CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
VMware fixes flaws identified in Chinese Matrix Cup
VMware released patches for two critical vulnerabilities in its vCenter Server platform and warned that there’s a major risk of remote code execution attacks.The first vulnerability tracked as CVE-202 ... Read more
-
Trend Micro
Vulnerabilities in Cellular Packet Cores Part IV: Authentication
Exploits & Vulnerabilities Our research reveals two significant vulnerabilities in Microsoft Azure Private 5G Core (AP5GC). The first vulnerability (CVE-2024-20685) allows a crafted signaling message ... Read more
-
Dark Reading
Zero-Click RCE Bug in macOS Calendar Exposes iCloud Data
Source: Bjanka Kadic via Alamy Stock PhotoA zero-click chain of critical-, medium-, and low-severity vulnerabilities in macOS could have allowed attackers to undermine macOS's brand name security prot ... Read more
-
The Register
VMware patches remote make-me-root holes in vCenter Server, Cloud Foundation
Broadcom has emitted a pair of patches for vulnerabilities in VMware vCenter Server that a miscreant with network access to the software could exploit to completely commandeer a system. This also affe ... Read more
-
BleepingComputer
Broadcom fixes critical RCE bug in VMware vCenter Server
Broadcom has fixed a critical VMware vCenter Server vulnerability that attackers can exploit to gain remote code execution on unpatched servers via a network packet. vCenter Server is the central mana ... Read more
-
BleepingComputer
PKfail Secure Boot bypass remains a significant risk two months later
Roughly nine percent of tested firmware images use non-production cryptographic keys that are publicly known or leaked in data breaches, leaving many Secure Boot devices vulnerable to UEFI bootkit mal ... Read more
-
The Cyber Express
Apple Urges Users to Install iOS 18 to Fix 33 iPhone Vulnerabilities
Apple has officially released iOS 18, which is the latest software update for iPhones and iPads. While the software introduces exciting new features, the most critical part of this update lies in its ... Read more
-
The Hacker News
Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense
Google has announced that it will be switching from KYBER to ML-KEM in its Chrome web browser as part of its ongoing efforts to defend against the risk posed by cryptographically relevant quantum comp ... Read more
-
Help Net Security
PoC exploit for exploited Ivanti Cloud Services Appliance flaw released (CVE-2024-8190)
CVE-2024-8190, an OS command injection vulnerability in Ivanti Cloud Services Appliance (CSA) v4.6, is under active exploitation. Details about the attacks are still unknown, but there may be more in ... Read more
-
security.nl
Siri-lekken geven opnieuw toegang tot gegevens op vergrendelde iPhone
Kwetsbaarheden in Apples spraakassistent Siri maken het opnieuw mogelijk voor een aanvaller met fysieke toegang tot een vergrendelde iPhone om gevoelige informatie te stelen. Apple heeft beveiligingsu ... Read more