CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
Spring Framework Vulnerability CVE-2024-38816 fixed
A high severity vulnerability has been discovered in the Spring Framework, that allows attackers to gain unauthorized access to sensitive files on the server, posing a significant risk of data breache ...
-
Help Net Security
Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461)
CVE-2024-43461, a spoofing vulnerability affecting Windows MSHTML – a software component used by various apps for rendering render web pages on Windows – “was exploited as a part of an attack chain re ...
-
Cybersecurity News
Multiple Critical Vulnerabilities Found in D-Link WiFi Routers: Immediate Firmware Updates Advised
Multiple critical vulnerabilities in D-Link routers have been disclosed, potentially affecting millions of users worldwide. TWCERT/CC, Taiwan’s cybersecurity agency, has issued urgent advisories, urgi ...
-
security.nl
D-Link wifi-routers via kritieke kwetsbaarheden op afstand over te nemen
Kritieke kwetsbaarheden maken het mogelijk om verschillende type wifi-routers van fabrikant D-Link op afstand over te nemen. Het gaat onder andere om een 'verborgen functie' waardoor Telnet wordt inge ...
-
security.nl
Microsoft bevestigt alsnog actief misbruik van Windows MSHTML-spoofinglek
Een kwetsbaarheid in Windows waarvoor Microsoft vorige week een beveiligingsupdate uitbracht werd voor het uitkomen van de patch actief misbruikt, zo heeft techbedrijf alsnog bevestigd. In eerste inst ...
-
The Register
23andMe settles class-action breach lawsuit for $30 million
Infosec In Brief Genetic testing outfit 23andMe has settled a proposed class action case related to a 2023 data breach for $30 million. Documents [PDF] filed in a San Francisco federal court last Thur ...
-
Cybersecurity News
New Zero-Day Emerges After Microsoft Patch Tuesday: CVE-2024-43461 Targets Windows MSHTML
IE and a promote window dialog appear when the victim double-clicks on the .url file | Image: Check PointIn an unexpected turn of events, Microsoft has revised its September 2024 Patch Tuesday securit ...
-
Cybersecurity News
CVE-2024-38816: Spring Framework Path Traversal Vulnerability Threatens Millions
A serious security vulnerability, identified as CVE-2024-38816 (CVSS 7.5), has been discovered in the popular Spring Framework, potentially affecting millions of Java applications worldwide. This path ...
-
Cybersecurity News
PoC Exploit Released for Ivanti EPM Flaw CVE-2024-29847 (CVSS 10)
Image: Horizon3.aiSecurity researcher James Horseman from Horizon3.ai has disclosed the technical details and a proof-of-concept (PoC) exploit code for a critical vulnerability (CVE-2024-29847) in Iva ...
-
Cybersecurity News
Ajina.Banker: Unmasking the Android Malware Targeting Central Asian Banks
Screenshot of the sample found on the VirusTotal platformCybersecurity analysts at Group-IB have uncovered a sophisticated malware campaign targeting bank customers in Central Asia. Dubbed “Ajina.Bank ...