CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
GitLab fixes several vulnerabilities including CVE-2024-6678
GitLab has released critical security patches for its Community Edition (CE) and Enterprise Edition (EE) that could allow an attacker to execute arbitrary code.Vulnerability detailsCVE-2024-6678 with ... Read more
-
BleepingComputer
GitLab warns of critical pipeline execution vulnerability
GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions. ... Read more
-
security.nl
Apple Vision Pro kon via eye-tracking wachtwoord van gebruikers lekken
Een kwetsbaarheid in de Apple Vision Pro maakte het mogelijk om wachtwoorden en andere invoer van gebruikers te achterhalen, zo ontdekten onderzoekers. Die rapporteerden het probleem aan Apple, dat ei ... Read more
-
Cybersecurity News
Fortinet Faces Potential Data Breach, Customer Data at Risk
In a concerning development for cybersecurity giant Fortinet, a potential data breach has come to light, raising alarms about the security of sensitive customer information. The incident reportedly af ... Read more
-
The Hacker News
Exposed Selenium Grid Servers Targeted for Crypto Mining and Proxyjacking
Cryptocurrency / Network Security Internet-exposed Selenium Grid instances are being targeted by bad actors for illicit cryptocurrency mining and proxyjacking campaigns. "Selenium Grid is a server tha ... Read more
-
Help Net Security
Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869)
Among the security updates released by Adobe on Tuesday are those for various versions of Adobe Acrobat and Reader, which fix two critical flaws that could lead to arbitrary code execution: CVE-2024-4 ... Read more
-
security.nl
Actief misbruikt lek in Windows Installer sinds januari bij Microsoft bekend
Een kwetsbaarheid in de Windows Installer waar aanvallers actief misbruik van maken bij aanvallen was al sinds januari bij Microsoft bekend. Dat meldt securitybedrijf SEC Consult dat het probleem bij ... Read more
-
The Register
About that Windows Installer 'make me admin' security hole. Here's how it's exploited
In this week's Patch Tuesday Microsoft alerted users to, among other vulnerabilities, a flaw in Windows Installer that can be exploited by malware or a rogue user to gain SYSTEM-level privileges to hi ... Read more
-
The Cyber Express
Cert-In Issues High Severity Warning for Android Users, Recommends Patching
The Indian Computer Emergency Response Team (CERT-In), functioning under the Ministry of Electronics and Information Technology, has issued a high-severity warning aimed at users operating Android OS ... Read more
-
Dark Reading
Hackers Proxyjack & Cryptomine Selenium Grid Servers
Source: Olekcii Mach via Alamy Stock PhotoThreat actors are infecting Internet-exposed Selenium Grid servers, with the goal of using victims' Internet bandwidth for cryptomining, proxyjacking, and pot ... Read more