CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
CISA & Ivanti Warn of Active Exploitation Cloud Services Appliance Flaw CVE-2024-8190
A high-severity vulnerability (CVE-2024-8190) in Ivanti Cloud Services Appliance (CSA) is under active exploitation, prompting an urgent directive from the U.S. Cybersecurity and Infrastructure Securi ... Read more
-
Cybersecurity News
Rockwell Automation Products Face Critical Security Risks, Urgent Patching Required
Two recently discovered vulnerabilities in Rockwell Automation’s FactoryTalk software products pose a serious threat to industrial control systems (ICS). The vulnerabilities, tracked as CVE-2024-45823 ... Read more
-
Cybersecurity News
CVE-2024-45186: FileSender Vulnerability Poses Risk to User Credentials, Immediate Action Required
A severe security flaw has been identified in FileSender, the popular web-based application that allows authenticated users to securely send large files. The vulnerability, classified as CVE-2024-4518 ... Read more
-
cybereason.com
CUCKOO SPEAR Part 1: Analyzing NOOPDOOR from an IR Perspective
This Threat Analysis Report will delve into a newly discovered nation-state level threat Campaign tracked by Cybereason as Cuckoo Spear. It will outline how the associated Threat Actor persists stealt ... Read more
-
BleepingComputer
Ivanti warns high severity CSA flaw is now exploited in attacks
Ivanti confirmed on Friday that a high-severity vulnerability in its Cloud Services Appliance (CSA) solution is now actively exploited in attacks. "At the time of disclosure on September 10, we were n ... Read more
-
TheCyberThrone
Solarwinds fixes CVE-2024-28990 & CVE-2024-28991 in ARM Product
SolarWinds has released patches for two vulnerabilities affecting their Access Rights Manager (ARM) software, that have the potential to compromise the security of networks utilizing ARM, with impacts ... Read more
-
The Hacker News
Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers
Virtual Reality / Vulnerability Details have emerged about a now-patched security flaw impacting Apple's Vision Pro mixed reality headset that, if successfully exploited, could allow malicious attacke ... Read more
-
The Hacker News
Progress WhatsUp Gold Exploited Just Hours After PoC Release for Critical Flaw
Software Security / Threat Intelligence Malicious actors are likely leveraging publicly available proof-of-concept (PoC) exploits for recently disclosed security flaws in Progress Software WhatsUp Gol ... Read more
-
TheCyberThrone
Apache OFBiz Vulnerability CVE-2024-45195 actively exploited
Apache OFBiz has got a security update for a flaw CVE-2024-45195 with a CVSS score of 7.5 that allows attackers to bypass authorization checks and execute arbitrary code on the server, even without v ... Read more
-
Cybersecurity News
Citrix Workspace App Users Urged to Update Following Two Privilege Escalation Flaws
In a security advisory released recently, Cloud Software Group has disclosed two vulnerabilities affecting the widely used Citrix Workspace app for Windows. These vulnerabilities, identified as CVE-20 ... Read more