Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
- TheCyberThrone
Ivanti fixes critical vulnerabilities in CSA
Ivanti has issued critical software updates to address several severe vulnerabilities in its Cloud Services Application (CSA). These vulnerabilities, tracked as CVE-2024-11639, CVE-2024-11772, and CVE ... Read more
- Cybersecurity News
CVE-2024-53677 (CVSS 9.5): Critical Vulnerability in Apache Struts Allows Remote Code Execution
Developers using the popular Apache Struts framework are urged to update their systems immediately following the discovery of a critical security flaw (CVE-2024-53677, CVSS 9.5) that could allow attac ... Read more
- Cybersecurity News
PoC Exploit Code Releases Cleo Zero-Day Vulnerability (CVE-2024-50623)
Organizations using Cleo file transfer software are urged to take immediate action as a critical vulnerability, CVE-2024-50623, is being actively exploited in the wild. This zero-day flaw affects Cleo ... Read more
- Cybersecurity News
BadRAM Vulnerability (CVE-2024-21944): Researchers Uncover Security Flaw in AMD SEV
A collaborative research effort has exposed a significant vulnerability, designated CVE-2024-21944 and named “BadRAM,” that undermines the integrity of AMD’s Secure Encrypted Virtualization (SEV) tech ... Read more
- Cybersecurity News
Zloader Trojan Employs Novel DNS Tunneling Protocol for Enhanced Evasion
Zloader, the modular Trojan with roots in the infamous Zeus malware, has once again evolved, presenting a new and sophisticated challenge to cybersecurity professionals. ThreatLabz, the security resea ... Read more
- Cybersecurity News
CVE-2024-11274: GitLab Vulnerability Exposes User Accounts
GitLab has issued an important security update addressing a range of vulnerabilities affecting multiple versions of its platform. The update, which includes versions 17.6.2, 17.5.4, and 17.4.6 for Com ... Read more
- Cybersecurity News
CVE-2024-53247: Splunk Secure Gateway App Vulnerability Allows Remote Code Execution
A critical vulnerability has been discovered in the Splunk Secure Gateway app that could allow a low-privileged user to execute arbitrary code on vulnerable systems. The vulnerability, identified as C ... Read more
- TheCyberThrone
AuthQuake vulnerability with Microsoft to Bypass MFA
Cybersecurity researchers at Oasis Security have discovered a significant vulnerability in Microsoft’s Multi-Factor Authentication (MFA) system, which they have named AuthQuake.This vulnerability allo ... Read more
- Cybersecurity News
CVE-2020-12271 Exploited: FBI Seeks Chinese Hacker Behind 81,000 Device Breach
The US Department of Justice announced the unsealing of an indictment against Guan Tianfeng, a Chinese national associated with Sichuan Silence Information Technology Co. Ltd., for his alleged role in ... Read more
- BleepingComputer
Hunk Companion WordPress plugin exploited to install vulnerable plugins
Hackers are exploiting a critical vulnerability in the "Hunk Companion" plugin to install and activate other plugins with exploitable flaws directly from the WordPress.org repository. By installing ou ... Read more