CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
CUPS Exploit Turns Common Devices into DDoS Weapons
In a recent revelation, researchers at Akamai have identified a new attack vector exploiting vulnerabilities in the Common Unix Printing System (CUPS). This discovery highlights how everyday devices, ... Read more
-
TheCyberThrone
CISA adds CVE-2024-29824 to its KEV Catalog
The US CISA has added Ivanti EPM flaw to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation.CVE-2024-29824 Ivanti Endpoint Manager (EPM) SQL Injection Vulnerability: ... Read more
-
Cybersecurity News
CVE-2024-47374: LiteSpeed Cache Plugin Flaw Threatens Millions of WordPress Sites
A significant security vulnerability has been discovered in the LiteSpeed Cache plugin for WordPress, a widely used tool with over 6 million active installations. The flaw is an unauthenticated stored ... Read more
-
Cybersecurity News
DrayTek Patched Multi Flaws in Routers, Including CVE-2024-41592 (CVSS 10.0)
Potential attack scenarios | Image: ForescoutExperts from Forescout have uncovered 14 vulnerabilities in DrayTek routers, potentially allowing malicious actors to gain full access to these devices and ... Read more
-
Dark Reading
Near-'perfctl' Fileless Malware Targets Millions of Linux Servers
Source: J Poulssen via Alamy Stock PhotoA multipurpose and mysterious malware dropper has been terrorizing Linux servers worldwide for years, infecting untold thousands of victims with cryptomining an ... Read more
-
Ars Technica
Attackers exploit critical vulnerability recently patched in Zimbra servers
Attackers are actively exploiting a critical vulnerability in mail servers sold by Zimbra in an attempt to remotely execute malicious commands that install a backdoor, researchers warn. The vulnerabil ... Read more
-
Ars Technica
Attackers exploit critical Zimbra vulnerability using cc’d email addresses
Attackers are actively exploiting a critical vulnerability in mail servers sold by Zimbra in an attempt to remotely execute malicious commands that install a backdoor, researchers warn. The vulnerabil ... Read more
-
The Register
700K+ DrayTek routers are sitting ducks on the internet, open to remote hijacking
Fourteen newly found bugs in DrayTek Vigor routers — including one critical remote-code-execution flaw that received a perfect 10 out of 10 CVSS severity rating — could be abused by crooks looking to ... Read more
-
Dark Reading
Unix Printing Vulnerabilities Enable Easy DDoS Attacks
Source: sofiacorte via ShutterstockIt turns out that remote code execution is not the only way attackers can leverage a critical set of four vulnerabilities that a researcher recently disclosed in the ... Read more
-
The Register
Two simple give-me-control security bugs found in Optigo network switches used in critical manufacturing
Two trivial but critical security holes have been found in Optigo's Spectra Aggregation Switch, and so far no patch is available. The vulnerabilities, both with CVSS v4 severity scores of 9.3, can be ... Read more