Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
- BleepingComputer
Broadcom fixes critical RCE bug in VMware vCenter Server
Broadcom has fixed a critical VMware vCenter Server vulnerability that attackers can exploit to gain remote code execution on unpatched servers via a network packet. vCenter Server is the central mana ... Read more
- BleepingComputer
PKfail Secure Boot bypass remains a significant risk two months later
Roughly nine percent of tested firmware images use non-production cryptographic keys that are publicly known or leaked in data breaches, leaving many Secure Boot devices vulnerable to UEFI bootkit mal ... Read more
- The Cyber Express
Apple Urges Users to Install iOS 18 to Fix 33 iPhone Vulnerabilities
Apple has officially released iOS 18, which is the latest software update for iPhones and iPads. While the software introduces exciting new features, the most critical part of this update lies in its ... Read more
- The Hacker News
Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense
Google has announced that it will be switching from KYBER to ML-KEM in its Chrome web browser as part of its ongoing efforts to defend against the risk posed by cryptographically relevant quantum comp ... Read more
- Help Net Security
PoC exploit for exploited Ivanti Cloud Services Appliance flaw released (CVE-2024-8190)
CVE-2024-8190, an OS command injection vulnerability in Ivanti Cloud Services Appliance (CSA) v4.6, is under active exploitation. Details about the attacks are still unknown, but there may be more in ... Read more
- security.nl
Siri-lekken geven opnieuw toegang tot gegevens op vergrendelde iPhone
Kwetsbaarheden in Apples spraakassistent Siri maken het opnieuw mogelijk voor een aanvaller met fysieke toegang tot een vergrendelde iPhone om gevoelige informatie te stelen. Apple heeft beveiligingsu ... Read more
- TheCyberThrone
CISA KEV Update September 2024 -Part V
The US CISA adds two vulnerabilities to its Known Exploited Vulnerabilities Catalog based on the evidence of active exploitationThe first vulnerability tracked as CVE-2024-43461, Microsoft Windows MSH ... Read more
- The Hacker News
SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks
Software Security / Data Protection SolarWinds has released fixes to address two security flaws in its Access Rights Manager (ARM) software, including a critical vulnerability that could result in rem ... Read more
- seclists.org
SEC Consult blog :: Microsoft Windows MSI Installer - Repair to SYSTEM - A detailed journey (CVE-2024-38014) + msiscan tool release
Full Disclosure mailing list archives SEC Consult blog :: Microsoft Windows MSI Installer - Repair to SYSTEM - A detailed journey (CVE-2024-38014) + msiscan tool release From: SEC Consult Vulnerabilit ... Read more
- seclists.org
APPLE-SA-09-16-2024-10 macOS Ventura 13.7
Full Disclosure mailing list archives From: Apple Product Security via Fulldisclosure <fulldisclosure () seclists org> Date: Mon, 16 Sep 2024 18:16:06 -0700 -----BEGIN PGP SIGNED MESSAGE----- Hash: SH ... Read more