CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
CVE-2024-20432 (CVSS 9.9): Cisco Nexus Dashboard Fabric Controller Exposed to RCE
Cisco has issued a security advisory addressing a critical vulnerability (CVE-2024-20432) in its Nexus Dashboard Fabric Controller (NDFC). This flaw, which carries a severity rating of 9.9 out of 10 o ... Read more
-
Cybersecurity News
CUPS Exploit Turns Common Devices into DDoS Weapons
In a recent revelation, researchers at Akamai have identified a new attack vector exploiting vulnerabilities in the Common Unix Printing System (CUPS). This discovery highlights how everyday devices, ... Read more
-
TheCyberThrone
CISA adds CVE-2024-29824 to its KEV Catalog
The US CISA has added Ivanti EPM flaw to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation.CVE-2024-29824 Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability: ... Read more
-
Cybersecurity News
CVE-2024-47374: LiteSpeed Cache Plugin Flaw Threatens Millions of WordPress Sites
A significant security vulnerability has been discovered in the LiteSpeed Cache plugin for WordPress, a widely used tool with over 6 million active installations. The flaw is an unauthenticated stored ... Read more
-
Cybersecurity News
DrayTek Patched Multi Flaws in Routers, Including CVE-2024-41592 (CVSS 10.0)
Potential attack scenarios | Image: ForescoutExperts from Forescout have uncovered 14 vulnerabilities in DrayTek routers, potentially allowing malicious actors to gain full access to these devices and ... Read more
-
Dark Reading
Near-'perfctl' Fileless Malware Targets Millions of Linux Servers
Source: J Poulssen via Alamy Stock PhotoA multipurpose and mysterious malware dropper has been terrorizing Linux servers worldwide for years, infecting untold thousands of victims with cryptomining an ... Read more
-
Ars Technica
Attackers exploit critical vulnerability recently patched in Zimbra servers
Attackers are actively exploiting a critical vulnerability in mail servers sold by Zimbra in an attempt to remotely execute malicious commands that install a backdoor, researchers warn. The vulnerabil ... Read more
-
Ars Technica
Attackers exploit critical Zimbra vulnerability using cc’d email addresses
Attackers are actively exploiting a critical vulnerability in mail servers sold by Zimbra in an attempt to remotely execute malicious commands that install a backdoor, researchers warn. The vulnerabil ... Read more
-
The Register
700K+ DrayTek routers are sitting ducks on the internet, open to remote hijacking
Fourteen newly found bugs in DrayTek Vigor routers — including one critical remote-code-execution flaw that received a perfect 10 out of 10 CVSS severity rating — could be abused by crooks looking to ... Read more
-
Dark Reading
Unix Printing Vulnerabilities Enable Easy DDoS Attacks
Source: sofiacorte via ShutterstockIt turns out that remote code execution is not the only way attackers can leverage a critical set of four vulnerabilities that a researcher recently disclosed in the ... Read more