Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
- Cybersecurity News
CVE-2024-48914 (CVSS 9.1): Critical File Read Flaw Discovered in Vendure E-commerce Platform
Vendure, a popular open-source headless commerce platform, has patched a critical security vulnerability that could allow attackers to read arbitrary files from the server, potentially exposing sensit ... Read more
- The Register
Jetpack fixes 8-year-old flaw affecting millions of WordPress sites
in brief A critical security update for the near-ubiquitous WordPress plugin Jetpack was released last week. Site administrators should ensure the latest version is installed to keep their sites secur ... Read more
- Dark Reading
MacOS Safari 'HM Surf' Exploit Exposes Camera, Mic, Browser Data
Source: Delphotos via Alamy Stock PhotoA security weakness in the Safari browser on macOS devices might have exposed users to spying, data theft, and other forms of malware.The issue is enabled by the ... Read more
- The Cyber Express
Dumbest Thing in Security This Week: The Most Exploited Vulnerability Is…
Cyble’s weekly sensor report is an always fascinating look at the vulnerabilities that threat actors are actively exploiting. While new vulnerabilities are quickly exploited, older ones are still expl ... Read more
- BleepingComputer
Intel, AMD CPUs on Linux impacted by newly disclosed Spectre bypass
The latest generations of Intel processors, including Xeon chips, and AMD's older microarchitectures on Linux are vulnerable to new speculative execution attacks that bypass existing ‘Spectre’ mitigat ... Read more
- TheCyberThrone
Spring framework fixes a High severity vulnerability CVE-2024-38819
Spring Framework has been identified with a new path traversal vulnerability, poses a significant risk to applications serving static resources via WebMvc.fn or WebFlux.fn functional web frameworks.Th ... Read more
- The Register
Spectre flaws continue to haunt Intel and AMD as researchers find fresh attack method
Six years after the Spectre transient execution processor design flaws were disclosed, efforts to patch the problem continue to fall short. Johannes Wikner and Kaveh Razavi of Swiss university ETH Zur ... Read more
- SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 42
The Good | DoJ Unseals Indictment Against Notorious ‘Anonymous Sudan’ DDoS Operators An unsealed indictment charged two brothers with operating the hacktivist group ‘Anonymous Sudan’, responsible for ... Read more
- SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 42
The Good | DoJ Unseals Indictment Against Notorious ‘Anonymous Sudan’ DDoS Operators An unsealed indictment charged two brothers with operating the hacktivist group ‘Anonymous Sudan’, responsible for ... Read more
- krebsonsecurity.com
Brazil Arrests ‘USDoD,’ Hacker in FBI Infragard Breach
Brazilian authorities reportedly have arrested a 33-year-old man on suspicion of being “USDoD,” a prolific cybercriminal who rose to infamy in 2022 after infiltrating the FBI’s InfraGard program and l ... Read more