Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
seclists.org
SEC Consult SA-20241211-0 :: Reflected Cross-Site Scripting in Numerix License Server Administration System Login
Full Disclosure mailing list archives From: SEC Consult Vulnerability Lab via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 11 Dec 2024 11:39:55 +0000 SEC Consult Vulnerability Lab Securi ... Read more
-
seclists.org
St. Poelten UAS | Multiple Vulnerabilities in ORing IAP
Full Disclosure mailing list archives St. Poelten UAS | Multiple Vulnerabilities in ORing IAP From: Thomas Weber | CyberDanube via Fulldisclosure <fulldisclosure () seclists org> Date: Tue, 10 Dec 202 ... Read more
-
Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News
US Sanctions Chinese Cybersecurity Firm for Firewall Exploit, Ransomware Attacks
SUMMARY Sanctions on Chinese Firm: The US sanctioned Sichuan Silence Information Technology and employee Guan Tianfeng for exploiting a firewall vulnerability in a major global cyberattack. Global Imp ... Read more
-
BleepingComputer
Cleo patches critical zero-day exploited in data theft attacks
Cleo has released security updates for a zero-day flaw in its LexiCom, VLTransfer, and Harmony software, currently exploited in data theft attacks. In October, the company patched a pre-auth remote co ... Read more
-
Help Net Security
Cleo patches zero-day exploited by ransomware gang
Cleo has released a security patch to address the critical vulnerability that started getting exploited while still a zero-day to breach internet-facing Cleo Harmony, VLTrader, and LexiCom instances. ... Read more
-
TheCyberThrone
Splunk addresses CVE-2024-53247 in Secure Gateway
A critical vulnerability identified has been discovered in the Splunk Secure Gateway app, affecting various versions of Splunk Enterprise and the Splunk Cloud Platform.The vulnerability tracked as CVE ... Read more
-
The Register
Apache issues patches for critical Struts 2 RCE bug
We now know the remote code execution vulnerability in Apache Struts 2 disclosed back in November carries a near-maximum severity rating following the publication of the CVE. According to the National ... Read more
-
The Hacker News
Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS
Vulnerability / Device Security Details have emerged about a now-patched security vulnerability in Apple's iOS and macOS that, if successfully exploited, could sidestep the Transparency, Consent, and ... Read more
-
The Hacker News
WordPress Hunk Companion Plugin Flaw Exploited to Silently Install Vulnerable Plugins
Website Security / Vulnerability Malicious actors are exploiting a critical vulnerability in the Hunk Companion plugin for WordPress to install other vulnerable plugins that could open the door to a v ... Read more
-
security.nl
Beveiligingslek in macOS maakt remote code execution mogelijk
Een beveiligingslek in macOS maakt het voor een remote aanvaller mogelijk om code op systemen uit te voeren. Apple heeft beveiligingsupdates uitgebracht om het probleem te verhelpen. Apple kwam gister ... Read more