CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
Spring Framework Vulnerability CVE-2024-38816 fixed
A high severity vulnerability has been discovered in the Spring Framework, that allows attackers to gain unauthorized access to sensitive files on the server, posing a significant risk of data breache ... Read more
-
Help Net Security
Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461)
CVE-2024-43461, a spoofing vulnerability affecting Windows MSHTML – a software component used by various apps for rendering render web pages on Windows – “was exploited as a part of an attack chain re ... Read more
-
Cybersecurity News
Multiple Critical Vulnerabilities Found in D-Link WiFi Routers: Immediate Firmware Updates Advised
Multiple critical vulnerabilities in D-Link routers have been disclosed, potentially affecting millions of users worldwide. TWCERT/CC, Taiwan’s cybersecurity agency, has issued urgent advisories, urgi ... Read more
-
security.nl
D-Link wifi-routers via kritieke kwetsbaarheden op afstand over te nemen
Kritieke kwetsbaarheden maken het mogelijk om verschillende type wifi-routers van fabrikant D-Link op afstand over te nemen. Het gaat onder andere om een 'verborgen functie' waardoor Telnet wordt inge ... Read more
-
security.nl
Microsoft bevestigt alsnog actief misbruik van Windows MSHTML-spoofinglek
Een kwetsbaarheid in Windows waarvoor Microsoft vorige week een beveiligingsupdate uitbracht werd voor het uitkomen van de patch actief misbruikt, zo heeft techbedrijf alsnog bevestigd. In eerste inst ... Read more
-
The Register
23andMe settles class-action breach lawsuit for $30 million
Infosec In Brief Genetic testing outfit 23andMe has settled a proposed class action case related to a 2023 data breach for $30 million. Documents [PDF] filed in a San Francisco federal court last Thur ... Read more
-
Cybersecurity News
New Zero-Day Emerges After Microsoft Patch Tuesday: CVE-2024-43461 Targets Windows MSHTML
IE and a promote window dialog appear when the victim double-clicks on the .url file | Image: Check PointIn an unexpected turn of events, Microsoft has revised its September 2024 Patch Tuesday securit ... Read more
-
Cybersecurity News
CVE-2024-38816: Spring Framework Path Traversal Vulnerability Threatens Millions
A serious security vulnerability, identified as CVE-2024-38816 (CVSS 7.5), has been discovered in the popular Spring Framework, potentially affecting millions of Java applications worldwide. This path ... Read more
-
Cybersecurity News
PoC Exploit Released for Ivanti EPM Flaw CVE-2024-29847 (CVSS 10)
Image: Horizon3.aiSecurity researcher James Horseman from Horizon3.ai has disclosed the technical details and a proof-of-concept (PoC) exploit code for a critical vulnerability (CVE-2024-29847) in Iva ... Read more
-
Cybersecurity News
Ajina.Banker: Unmasking the Android Malware Targeting Central Asian Banks
Screenshot of the sample found on the VirusTotal platformCybersecurity analysts at Group-IB have uncovered a sophisticated malware campaign targeting bank customers in Central Asia. Dubbed “Ajina.Bank ... Read more