CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
BadIIS Malware : 35+ IIS Servers Compromised in DragonRank Campaign
A recent report from Cisco Talos has exposed a new threat actor named DragonRank, a Chinese-speaking group specializing in SEO manipulation and cyberattacks. This group operates by exploiting vulnerab ... Read more
-
BleepingComputer
Windows vulnerability abused braille “spaces” in zero-day attacks
A recently fixed "Windows MSHTML spoofing vulnerability" tracked under CVE-2024-43461 is now marked as previously exploited after it was used in attacks by the Void Banshee APT hacking group. When fir ... Read more
-
TheCyberThrone
Docker Desktop bugs CVE-2024-8695 and CVE-2024-8696 fixed
Docker Desktop has been found to have two critical security vulnerabilities that could enable remote code execution (RCE) attacks.The vulnerabilities, tracked as CVE-2024-8695 with a CVSSv4 score of 9 ... Read more
-
TheCyberThrone
Citrix Workspace vulnerabilities fixed
Cloud Software Group has disclosed two vulnerabilities affecting Citrix Workspace app for Windows that could allow a malicious actor with low-level access to escalate their privileges to the highest l ... Read more
-
Help Net Security
Week in review: Veeam Backup & Replication RCE could soon be exploited, Microsoft fixes 4 0-days
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711) CVE-202 ... Read more
-
Cybersecurity News
Medusa Exploits Fortinet Flaw (CVE-2023-48788) for Stealthy Ransomware Attacks
A recent report from Bitdefender highlights how Medusa has not only continued its relentless attacks but has also established a unique online presence on both the dark web and the surface web, making ... Read more
-
Cybersecurity News
20+ Victims and Counting: Lynx Ransomware’s Swift Rise
The Tor site of Lynx | Image: Rapid7In a recent report from Rapid7 Labs, the Lynx ransomware group has emerged as a new threat in the ever-evolving landscape of cybercrime. Identified in July 2024, Ly ... Read more
-
databreaches.net
Multiple attacks forces CISA to order agencies to upgrade or remove end-of-life Ivanti appliance
Jonathan Greig reports: The nation’s top cyber watchdogs urged federal agencies to either remove or upgrade an Ivanti appliance that is no longer being updated and has been exploited in attacks. The t ... Read more
-
TheCyberThrone
CISA adds Ivanti Bug CVE-2024-8190 to its Catalog
The US CISA added Ivanti vulnerability tracked as CVE-2024-8190 to its Known Exploited Vulnerabilities Catalog based on the evidence of active exploitationThe vulnerability affects Ivanti Cloud Servic ... Read more
-
security.nl
Ivanti meldt actief misbruik van beveiligingslek in Cloud Service Appliance
Aanvallers maken actief misbruik van een beveiligingslek in Ivanti Cloud Service Appliance (CSA), zo heeft het bedrijf zelf bekendgemaakt. Via de CSA kunnen organisaties software uitrollen, updates in ... Read more