CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Dark Reading
Single HTTP Request Can Exploit 6M WordPress Sites
Source: Primakov via ShutterstockA WordPress plug-in installed more than 6 million times is vulnerable to a cross-site scripting flaw (XSS) that allows attackers to escalate privileges and potentially ...
-
security.nl
'Nederland telt ruim tweehonderd Zimbra-mailservers met kritiek beveiligingslek'
Ruim tweehonderd Zimbra-mailservers in Nederland missen een beveiligingsupdate voor een op grote schaal aangevallen kritieke kwetsbaarheid, zo meldt The Shadowserver Foundation op basis van eigen onde ...
-
The Hacker News
Critical Apache Avro SDK Flaw Allows Remote Code Execution in Java Applications
Open Source / Software Security A critical security flaw has been disclosed in the Apache Avro Java Software Development Kit (SDK) that, if successfully exploited, could allow the execution of arbitra ...
-
Cybersecurity News
Cacti Network Monitoring Tool Patches Security Flaws, Including RCE Vulnerability
Popular open-source network monitoring tool, Cacti, has released an urgent security update addressing multiple vulnerabilities, including a critical Remote Code Execution (RCE) flaw.The update, versio ...
-
Cybersecurity News
CSP Bypass: A New Open-Source Tool for Ethical Hackers to Overcome Content Security Policies
Renowned security researcher Renniepak, the founder of Hacker Hideout, has launched an open-source tool called CSP Bypass. This tool is designed to assist ethical hackers and security researchers in i ...
-
The Cyber Express
Apple Patches iOS Security Flaw That Could Reveal Saved Passwords
Apple has released new updates for iOS and iPadOS to fix two important security problems affecting many iPhone and iPad models. These Apple updates, now available as iOS 18.0.1 and iPadOS 18.0.1, fix ...
-
Cybersecurity News
MediaTek Patches Critical Vulnerabilities in Smartphone, Tablet, and IoT Chipsets
MediaTek, a leading semiconductor company, has issued an October 2024 Product Security Bulletin addressing critical vulnerabilities affecting a wide range of its chipsets, including those used in smar ...
-
Cybersecurity News
Privilege Escalation and Remote Code Execution Threaten Cisco Routers: No Updates Available
In a recent security advisory, Cisco revealed multiple vulnerabilities impacting its Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers, which could potentially expose busine ...
-
Cybersecurity News
Redis Patches for Multi Flaws, Including Potential RCE (CVE-2024-31449)
Redis, a popular open-source data structure store often used as a database, cache, and message broker, has urged users to update their installations immediately following the discovery of three new se ...
-
Cybersecurity News
CVE-2024-47191: Critical Flaw in OATH-Toolkit PAM Module Could Lead to Root Exploits
A serious vulnerability has been identified in the OATH-Toolkit’s PAM module, exposing systems to potential root-level exploits when handling one-time password (OTP) authentication. This issue, tracke ...