CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Dark Reading
'Void Banshee' Exploits Second Microsoft Zero-Day
Source: Anucha Cheechang via ShutterstockMicrosoft has recategorized a bug that the company fixed in this month's Patch Tuesday update as a zero-day vulnerability, which the "Void Banshee" advanced pe ... Read more
-
Dark Reading
Ivanti Cloud Bug Goes Under Exploit After Alarms Are Raised
Source: NicoElNino via Alamy Stock PhotoJust days after Ivanti released an advisory regarding a high-severity vulnerability in its Cloud Service Appliance (CSA), the company is alerting customers that ... Read more
-
BleepingComputer
CISA warns of Windows flaw used in infostealer malware attacks
CISA has ordered U.S. federal agencies to secure their systems against a recently patched Windows MSHTML spoofing zero-day bug exploited by the Void Banshee APT hacking group. The vulnerability (CVE- ... Read more
-
BleepingComputer
Exploit code released for critical Ivanti RCE flaw, patch now
A proof-of-concept (PoC) exploit for CVE-2024-29847, a critical remote code execution (RCE) vulnerability in Ivanti Endpoint Manager, is now publicly released, making it crucial to update devices. The ... Read more
-
BleepingComputer
D-Link fixes critical RCE, hardcoded password flaws in WiFi 6 routers
D-Link has fixed critical vulnerabilities in three popular wireless router models that allow remote attackers to execute arbitrary code or access the devices using hardcoded credentials. The impacted ... Read more
-
TheCyberThrone
Spring Framework Vulnerability CVE-2024-38816 fixed
A high severity vulnerability has been discovered in the Spring Framework, that allows attackers to gain unauthorized access to sensitive files on the server, posing a significant risk of data breache ... Read more
-
Help Net Security
Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461)
CVE-2024-43461, a spoofing vulnerability affecting Windows MSHTML – a software component used by various apps for rendering render web pages on Windows – “was exploited as a part of an attack chain re ... Read more
-
Cybersecurity News
Multiple Critical Vulnerabilities Found in D-Link WiFi Routers: Immediate Firmware Updates Advised
Multiple critical vulnerabilities in D-Link routers have been disclosed, potentially affecting millions of users worldwide. TWCERT/CC, Taiwan’s cybersecurity agency, has issued urgent advisories, urgi ... Read more
-
security.nl
D-Link wifi-routers via kritieke kwetsbaarheden op afstand over te nemen
Kritieke kwetsbaarheden maken het mogelijk om verschillende type wifi-routers van fabrikant D-Link op afstand over te nemen. Het gaat onder andere om een 'verborgen functie' waardoor Telnet wordt inge ... Read more
-
security.nl
Microsoft bevestigt alsnog actief misbruik van Windows MSHTML-spoofinglek
Een kwetsbaarheid in Windows waarvoor Microsoft vorige week een beveiligingsupdate uitbracht werd voor het uitkomen van de patch actief misbruikt, zo heeft techbedrijf alsnog bevestigd. In eerste inst ... Read more