Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
- schneier.com
New Chrome Zero-Day
Blog Newsletter Books Essays News Talks Academic About Me HomeBlog New Chrome Zero-Day According to Microsoft researchers, North Korean hackers have been using a Chrome zero-day exploit to steal crypt ... Read more
- cert.pl
Vulnerabilities in MegaBIP software
CVE ID CVE-2024-6662 Publication date 10 September 2024 Vendor Jan Syski Product MegaBIP Vulnerable versions All before 5.15 Vulnerability type (CWE) Cross-Site Request Forgery (CSRF) (CWE-352) Report ... Read more
- BleepingComputer
NoName ransomware gang deploying RansomHub malware in recent attacks
The NoName ransomware gang has been trying to build a reputation for more than three years targeting small and medium-sized businesses worldwide with its encryptors and may now be working as a RansomH ... Read more
- Cybersecurity News
Siemens Issues Critical Security Advisory for User Management Component (UMC) – CVE-2024-33698
Siemens, a global industrial automation giant, has disclosed a critical heap-based buffer overflow vulnerability in its User Management Component (UMC). The vulnerability, identified as CVE-2024-33698 ... Read more
- The Cyber Express
Don’t Delay: Patch LoadMaster Now to Avoid Exploitation
A security vulnerability, identified as CVE-2024-7591, has been disclosed affecting all versions of LoadMaster and the LoadMaster Multi-Tenant (MT) hypervisor. The LoadMaster vulnerability is critical ... Read more
- InfoSec Write-ups
A Story About How I Found CVE-2024–24919 in Sony’s HackerOne Program (and Ended Up Getting Swag)
Discovering CVE-2024–24919 in Sony’s Check Point Quantum GatewayAs a security researcher, I’m always on the lookout for vulnerabilities in systems, and this time, my journey led me to the Sony HackerO ... Read more
- InfoSec Write-ups
My recon methodology for hunting CVE-2021–42063 led to discovering an RXSS vulnerability in the…
During one of my bug bounty hunting sessions, I came across an interesting vulnerability: CVE-2021–42063. Let me walk you through how I found this bug and explain the steps I followed.To begin, I alwa ... Read more
- Help Net Security
Zyxel fixes critical command injection flaw in EOL NAS devices (CVE-2024-6342)
Users of Zyxel network-attached storage (NAS) devices are urged to implement hotfixes addressing a critical and easily exploited command injection vulnerability (CVE-2024-6342). About CVE-2024-6342 Zy ... Read more
- Cybersecurity News
CISA Alerts on Active Exploitation of Flaws in ImageMagick, Linux Kernel, and SonicWall
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning, adding three actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The agency’ ... Read more
- Cybersecurity News
CVE-2024-6342: Critical Command Injection Flaw in Zyxel NAS Devices, Hotfixes Released for End-of-Support Products
Zyxel has released critical hotfixes for two of its NAS products, NAS326 and NAS542, which have already reached their end-of-vulnerability-support lifecycle. These devices are susceptible to a command ... Read more