CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News
US Sanctions Chinese Cybersecurity Firm for Firewall Exploit, Ransomware Attacks
SUMMARY Sanctions on Chinese Firm: The US sanctioned Sichuan Silence Information Technology and employee Guan Tianfeng for exploiting a firewall vulnerability in a major global cyberattack. Global Imp ...
-
BleepingComputer
Cleo patches critical zero-day exploited in data theft attacks
Cleo has released security updates for a zero-day flaw in its LexiCom, VLTransfer, and Harmony software, currently exploited in data theft attacks. In October, the company patched a pre-auth remote co ...
-
Help Net Security
Cleo patches zero-day exploited by ransomware gang
Cleo has released a security patch to address the critical vulnerability that started getting exploited while still a zero-day to breach internet-facing Cleo Harmony, VLTrader, and LexiCom instances. ...
-
TheCyberThrone
Splunk addresses CVE-2024-53247 in Secure Gateway
A critical vulnerability identified has been discovered in the Splunk Secure Gateway app, affecting various versions of Splunk Enterprise and the Splunk Cloud Platform.The vulnerability tracked as CVE ...
-
The Register
Apache issues patches for critical Struts 2 RCE bug
We now know the remote code execution vulnerability in Apache Struts 2 disclosed back in November carries a near-maximum severity rating following the publication of the CVE. According to the National ...
-
The Hacker News
Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS
Vulnerability / Device Security Details have emerged about a now-patched security vulnerability in Apple's iOS and macOS that, if successfully exploited, could sidestep the Transparency, Consent, and ...
-
The Hacker News
WordPress Hunk Companion Plugin Flaw Exploited to Silently Install Vulnerable Plugins
Website Security / Vulnerability Malicious actors are exploiting a critical vulnerability in the Hunk Companion plugin for WordPress to install other vulnerable plugins that could open the door to a v ...
-
security.nl
Beveiligingslek in macOS maakt remote code execution mogelijk
Een beveiligingslek in macOS maakt het voor een remote aanvaller mogelijk om code op systemen uit te voeren. Apple heeft beveiligingsupdates uitgebracht om het probleem te verhelpen. Apple kwam gister ...
-
TheCyberThrone
Ivanti fixes critical vulnerabilities in CSA
Ivanti has issued critical software updates to address several severe vulnerabilities in its Cloud Services Application (CSA). These vulnerabilities, tracked as CVE-2024-11639, CVE-2024-11772, and CVE ...
-
Cybersecurity News
CVE-2024-53677 (CVSS 9.5): Critical Vulnerability in Apache Struts Allows Remote Code Execution
Developers using the popular Apache Struts framework are urged to update their systems immediately following the discovery of a critical security flaw (CVE-2024-53677, CVSS 9.5) that could allow attac ...