CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
Critical Flaw in Ivanti CSA 4.6: CVE-2024-8963 Actively Exploited, Urgent Upgrade Required
Ivanti, a leader in enterprise software, has disclosed a critical vulnerability in its Ivanti Connect Secure Appliance (CSA) 4.6, identified as CVE-2024-8963. This vulnerability, rated at a CVSS score ... Read more
-
Cybersecurity News
Ransomware Groups Exploit Veeam Flaw CVE-2023-27532 in Nigerian Cyber Infrastructure
The Nigeria Computer Emergency Response Team (ngCERT) has issued an urgent alert warning of ransomware groups actively targeting critical systems across Nigeria. The alert focuses on a high-severity v ... Read more
-
Cybersecurity News
CVE-2023-48788 Exploited: Researcher Details Cyberattacks on Fortinet EMS
Medusa ransomware ransom note | Image: Unit 42In a concerning new development, cybersecurity researchers at Darktrace have unveiled a report detailing the exploitation of Fortinet’s FortiClient Endpoi ... Read more
-
Cybersecurity News
Google Warns: Dependency Scanners Often Misreport Vulnerabilities
The AutoVM team at Google has discovered that dependency scanning tools often mistakenly report vulnerabilities in software. These vulnerabilities may either pose no real security threat or require no ... Read more
-
Cybersecurity News
PoC Exploit Releases for Exploited Vulnerability CVE-2024-8190 in Ivanti Cloud Services Appliance
Authenticated Command Injection | Image: Horizon3.aiA proof-of-concept (PoC) exploit for CVE-2024-8190, an exploited OS command injection vulnerability in Ivanti Cloud Services Appliance, is now publi ... Read more
-
Cybersecurity News
Unmasking “Marko Polo”: The Infostealer Gang Targeting Thousands
Marko Polo infection chain (Source: Recorded Future)Researchers at Recorded Future have uncovered a large-scale cyberattack affecting tens of thousands of devices worldwide. It was later revealed that ... Read more
-
Cybersecurity News
Acronis Backup Plugins Hit by CVE-2024-8767: CVSS 9.9 Severity Alert
In a recent advisory published on September 16th, data protection powerhouse Acronis disclosed a critical security vulnerability in its popular backup plugins for server management platforms like cPan ... Read more
-
Trend Micro
How Ransomhub Ransomware Uses EDRKillShifter to Disable EDR and Antivirus Protections
Highlights: The group, Trend Micro tracked this group as Water Bakunawa, behind the RansomHub ransomware employs various anti-EDR techniques to play a high-stakes game of hide and seek with security s ... Read more
-
BleepingComputer
CISA warns of actively exploited Apache HugeGraph-Server bug
The U.S. Cybersecurity and Infrastructure Agency (CISA) has added five flaws to its Known Exploited Vulnerabilities (KEV) catalog, among which is a remote code execution (RCE) flaw impacting Apache Hu ... Read more
-
Dark Reading
GitLab Warns of Max Severity Authentication Bypass Bug
Source: T. Schneider via ShutterstockOrganizations with self-hosted GitLab instances configured for SAML-based authentication might want to update immediately to new versions of the DevOps platform th ... Read more