CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
GitLab backports fix for CVE-2024-45409 to older versions
In a crucial security release, GitLab has addressed a severe vulnerability (CVE-2024-45409) in its Community Edition (CE) and Enterprise Edition (EE) platforms, impacting all self-managed installation ... Read more
-
Cybersecurity News
New Malware Campaign Mines Crypto in Docker & Kubernetes
Datadog Security Research has uncovered a new and widespread malware campaign targeting Docker and Kubernetes environments, where threat actors exploit vulnerabilities in container orchestration techn ... Read more
-
Cybersecurity News
Proxmox Virtual Environment and Mail Gateway Exposed to Critical API Vulnerability
A critical vulnerability has been identified in Proxmox Virtual Environment (VE) and Proxmox Mail Gateway (PMG) that could allow unauthorized access to sensitive files and potentially lead to a full s ... Read more
-
Cybersecurity News
Mallox Expands Arsenal: Targets Linux with Modified Kryptina Ransomware
The Mallox Linux 1.0 ransom note Image: SentinelLabsSentinelLabs has discovered that a group associated with the Mallox (TargetCompany) campaign is utilizing a newly modified version of the Kryptina r ... Read more
-
Dark Reading
Third Ivanti Bug Comes Under Active Exploit, CISA Warns
Source: Kristoffer Tripplaar via Alamy Stock PhotoThe Cybersecurity and Infrastructure Security Agency (CISA) has added a third Ivanti vulnerability to the agency's Known Exploited Vulnerabilities (KE ... Read more
-
The Hacker News
Google's Shift to Rust Programming Cuts Android Memory Vulnerabilities by 52%
Secure Coding / Mobile Security Google has revealed that its transition to memory-safe languages such as Rust as part of its secure-by-design approach has led to the percentage of memory-safe vulnerab ... Read more
-
Help Net Security
PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987)
Details about and proof-of-concept (PoC) exploit code for CVE-2024-28987, a recently patched SolarWinds Web Help Desk (WHD) vulnerability that could be exploited by unauthenticated attackers to remote ... Read more
-
Dark Reading
Keep Tier-One Applications Out of Virtual Environments
Morey Haber, Chief Security Officer, BeyondTrustSeptember 25, 20245 Min ReadSource: Panther Media via Alamy Stock PhotoCOMMENTARYFor at least the past 20 years, virtual machines and enterprise-ready h ... Read more
-
Help Net Security
Ivanti vTM auth bypass flaw exploited in attacks, CISA warns (CVE-2024-7593)
CVE-2024-7593, a critical authentication bypass vulnerability affecting Ivanti Virtual Traffic Manager (vTM) appliances, is actively exploited by attackers. The confirmation comes from the Cybersecuri ... Read more
-
TheCyberThrone
CISA adds Ivanti CVE-2024-7593 to its KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Ivanti Virtual Traffic Manager authentication bypass vulnerability CVE-2024-7593 with a CVSS score 9.8 to its Known Exploited Vul ... Read more