CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Google Cloud
UNC1860 and the Temple of Oats: Iran’s Hidden Hand in Middle Eastern Networks
Written by: Stav Shulman, Matan Mimran, Sarah Bock, Mark Lechtik Executive Summary UNC1860 is a persistent and opportunistic Iranian state-sponsored threat actor that is likely affiliated with Iran’s ...
-
Help Net Security
Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488)
Researchers have released technical details about CVE-2024-45488, a critical authentication bypass vulnerability affecting One Identity’s Safeguard for Privileged Passwords (SPP), which could allow at ...
-
The Cyber Express
5 New Vulnerabilities Added to CISA’s Known Exploited List: Urgent Action Required
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, highlighting the continued threat that these securit ...
-
security.nl
CISA: kritiek lek in Apache HugeGraph-servers actief aangevallen
Aanvallers maken actief misbruik van een kritieke kwetsbaarheid in Apache HugeGraph Server waarvoor in april een beveiligingsupdate verscheen. Dat laat het Cybersecurity and Infrastructure Security Ag ...
-
Cybersecurity News
Sophisticated Cyber Espionage: Earth Baxia Uses CVE-2024-36401 and Cobalt Strike to Infiltrate APAC
Overview of the attack chain | Image: Trend MicroIn a recent report from Trend Micro, the cyber espionage group Earth Baxia has been identified targeting government organizations in Taiwan and potenti ...
-
The Hacker News
GitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE Editions
Enterprise Security / DevOps GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass. The vuln ...
-
TheCyberThrone
Microsoft Kernel Vulnerability CVE-2024-37985 exploited
Microsoft has confirmed the exploitation of a Windows Kernel vulnerability, identified as CVE-2024-37985, in the wild.This vulnerability, first released on July 9, 2024, and last updated on September ...
-
Cybersecurity News
Researchers Detail CVE-2024-38014 0-Day Vulnerability in Windows MSI Installers Exploited in the Wild
A patched zero-day vulnerability (CVE-2024-38014) affecting Microsoft Windows MSI installers has been discovered and exploited in the wild, according to an analysis by security researcher Michael Baer ...
-
Cybersecurity News
Next.js Vulnerability CVE-2024-46982: Cache Poisoning Exploit Threatens Deployments
In the fast-paced world of web development, security is a constant concern, especially for platforms that power high-traffic applications like Next.js. Recently, the Next.js team has disclosed a new v ...
-
Cybersecurity News
PoC Exploit Released for CVE-2024-7965 Zero-Day Chrome Vulnerability
Technical specifics and a proof-of-concept (PoC) exploit have been made available for a recently uncovered zero-day vulnerability, CVE-2024-7965, in the V8 JavaScript engine. Analyzed by experts at BI ...