UMC Exposes Systems to Remote Exploitation
Siemens has disclosed a critical heap-based buffer overflow vulnerability (CVE-2024-49775) in its User Management Component (UMC), a core element integrated into several of its products. If exploited, ...
-
Cybersecurity News
cShell DDoS Bot Exploits Poorly Managed Linux SSH Servers
AhnLab Security Intelligence Center (ASEC) has uncovered a new strain of DDoS malware called cShell, which specifically targets poorly managed Linux SSH servers. The malware exploits weak credentials ...
-
Cybersecurity News
Earth Koshchei’s Rogue RDP Campaign: A Sophisticated APT Attack Targets Governments and Enterprises
Trend Micro has unveiled a large-scale rogue remote desktop protocol (RDP) campaign conducted by the threat group Earth Koshchei. Known for their espionage operations, Earth Koshchei leveraged spear-p ...
-
TheCyberThrone
CISA adds BeyondTrust CVE-2024-12356 to its KEV Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.CVE-2024-12356: Command Injection Vulnerability in BeyondTrust PRA and RSO ...
-
Dark Reading
Fortinet Addresses Unpatched Critical RCE Vector
Source: Konstantin Nechaev via Alamy Stock PhotoNEWS BRIEFFortinet has finally patched a critical security vulnerability in its Wireless LAN Manager (FortiWLM) that could allow unauthenticated sensiti ...