CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
Inside China’s State-Sponsored Hacking Competitions: Talent Spotting and Global Outreach
Source: CTFWar.A new report by the Atlantic Council sheds light on China’s sophisticated and highly structured Capture the Flag (CTF) competition framework, which is helping the country become a globa ...
-
TheCyberThrone
CISA adds SharePoint vulnerability to its KEV Catalog
The US CISA has added Microsoft SharePoint vulnerability to its Known Exploited Vulnerability Catalog based on the evidence of active exploitationCVE-2024-38094 With a CVSS score of 7.2, Microsoft Sha ...
-
Trend Micro
Unmasking Prometei: A Deep Dive Into Our MXDR Findings
Cyber Threats How does Prometei insidiously operate in a compromised system? This Managed Extended Detection and Response investigation conducted with the help of Trend Vision One provides a comprehen ...
-
Dark Reading
Samsung Zero-Day Vuln Under Active Exploit, Google Warns
Source: B Christopher via Alamy Stock PhotoA zero-day vulnerability, tracked as CVE-2024-44068, has been discovered in Samsung's mobile processors and is being used in an exploit chain for arbitrary c ...
-
Dark Reading
OPA for Windows Vulnerability Exposes NTLM Hashes
Source: adison pangchai via ShutterstockOrganizations using Open Policy Agent (OPA) for Windows should consider updating to v0.68.0 or later to protect against an authentication hash leakage vulnerabi ...
-
DoublePulsar
Burning Zero Days: FortiJump FortiManager vulnerability used by nation state in espionage via MSPs
Yes, I’ve made a logo in crayon and named this FortiJump.Did you know there’s widespread exploitation of FortiNet products going on using a zero day, and that there’s no CVE? Now you do.I’ve even made ...
-
BleepingComputer
Exploit released for new Windows Server "WinReg" NTLM Relay attack
Proof-of-concept exploit code is now public for a vulnerability in Microsoft's Remote Registry client that could be used to take control of a Windows domain by downgrading the security of the authenti ...
-
The Register
VMware fixes critical RCE, make-me-root bugs in vCenter - for the second time
VMware has pushed a second patch for a critical, heap-overflow bug in the vCenter Server that could allow a remote attacker to fully compromise vulnerable systems after the first software update, issu ...
-
The Register
Akira ransomware is encrypting victims again following pure extortion fling
Experts believe the Akira ransomware operation is up to its old tricks again, encrypting victims' files after a break from the typical double extortion tactics. That's according to James Nutland and M ...
-
The Hacker News
Security Flaw in Styra's OPA Exposes NTLM Hashes to Remote Attackers
Vulnerability / Software Security Details have emerged about a now-patched security flaw in Styra's Open Policy Agent (OPA) that, if successfully exploited, could have led to leakage of New Technology ...