CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Dark Reading
Hundreds of LLM Servers Expose Corporate, Health & Other Online Data
Source: AddMeshCube via Alamy Stock PhotoHundreds of open source large language model (LLM) builder servers and dozens of vector databases are leaking highly sensitive information to the open Web.As c ...
-
Cybersecurity News
ESET Uncovers Zero-Day Vulnerabilities in WPS Office, Exploited by APT-C-60
Overview of the exploit’s control flow | Image: ESETESET researchers have identified two severe vulnerabilities in WPS Office for Windows, widely exploited by the APT-C-60 cyberespionage group, which ...
-
Help Net Security
APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262)
ESET researchers discovered a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262). APT-C-60, a South Korea-aligned cyberespionage group, was exploiting it to target East Asia ...
-
Help Net Security
Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633)
Organizations using Fortra’s FileCatalyst Workflow are urged to upgrade their instances, so that attackers can’t access an internal HSQL database by exploiting known static credentials (CVE-2024-6633) ...
-
The Cyber Express
Critical Apache OFBiz Vulnerability CVE-2024-38856 Identified and Actively Exploited
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has flagged a security vulnerability affecting Apache OFBiz, the open-source enterprise resource planning (ERP) system. This Apache OFB ...
-
The Cyber Express
Critical WPML Plugin Flaw Exposes Millions of WordPress Sites to Remote Code Execution
A critical vulnerability has been discovered in the WPML (WordPress Multilingual) plugin, exposing millions of WordPress websites to potential Remote Code Execution (RCE) attacks. This WPML Plugin Fla ...
-
The Hacker News
CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports
Software Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw affecting the Apache OFBiz open-source enterprise resource ...
-
TheCyberThrone
WordPress WPML Plugin Critical Vulnerability CVE-2024-6386
Researchers have uncovered a critical vulnerability in WPML multilingual CMS Plugin for WordPress that leads to a Remote Code Execution, which potentially allows the compromise of impacted websites.Th ...
-
The Hacker News
Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution
WordPress Security / Website Protection A critical security flaw has been disclosed in the WPML WordPress multilingual plugin that could allow authenticated users to execute arbitrary code remotely un ...
-
Cybersecurity News
Cryptojacking Campaign Exploits Atlassian Confluence CVE-2023-22527 Vulnerability
Attack chain used in the second attack vectorTrend Micro researchers have uncovered a widespread cryptojacking campaign leveraging a critical vulnerability (CVE-2023-22527) in the Atlassian Confluence ...