Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
- Google Cloud
IOC Extinction? China-Nexus Cyber Espionage Actors Use ORB Networks to Raise Cost on Defenders
Written by: Michael Raggi Mandiant Intelligence is tracking a growing trend among China-nexus cyber espionage operations where advanced persistent threat (APT) actors utilize proxy networks known as “ ... Read more
- cert.pl
Vulnerability in Online Shopping System Advanced software
CVE ID CVE-2024-3579 Publication date 14 May 2024 Vendor Puneeth Reddy Product Online Shopping System Advanced Vulnerable versions All Vulnerability type (CWE) Improper Neutralization of Input During ... Read more
- cert.pl
Vulnerability in Ant Media Server software
CVE ID CVE-2024-3462 Publication date 13 May 2024 Vendor Ant Media Product Ant Media Server Community Edition Vulnerable versions all through 2.9.0 Vulnerability type (CWE) Incorrect Authorization (CW ... Read more
- Darktrace
Confluence CVE-2022-26134 Zero-Day: Detection & Guidance
What is WarmCookie malware?WarmCookie, also known as BadSpace [2], is a two-stage backdoor tool that provides functionality for threat actors to retrieve victim information and launch additional paylo ... Read more
- Zero Day Initiative
CVE-2024-21115: An Oracle VirtualBox LPE Used to Win Pwn2Own
None ... Read more
- cert.pl
Vulnerabilities in CemiPark software
CVE ID CVE-2024-4423 Publication date 09 May 2024 Vendor CEMI Tomasz Pawełek Product CemiPark Vulnerable versions 4.5, 4.7, 5.03 and potentially others Vulnerability type (CWE) Improper Neutralization ... Read more
- cert.pl
Vulnerabilities in Kioware for Windows
CVE ID CVE-2024-3459 Publication date 09 May 2024 Vendor Kioware Product Kioware for Windows Vulnerable versions all through 8.34 Vulnerability type (CWE) Improper Protection of Alternate Path (CWE-42 ... Read more
- DoublePulsar
Breaking down Microsoft’s pivot to placing cybersecurity as a top priority
Recently, Microsoft had quite frankly a kicking from the US Department of Homeland Security over their security practices in a Cyber Safety Review Board report. I’ve tried to keep as quiet as possible ... Read more
- Zero Day Initiative
CVE-2024-2887: A Pwn2Own Winning Bug in Google Chrome
None ... Read more
- cert.pl
Vulnerability in CraftBeerPi 4 software
CVE ID CVE-2024-3955 Publication date 02 May 2024 Vendor PiBrewing, CraftBeerPi - Brewing Controller Product CraftBeerPi 4 Vulnerable versions from 4.0.0.58 (commit 563fae9) to 4.4.1.a1 (commit 57572c ... Read more