CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
LNK Stomping (CVE-2024-38217): Microsoft Patches Years-Old Zero-Day Flaw
Image: Elastic SecurityMicrosoft’s September 2024 security update addresses a zero-day vulnerability affecting Smart App Control and SmartScreen. This vulnerability, dubbed “LNK stomping” (CVE-2024-38 ... Read more
-
The Hacker News
Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows Flaws
Windows Security / Vulnerability Microsoft on Tuesday disclosed that three new security flaws impacting the Windows platform have come under active exploitation as part of its Patch Tuesday update for ... Read more
-
The Hacker News
Ivanti Releases Urgent Security Updates for Endpoint Manager Vulnerabilities
Enterprise Security / Vulnerability Ivanti has released software updates to address multiple security flaws impacting Endpoint Manager (EPM), including 10 critical vulnerabilities that could result in ... Read more
-
Cybersecurity News
From Charging to Hijacking: The Autel MaxiCharger Vulnerability
Image: Sector 7The transition to electric vehicles (EVs) is rapidly gaining momentum, but the recent Pwn2Own Automotive 2024 competition in Tokyo has revealed a concerning vulnerability: EV chargers t ... Read more
-
Cybersecurity News
CVE-2024-45032 (CVSS 10): Siemens Issues Critical Security Patch for Industrial Edge Management
Siemens has released a critical security advisory for its Industrial Edge Management platform, warning of an Authorization Bypass vulnerability that could have serious implications for industrial netw ... Read more
-
Cybersecurity News
CVE-2024-45411: Twig Sandbox Bypass Vulnerability Puts PHP Applications at Risk
A critical security vulnerability has been discovered in Twig, a widely used PHP template engine, potentially allowing attackers to bypass sandbox restrictions and execute malicious code. The vulnerab ... Read more
-
Cybersecurity News
CVE-2024-6596 (CVSS 9.8): Critical Code Injection Flaw Found in Endress+Hauser Products
CERT@VDE coordinated with Endress+Hauser, a well-known leader in industrial automation and instrumentation, has issued a security advisory for a critical vulnerability (CVE-2024-6596) affecting severa ... Read more
-
Cybersecurity News
Microsoft’s September Patch Tuesday: A Patchwork of Urgency with 4 Zero-Days Under Attack
This September’s edition of Microsoft’s Patch Tuesday addresses 79 vulnerabilities, including 6 critical and 71 important severity issues. Among these, four zero-day vulnerabilities were actively expl ... Read more
-
Cybersecurity News
CVE-2024-42500 (CVSS 9.3): Critical HPE HP-UX Vulnerability Demands Immediate Action
A critical vulnerability has been discovered in HPE HP-UX’s Network File System (NFSv4), leaving systems open to potential denial-of-service (DoS) attacks. This vulnerability, tracked as CVE-2024-4250 ... Read more
-
Cybersecurity News
Earth Preta’s Cyber Arsenal Expands: New Malware and Strategies Target APAC Governments
A new report from Trend Micro has revealed that Earth Preta, the notorious cyber espionage group, has significantly evolved its tactics and malware arsenal, posing a heightened threat to government en ... Read more