CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
Don’t Fall for the Bait: Poseidon Stealer Masquerades as Sopha AI
Dialog box prompting the user to enter the password | Image: TRUIn a new wave of cyberattacks, macOS users are being targeted by the Poseidon Stealer malware, disguised as an installer for the highly ... Read more
-
Cybersecurity News
Critical Flaw in NixOS Package Manager: CVE-2024-45593 Allows Arbitrary File Write with Root Permissions
A high-severity security flaw has been discovered in Nix, the popular package manager for Linux and Unix-based systems. Identified as CVE-2024-45593, this vulnerability poses a significant threat, all ... Read more
-
Cybersecurity News
BadIIS Malware : 35+ IIS Servers Compromised in DragonRank Campaign
A recent report from Cisco Talos has exposed a new threat actor named DragonRank, a Chinese-speaking group specializing in SEO manipulation and cyberattacks. This group operates by exploiting vulnerab ... Read more
-
BleepingComputer
Windows vulnerability abused braille “spaces” in zero-day attacks
A recently fixed "Windows MSHTML spoofing vulnerability" tracked under CVE-2024-43461 is now marked as previously exploited after it was used in attacks by the Void Banshee APT hacking group. When fir ... Read more
-
TheCyberThrone
Docker Desktop bugs CVE-2024-8695 and CVE-2024-8696 fixed
Docker Desktop has been found to have two critical security vulnerabilities that could enable remote code execution (RCE) attacks.The vulnerabilities, tracked as CVE-2024-8695 with a CVSSv4 score of 9 ... Read more
-
TheCyberThrone
Citrix Workspace vulnerabilities fixed
Cloud Software Group has disclosed two vulnerabilities affecting Citrix Workspace app for Windows that could allow a malicious actor with low-level access to escalate their privileges to the highest l ... Read more
-
Help Net Security
Week in review: Veeam Backup & Replication RCE could soon be exploited, Microsoft fixes 4 0-days
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711) CVE-202 ... Read more
-
Cybersecurity News
Medusa Exploits Fortinet Flaw (CVE-2023-48788) for Stealthy Ransomware Attacks
A recent report from Bitdefender highlights how Medusa has not only continued its relentless attacks but has also established a unique online presence on both the dark web and the surface web, making ... Read more
-
Cybersecurity News
20+ Victims and Counting: Lynx Ransomware’s Swift Rise
The Tor site of Lynx | Image: Rapid7In a recent report from Rapid7 Labs, the Lynx ransomware group has emerged as a new threat in the ever-evolving landscape of cybercrime. Identified in July 2024, Ly ... Read more
-
databreaches.net
Multiple attacks forces CISA to order agencies to upgrade or remove end-of-life Ivanti appliance
Jonathan Greig reports: The nation’s top cyber watchdogs urged federal agencies to either remove or upgrade an Ivanti appliance that is no longer being updated and has been exploited in attacks. The t ... Read more