CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
Google Patches Actively Exploited Zero-Day in September Android Update
Google’s September 2024 Android security patch addresses 36 vulnerabilities, one of which has already been exploited in active targeted attacks. The zero-day flaw, tracked as CVE-2024-32896 (CVSS scor ...
-
Cybersecurity News
Researcher Identifies ToddyCat-Inspired APT Attack Leveraging ICMP Backdoor and Microsoft Exchange Flaws
Image: KasperskyCybersecurity researchers at Kaspersky’s Global Emergency Response Team (GERT) have uncovered a sophisticated attack involving an ICMP backdoor, bearing striking similarities to the ta ...
-
Dark Reading
North Korean APT Exploits Novel Chromium, Windows Bugs to Steal Crypto
Source: Piotr Malczyk via Alamy Stock PhotoA threat actor belonging to North Korean intelligence burned two novel vulnerabilities last month in an attempt to steal from the cryptocurrency industry.Mos ...
-
BleepingComputer
Zyxel warns of critical OS command injection flaw in routers
Zyxel has released security updates to address a critical vulnerability impacting multiple models of its business routers, potentially allowing unauthenticated attackers to perform OS command injectio ...
-
BleepingComputer
D-Link says it is not fixing four RCE flaws in DIR-846W routers
D-Link is warning that four remote code execution (RCE) flaws impacting all hardware and firmware versions of its DIR-846W router will not be fixed as the products are no longer supported. The four RC ...
-
Darktrace
Lifting the Fog: Darktrace’s Investigation into Fog Ransomware
Cyber attacks on internet-facing systemsIn the first half of 2024, the Darktrace Threat Research team observed multiple campaigns of threat actors targeting vulnerabilities in internet-facing systems, ...
-
TheCyberThrone
VMware fixes CVE-2024-38811 in Fusion
VMware has released patch for a high-severity flaw that has been identified in VMware Fusion, that allow a malicious actor with standard user privileges to execute arbitrary code within the context o ...
-
The Cyber Express
CERT-IN Warns About Critical Vulnerabilities in Palo Alto Networks Applications
The Indian Computer Emergency Response Team (CERT-IN) has issued advisories regarding critical vulnerabilities affecting several Palo Alto Networks applications. These vulnerabilities could allow atta ...
-
The Hacker News
Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus
A hacktivist group known as Head Mare has been linked to cyber attacks that exclusively target organizations located in Russia and Belarus. "Head Mare uses more up-to-date methods for obtaining initia ...
-
Help Net Security
Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261)
Zyxel has patched a myriad of vulnerabilities in its various networking devices, including a critical one (CVE-2024-7261) that may allow unauthenticated attackers to execute OS commands on many Zyxel ...