Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Adobe patches Acrobat bug, neglects to mention whole zero-day, exploit thing
Adobe's patch for a remote code execution (RCE) bug in Acrobat this week doesn't mention that the vulnerability is considered a zero-day nor that a proof-of-concept (PoC) exploit exists, a researcher ... Read more
-
TheCyberThrone
PaloAlto fixes CVE-2024-8686 and CVE-2024-8687
Palo Alto released patches to address several vulnerabilities discovered in their products, if exploited, could allow unauthorized access, data breaches, and disruption of services.A range of vulnerab ... Read more
-
BleepingComputer
Hackers targeting WhatsUp Gold with public exploit since August
Hackers have been leveraging publicly available exploit code for two critical vulnerabilities in the WhatsUp Gold network availability and performance monitoring solution from Progress Software. The t ... Read more
-
The Hacker News
Urgent: GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Job Execution
DevSecOps / Vulnerability GitLab on Wednesday released security updates to address 17 security vulnerabilities, including a critical flaw that allows an attacker to run pipeline jobs as an arbitrary u ... Read more
-
Zero Day Initiative
Exploiting Exchange PowerShell After ProxyNotShell: Part 2 - ApprovedApplicationCollection
In part 2, I describe the ApprovedApplicationCollection gadget, which was available for abuse because it did not appear on the deny list and could therefore be accessed via MultiValuedProperty. I am a ... Read more
-
TheCyberThrone
GitLab fixes several vulnerabilities including CVE-2024-6678
GitLab has released critical security patches for its Community Edition (CE) and Enterprise Edition (EE) that could allow an attacker to execute arbitrary code.Vulnerability detailsCVE-2024-6678 with ... Read more
-
BleepingComputer
GitLab warns of critical pipeline execution vulnerability
GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions. ... Read more
-
security.nl
Apple Vision Pro kon via eye-tracking wachtwoord van gebruikers lekken
Een kwetsbaarheid in de Apple Vision Pro maakte het mogelijk om wachtwoorden en andere invoer van gebruikers te achterhalen, zo ontdekten onderzoekers. Die rapporteerden het probleem aan Apple, dat ei ... Read more
-
Cybersecurity News
Fortinet Faces Potential Data Breach, Customer Data at Risk
In a concerning development for cybersecurity giant Fortinet, a potential data breach has come to light, raising alarms about the security of sensitive customer information. The incident reportedly af ... Read more
-
The Hacker News
Exposed Selenium Grid Servers Targeted for Crypto Mining and Proxyjacking
Cryptocurrency / Network Security Internet-exposed Selenium Grid instances are being targeted by bad actors for illicit cryptocurrency mining and proxyjacking campaigns. "Selenium Grid is a server tha ... Read more