Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
- Cybersecurity News
Critical Vulnerabilities in Kakadu JPEG 2000 Library Expose Systems to Remote Attacks
Image: CVRResearchers from the Google Chrome Vulnerability Rewards (CVR) team have identified a series of critical vulnerabilities within the Kakadu image library, a widely deployed software component ... Read more
- security.nl
Adobe dicht Acrobat-lek waarvoor al maanden poc-exploitcode bestaat
Adobe heeft een kritieke kwetsbaarheid Acrobat en Acrobat Reader verholpen waarvoor al maandenlang proof-of-concept (poc) exploitcode beschikbaar is. Het softwarebedrijf is echter niet bekend met misb ... Read more
- Dark Reading
Amateurish 'CosmicBeetle' Ransomware Stings SMBs in Turkey
Source: Mark Brandon via ShutterstockA cybercriminal group — or individual — known as "CosmicBeetle" is exploiting vulnerabilities in technologies used by small businesses in Turkey, as well as Spain, ... Read more
- Cybersecurity News
Cisco Issues Security Advisories: Critical Vulnerabilities Impact Multiple Products
Cisco Systems has released a series of urgent security advisories, revealing a total of nine vulnerabilities affecting various products, including Cisco IOS XR Software, Crosswork Network Services Orc ... Read more
- Cybersecurity News
CVE-2024-8522 (CVSS 10): LearnPress SQLi Flaw Leaves 90K+ WordPress Sites at Risk
A critical SQL injection vulnerability has been discovered in LearnPress, a popular WordPress plugin used to create and manage online courses. The flaw, tracked as CVE-2024-8522, carries a maximum CVS ... Read more
- seclists.org
CVE-2024-25286 - RedSys - A Cross-Site Request Forgery (CSRF) vulnerability was identified in the Authorization Method of 3DSecure 2.0
Full Disclosure mailing list archives CVE-2024-25286 - RedSys - A Cross-Site Request Forgery (CSRF) vulnerability was identified in the Authorization Method of 3DSecure 2.0 From: RUBEN LOPEZ HERRERA < ... Read more
- seclists.org
CVE-2024-25285 - RedSys - 3DSecure 2.0 is vulnerable to form action hijacking
Full Disclosure mailing list archives CVE-2024-25285 - RedSys - 3DSecure 2.0 is vulnerable to form action hijacking From: RUBEN LOPEZ HERRERA <ruben.lopezherrera () telefonica com> Date: Tue, 10 Sep 2 ... Read more
- seclists.org
CVE-2024-25284 - RedSys - Multiple reflected Cross-Site Scripting (XSS) vulnerabilities in the 3DS Authorization Method of 3DSecure 2.0
Full Disclosure mailing list archives CVE-2024-25284 - RedSys - Multiple reflected Cross-Site Scripting (XSS) vulnerabilities in the 3DS Authorization Method of 3DSecure 2.0 From: RUBEN LOPEZ HERRERA ... Read more
- seclists.org
CVE-2024-25283 - RedSys - Multiple reflected Cross-Site Scripting (XSS) vulnerabilities exist in the 3DS Authorization Challenge of 3DSecure 2.0
Full Disclosure mailing list archives CVE-2024-25283 - RedSys - Multiple reflected Cross-Site Scripting (XSS) vulnerabilities exist in the 3DS Authorization Challenge of 3DSecure 2.0 From: RUBEN LOPEZ ... Read more
- seclists.org
CVE-2024-25282 - RedSys - 3DSecure 2.0 is vulnerable to Cross-Site Scripting (XSS) in its 3DSMethod Authentication
Full Disclosure mailing list archives CVE-2024-25282 - RedSys - 3DSecure 2.0 is vulnerable to Cross-Site Scripting (XSS) in its 3DSMethod Authentication From: RUBEN LOPEZ HERRERA <ruben.lopezherrera ( ... Read more