CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
Threat Actors Exploit HR-Related Phishing Tactics in Sophisticated Credential-Stealing Campaigns
Image: CofensePhishing attacks continue to evolve in complexity, and the latest report from the Cofense Phishing Defense Center highlights a troubling trend: cybercriminals are increasingly using HR-r ... Read more
-
Cybersecurity News
Critical Security Flaws in Camaleon CMS Put Web Servers at Risk – Users Urged to Upgrade Immediately
In a significant development for website owners and administrators using Camaleon CMS, a critical security update has been released to address several vulnerabilities, some of which are already being ... Read more
-
Dark Reading
Ivanti's Cloud Service Appliance Attacked via Second Vuln
Source: Kristoffer Tripplaar via Alamy Stock PhotoLess than two weeks after patching one flaw, Ivanti announced on Sept. 19 that a second, critical Cloud Services Appliance (CSA) vulnerability is bein ... Read more
-
Dark Reading
Zero-Click MediaTek Bug Opens Phones, Wi-Fi to Takeover
Source: Ros Drinkwater via Alamy Stock PhotoA nearly max-critical zero-click vulnerability is impacting MediaTek Wi-Fi chipsets and driver bundles used in routers and smartphones from various manufact ... Read more
-
The Register
Ivanti patches exploited admin command execution flaw
The US Cybersecurity and Infrastructure Security Agency (CISA) just added the latest Ivanti weakness to its Known Exploited Vulnerability (KEV) catalog, a situation sure to annoy some – given that it' ... Read more
-
Kaspersky
-=TWELVE=- is back
In the spring of 2024, posts with real people’s personal data began appearing on the -=TWELVE=- Telegram channel. Soon it was blocked for falling foul of the Telegram terms of service. The group staye ... Read more
-
The Hacker News
Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East
An Iranian advanced persistent threat (APT) threat actor likely affiliated with the Ministry of Intelligence and Security (MOIS) is now acting as an initial access facilitator that provides remote acc ... Read more
-
security.nl
Ivanti waarschuwt voor actief misbruik van 'toevallig' gepatcht CSA-lek
Softwarebedrijf Ivanti waarschuwt klanten voor een kritiek path traversal-lek in Cloud Service Appliance (CSA) waar aanvallers actief misbruik van maken en dat 'bij toeval' op 10 september werd opgelo ... Read more
-
TheCyberThrone
Ivanti fixes CVE-2024-8963 Flaw that added to KEV catalog
Ivanti has released a patch for a critical vulnerability in its new Cloud Services Appliance (CSA) vulnerability, which will lead to a path traversal issueThe vulnerability tracked as CVE-2024-8963 wi ... Read more
-
The Hacker News
Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks
Enterprise Security / Network Security Ivanti has revealed that a critical security flaw impacting Cloud Service Appliance (CSA) has come under active exploitation in the wild. The new vulnerability, ... Read more