Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks
Vulnerability / IoT Security A Mirai botnet variant dubbed Aquabot has been observed actively attempting to exploit a medium-severity security flaw impacting Mitel phones in order to ensnare them into ... Read more
-
Help Net Security
89% of AI-powered APIs rely on insecure authentication mechanisms
APIs have emerged as the predominant attack surface over the past year, with AI being the biggest driver of API security risks, according to Wallarm. “Based on our findings, what is clear is that API ... Read more
-
CrowdStrike.com
January 2025 Patch Tuesday: 10 Critical Vulnerabilities and Eight Zero-Days Among 159 CVEs
Microsoft has released security updates for 159 vulnerabilities in its January 2025 Patch Tuesday rollout. Among these are 10 Critical vulnerabilities and eight zero-days affecting the Windows Hyper-V ... Read more
-
CrowdStrike.com
January 2025 Patch Tuesday: 10 Critical Vulnerabilities and Eight Zero-Days Among 159 CVEs
Microsoft has released security updates for 159 vulnerabilities in its January 2025 Patch Tuesday rollout. Among these are 10 Critical vulnerabilities and eight zero-days affecting the Windows Hyper-V ... Read more
-
The Register
Wacom says crooks probably swiped customer credit cards from its online checkout
Graphics tablet maker Wacom has warned customers their credit card details may well have been stolen by miscreants while they were buying stuff from its website. We're told people's payment informatio ... Read more
-
TheCyberThrone
CISA adds Apple vulnerability CVE-2025-24085 to KEV Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.CVE-2025-24085 Apple Multiple Products Use-After-Free VulnerabilityCVE-202 ... Read more
-
seclists.org
Quorum onQ OS - 6.0.0.5.2064 | Reflected Cross Site Scripting (XSS) | CVE-2024-44449
Full Disclosure mailing list archives From: Shaikh Shahnawaz <sshahnawaz99910 () gmail com> Date: Tue, 28 Jan 2025 13:43:53 +0400 [+] Credits: Shahnawaz Shaikh, Security Researcher at Cybergate Defens ... Read more
-
BleepingComputer
New Aquabotv3 botnet malware targets Mitel command injection flaw
A new variant of the Mirai-based botnet malware Aquabot has been observed actively exploiting CVE-2024-41710, a command injection vulnerability in Mitel SIP phones. The activity was discovered by Akam ... Read more
-
CrowdStrike.com
January 2025 Patch Tuesday: 10 Critical Vulnerabilities and Eight Zero-Days Among 159 CVEs
Microsoft has released security updates for 159 vulnerabilities in its January 2025 Patch Tuesday rollout. Among these are 10 Critical vulnerabilities and eight zero-days affecting the Windows Hyper-V ... Read more
-
Dark Reading
PrintNightmare Aftermath: Windows Print Spooler is Better. What's Next?
Source: Mashka via ShutterstockThe 2021 PrintNightmare vulnerability exposed multiple deep-rooted security flaws in Microsoft's Print Spooler service, a core Windows component. The flaws, which had pe ... Read more