Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
CVE-2024-8353 (CVSS 10): Critical GiveWP Flaw, 100k WordPress Sites at Risk
A critical vulnerability has been discovered in the popular GiveWP donation plugin for WordPress, potentially allowing unauthenticated attackers to take complete control of affected websites. The flaw ... Read more
-
Cybersecurity News
Critical XSS Flaw Discovered in Filament: CVE-2024-47186 Requires Urgent Update for Laravel Developers
The Filament project, a popular collection of full-stack components for accelerated Laravel development, has issued a critical security advisory for CVE-2024-47186. This Cross-Site Scripting (XSS) vul ... Read more
-
Cybersecurity News
Critical SolarWinds Flaw Exposes 827 Instances: PoC Exploit Unveiled for CVE-2024-28987
Security researcher Zach Hanley from Horizon3.ai published the technical details and a proof-of-concept (PoC) exploit code for a critical hardcoded credential vulnerability, CVE-2024-28987, in the pop ... Read more
-
Cybersecurity News
Storm-0501 Targets Hybrid Clouds with Evolving Ransomware Tactics
In a recent report from Microsoft Threat Intelligence, the cybercriminal group Storm-0501 has been identified as a rising threat, targeting hybrid cloud environments through a series of sophisticated ... Read more
-
BleepingComputer
Critical flaw in NVIDIA Container Toolkit allows full host takeover
A critical vulnerability in NVIDIA Container Toolkit impacts all AI applications in a cloud or on-premise environment that rely on it to access GPU resources. The security issue is tracked as CVE-2024 ... Read more
-
Help Net Security
Week in review: Windows Server 2025 gets hotpatching option, PoC for SolarWinds WHD flaw released
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Windows Server 2025 gets hotpatching option, without reboots Organizations that plan to upgrade to Win ... Read more
-
seclists.org
SEC Consult SA-20240925-0 :: Uninstall Password Bypass in BlackBerry CylanceOPTICS Windows Installer Package (CVE-2024-35214)
Full Disclosure mailing list archives From: SEC Consult Vulnerability Lab via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 25 Sep 2024 06:38:24 +0000 SEC Consult Vulnerability Lab Securi ... Read more
-
Cybersecurity News
CVE-2024-43917 (CVSS 9.3): Unpatched SQLi Flaw in TI WooCommerce Wishlist Threatens 100,000+ Sites
A critical security vulnerability has been discovered in the widely-used WordPress plugin, TI WooCommerce Wishlist, potentially exposing over 100,000 websites to malicious attacks. The flaw, tracked a ... Read more
-
Cybersecurity News
SloppyLemming’s Espionage Campaign Targets South Asia
A recent report from Cloudforce One has detailed a cyber espionage campaign orchestrated by a threat actor dubbed SloppyLemming, targeting government, defense, telecommunications, and energy sectors a ... Read more
-
Cybersecurity News
Critical WatchGuard Vulnerabilities Discovered: CVE-2024-6592 and CVE-2024-6593
Cybersecurity firm RedTeam Pentesting GmbH has disclosed two critical vulnerabilities, CVE-2024-6592 and CVE-2024-6593, in WatchGuard’s Authentication Gateway (also known as Single Sign-On Agent) and ... Read more