CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Help Net Security
APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262)
ESET researchers discovered a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262). APT-C-60, a South Korea-aligned cyberespionage group, was exploiting it to target East Asia ...
-
Help Net Security
Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633)
Organizations using Fortra’s FileCatalyst Workflow are urged to upgrade their instances, so that attackers can’t access an internal HSQL database by exploiting known static credentials (CVE-2024-6633) ...
-
The Cyber Express
Critical Apache OFBiz Vulnerability CVE-2024-38856 Identified and Actively Exploited
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged a security vulnerability affecting Apache OFBiz, the open-source enterprise resource planning (ERP) system. This Apache OFB ...
-
The Cyber Express
Critical WPML Plugin Flaw Exposes Millions of WordPress Sites to Remote Code Execution
A critical vulnerability has been discovered in the WPML (WordPress Multilingual) plugin, exposing millions of WordPress websites to potential Remote Code Execution (RCE) attacks. This WPML Plugin Fla ...
-
The Hacker News
CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports
Software Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw affecting the Apache OFBiz open-source enterprise resource ...
-
TheCyberThrone
WordPress WPML Plugin Critical Vulnerability CVE-2024-6386
Researchers have uncovered a critical vulnerability in WPML multilingual CMS Plugin for WordPress that leads to a Remote Code Execution, which potentially allows the compromise of impacted websites.Th ...
-
The Hacker News
Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution
WordPress Security / Website Protection A critical security flaw has been disclosed in the WPML WordPress multilingual plugin that could allow authenticated users to execute arbitrary code remotely un ...
-
Cybersecurity News
Cryptojacking Campaign Exploits Atlassian Confluence CVE-2023-22527 Vulnerability
Attack chain used in the second attack vectorTrend Micro researchers have uncovered a widespread cryptojacking campaign leveraging a critical vulnerability (CVE-2023-22527) in the Atlassian Confluence ...
-
Cybersecurity News
Intel SGX Security Compromised: Root Provisioning Key Extracted
Recently, researcher Mark Ermolov has successfully extracted Intel’s SGX Fuse Key0, also known as the Root Provisioning Key. This key, introduced with Intel’s Skylake processors, is a cornerstone of I ...
-
Cybersecurity News
CVE-2024-6633 (CVSS 9.8): Critical Flaw in Fortra FileCatalyst Workflow
Fortra, a prominent provider of enterprise file transfer solutions, has released an urgent security advisory highlighting two critical vulnerabilities within its FileCatalyst Workflow product. Designa ...