Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Cloudflare Blog
Resolving a Mutual TLS session resumption vulnerability
2025-02-075 min readOn January 23, 2025, Cloudflare was notified via its Bug Bounty Program of a vulnerability in Cloudflare’s Mutual TLS (mTLS) implementation. The vulnerability affected customers wh ... Read more
-
BleepingComputer
Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers
Software vendor Trimble is warning that hackers are exploiting a Cityworks deserialization vulnerability to remotely execute commands on IIS servers and deploy Cobalt Strike beacons for initial networ ... Read more
-
0patch.com
Micropatches Released for Active Directory Certificate Services Elevation of Privilege Vulnerability (CVE-2024-49019)
November 2024 Windows updates brought a fix for CVE-2024-49019, a privilege escalation vulnerability allowing, under specific conditions, a domain user to create a certificate for another domain user, ... Read more
-
The Register
UK Home Office silent on alleged Apple backdoor order
The UK's Home Office refuses to either confirm or deny reports that it recently ordered Apple to create a backdoor allowing the government to access any user's cloud data. Such a mechanism would enabl ... Read more
-
0patch.com
Micropatches Released for Windows OLE Remote Code Execution (CVE-2025-21298)
January 2025 Windows updates brought a fix for CVE-2025-21298, a memory corruption issue in Windows OLE data processing that can be exploited by a malicious Word document or a malicious email read in ... Read more
-
The Hacker News
CISA Warns of Active Exploitation in Trimble Cityworks Vulnerability Leading to IIS RCE
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that a security flaw impacting Trimble Cityworks GIS-centric asset management software has come under active exploitation in ... Read more
-
The Hacker News
Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks
Cloud Security / Web Security Microsoft is warning of an insecure practice wherein software developers are incorporating publicly disclosed ASP.NET machine keys from publicly accessible resources, the ... Read more
-
TheCyberThrone
CVE-2025-0994 affects Trimble Cityworks
CVE-2025-0994 is a serious security vulnerability affecting Trimble Cityworks versions prior to 15.8.9 and Cityworks with office companion versions prior to 23.10. This vulnerability can lead to remot ... Read more
-
security.nl
Trimble Cityworks-lek actief gebruikt voor overnemen Microsoft IIS-servers
Aanvallers maken actief misbruik van een kwetsbaarheid in Trimble Cityworks voor het overnemen van Microsoft Internet Information Services (IIS) webservers. Trimble Cityworks is een 'asset managements ... Read more
-
security.nl
Kritiek Microsoft Outlook-lek actief misbruikt bij aanvallen waarschuwt VS
Aanvallers maken actief misbruik van een kritieke kwetsbaarheid in Microsoft Outlook waardoor remote code execution mogelijk is, zo waarschuwt het Cybersecurity and Infrastructure Security Agency (CIS ... Read more