CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
PoC Exploit Releases for Zimbra RCE Flaw CVE-2024-45519: Mass Exploitation Detected
Image: ptswarmZimbra, one of the most widely used email and collaboration platforms globally, has recently been identified as vulnerable to a critical security flaw that could allow attackers to take ... Read more
-
Cybersecurity News
Microarchitectural Control-flow Integrity (μCFI): Thwarting Timing & Hijacking Attacks
CPU-specific formal verification flow | Image: COMSECIn a study, researchers from COMSEC, the computer security group at ETH Zurich’s Department of Information Technology and Electrical Engineering (D ... Read more
-
Cybersecurity News
CVE-2024-8940 (CVSS 10): Critical Flaw in Scriptcase Low-Code Platform Leaves Developers at Risk
Developers using the popular low-code platform Scriptcase are urged to update their software immediately after discovering three critical vulnerabilities that could expose their applications to seriou ... Read more
-
Cybersecurity News
CVE-2024-9194: SQLi Flaw Discovered in Octopus Server, Urgent Patch Recommended
Octopus Deploy, a leading continuous delivery platform used by thousands of software teams worldwide, has released a critical security update to address a severe vulnerability (CVE-2024-9194) in its O ... Read more
-
TheCyberThrone
WordPress Plugin GiveWP Bug CVE-2024-8353
A critical vulnerability has been discovered in the popular GiveWP donation plugin for WordPress, potentially allowing unauthenticated attackers to take complete control of affected websites.The vulne ... Read more
-
Cybersecurity News
CVE-2024-47070: Critical Flaw in authentik Identity Provider Allows Authentication Bypass
A critical security vulnerability (CVE-2024-47070) has been discovered in the popular Identity Provider (IdP) and Single Sign-On (SSO) solution, authentik. Rated with a high CVSS score of 9.1, this fl ... Read more
-
BleepingComputer
Arc browser launches bug bounty program after fixing RCE bug
The Browser Company has introduced an Arc Bug Bounty Program to encourage security researchers to report vulnerabilities to the project and receive rewards. This development comes in response to a cri ... Read more
-
Dark Reading
Zimbra RCE Vuln Under Attack Needs Immediate Patching
Source: Color4260 via ShutterstockAttackers are actively targeting a severe remote code execution vulnerability that Zimbra recently disclosed in its SMTP server, heightening the urgency for affected ... Read more
-
europa.eu
Cyber Brief 24-10 - September 2024
Cyber Brief (September 2024)October 1, 2024 - Version: 1.0TLP:CLEARExecutive summaryWe analysed 269 open source reports for this Cyber Brief1.Relating to cyber policy and law enforcement, in Europe, l ... Read more
-
security.nl
VS meldt actief misbruik van kritiek beveiligingslek in D-Link DIR 820-router
Aanvallers maken actief misbruik van een kritieke kwetsbaarheid in de D-Link DIR 820-router. Daarvoor waarschuwt het Cybersecurity and Infrastructure Security Agency (CISA) van het Amerikaanse ministe ... Read more