Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
GitLab Issues Critical Security Patch for CVE-2024-6678 (CVSS 9.9), Urges Immediate Update
In a recent security advisory, GitLab announced the release of critical security patches for its Community Edition (CE) and Enterprise Edition (EE). The patches address several vulnerabilities, includ ... Read more
-
Cybersecurity News
CVE-2024-45409 (CVSS 10): Critical Ruby-SAML Flaw Leaves User Accounts Exposed
A critical security vulnerability, CVE-2024-45409, has been identified in the Ruby-SAML library, a widely used tool for implementing SAML (Security Assertion Markup Language) authorization on the clie ... Read more
-
Cybersecurity News
CosmicBeetle’s ScRansom Ransomware: A Growing Threat to European and Asian Businesses
Encryption scheme utilized by the latest ScRansom samples | Image: ESETIn a significant development tracked by ESET researchers, the threat actor known as CosmicBeetle has intensified its ransomware o ... Read more
-
Cybersecurity News
PAN-OS Vulnerabilities: Command Injection (CVE-2024-8686) and GlobalProtect Exposure (CVE-2024-8687)
Palo Alto Networks, a leading cybersecurity solutions provider, has recently released a critical security advisory, urging its customers to take immediate action to address several vulnerabilities dis ... Read more
-
TheCyberThrone
Ivanti fixes critical vulnerability in EPM -CVE-2024-29847
Ivanti fixed a critical vulnerability in its Endpoint Management software (EPM) that can let attackers achieve remote code execution on the core serverThe vulnerability tracked as CVE-2024-29847 with ... Read more
-
cloudsecurityalliance.org
Never Trust User Inputs—And AI Isn't an Exception: A Security-First Approach
Originally published by Tenable. Written by Rémy Marot. Artificial Intelligence (AI) is transforming industries and beginning to be widely adopted by software developers to build business applications ... Read more
-
Trend Micro
Protecting Against RCE Attacks Abusing WhatsUp Gold Vulnerabilities
Summary Trend Micro researchers identified remote code execution attacks on WhatsUp Gold exploiting the Active Monitor PowerShell Script since August 30. These attacks possibly leveraged vulnerabiliti ... Read more
-
BleepingComputer
Adobe fixes Acrobat Reader zero-day with public PoC exploit
A cybersecurity researcher is urging users to upgrade Adobe Acrobat Reader after a fix was released yesterday for a remote code execution zero-day with a public in-the-wild proof-of-concept exploit. T ... Read more
-
TheCyberThrone
Google patched several vulnerabilities in thrid minor upgrade to Chrome 128
Google has released a new Chrome 128 update that addresses five vulnerabilities, including four high-severity vulnerabilities reported by external researchers.The first vulnerability, tracked as CVE-2 ... Read more
-
security.nl
Ivanti Endpoint Manager via kritieke kwetsbaarheid op afstand over te nemen
Een kritieke kwetsbaarheid in Ivanti Endpoint Manager maakt het mogelijk voor ongeauthenticeerde aanvallers om servers op afstand over te nemen, wat grote gevolgen voor organisaties kan hebben. Ivanti ... Read more