CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Dark Reading
Hitachi Energy Vulnerabilities Plague SCADA Power Systems
Source: Panchenko Vladimir via ShutterstockHitachi Energy is urging customers of its MicroSCADA X SYS600 product for monitoring and controlling utility power systems to immediately upgrade to a newly ...
-
The Hacker News
APT-C-60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor
Cyber Attack / Vulnerability A South Korea-aligned cyber espionage has been linked to the zero-day exploitation of a now-patched critical remote code execution flaw in Kingsoft WPS Office to deploy a ...
-
cert.pl
Vulnerabilities in HyperView Geoportal Toolkit software
CVE ID CVE-2024-6449 Publication date 28 August 2024 Vendor HyperView Product Geoportal Toolkit Vulnerable versions All through 8.2.4 Vulnerability type (CWE) Permissive Cross-domain Policy with Untru ...
-
security.nl
Apache OFBiz ERP-systemen opnieuw doelwit van aanvallen
Apache OFBiz ERP-systemen zijn opnieuw het doelwit van aanvallen, zo waarschuwt het Cybersecurity and Infrastructure Security Agency (CISA) van het Amerikaanse ministerie van Homeland Security. OFBiz ...
-
cert.pl
Vulnerability in ConnX ESP HR Management software
CVE ID CVE-2024-7269 Publication date 28 August 2024 Vendor ConnX Product ESP HR Management Vulnerable versions All before 6.6 Vulnerability type (CWE) Improper Neutralization of Input During Web Page ...
-
The Hacker News
BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave
The threat actors behind the BlackByte ransomware group have been observed likely exploiting a recently patched security flaw impacting VMware ESXi hypervisors, while also leveraging various vulnerabl ...
-
Help Net Security
BlackByte affiliates use new encryptor and new TTPs
BlackByte, the ransomware-as-a-service gang believed to be one of Conti’s splinter groups, has (once again) created a new iteration of its encryptor. “Talos observed some differences in the recent Bla ...
-
Dark Reading
Hundreds of LLM Servers Expose Corporate, Health & Other Online Data
Source: AddMeshCube via Alamy Stock PhotoHundreds of open source large language model (LLM) builder servers and dozens of vector databases are leaking highly sensitive information to the open Web.As c ...
-
Cybersecurity News
ESET Uncovers Zero-Day Vulnerabilities in WPS Office, Exploited by APT-C-60
Overview of the exploit’s control flow | Image: ESETESET researchers have identified two severe vulnerabilities in WPS Office for Windows, widely exploited by the APT-C-60 cyberespionage group, which ...
-
Help Net Security
APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262)
ESET researchers discovered a remote code execution vulnerability in WPS Office for Windows (CVE-2024-7262). APT-C-60, a South Korea-aligned cyberespionage group, was exploiting it to target East Asia ...