Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
- Cybersecurity News
CVE-2024-47578 (CVSS 9.1): SAP Issues Critical Patch for NetWeaver AS for JAVA
SAP’s latest Security Patch Day, released today, detailed 10 new Security Notes alongside updates to three previously released notes. Among the newly disclosed vulnerabilities, multiple critical and h ... Read more
- Cybersecurity News
CVE-2024-50623: Critical Vulnerability in Cleo Software Actively Exploited in the Wild
Huntress Labs has raised the alarm over the active exploitation of a critical vulnerability (CVE-2024-50623) in Cleo’s Harmony, VLTrader, and LexiCom software, commonly used for managing file transfer ... Read more
- Cybersecurity News
CVE-2024-54143: Critical Vulnerability in OpenWrt’s Attended SysUpgrade Server Allows for Firmware Poisoning
OpenWrt, a popular open-source operating system for embedded devices, has disclosed a critical vulnerability (CVE-2024-54143) that could allow attackers to compromise the integrity of firmware updates ... Read more
- Cybersecurity News
CVE-2024-11205: WPForms Plugin Vulnerability Impacts 6 Million WordPress Sites
A critical vulnerability (CVE-2024-11205) discovered in WPForms, a prevalent WordPress form builder plugin with over 6 million active installations, exposed websites to significant financial risk. The ... Read more
- Cybersecurity News
CVE-2024-12254: CPython Flaw Could Lead to Memory Exhaustion in asyncio Applications
A high-severity vulnerability (CVE-2024-12254) has been discovered in CPython, the reference implementation of the Python programming language. This vulnerability, with a CVSSv4 score of 8.7, affects ... Read more
- Dark Reading
Microsoft NTLM Zero-Day to Remain Unpatched Until April
Source: QINQIE99 via ShutterstockMicrosoft has released fresh guidance to organizations on how to mitigate NTLM relay attacks by default, days after researchers reported finding a NTLM hash disclosure ... Read more
- BleepingComputer
OpenWrt Sysupgrade flaw let hackers push malicious firmware images
A flaw in OpenWrt's Attended Sysupgrade feature used to build custom, on-demand firmware images could have allowed for the distribution of malicious firmware packages. OpenWrt is a highly customizable ... Read more
- Help Net Security
Update your OpenWrt router! Security issue made supply chain attack possible
A security issue that could have allowed attackers to serve malicious firmware images to users has been fixed by OpenWrt Project, the organization that helms the development of the popular Linux distr ... Read more
- The Register
OpenWrt orders router firmware updates after supply chain attack scare
OpenWrt users should upgrade their images to the same version to protect themselves from a possible supply chain attack reported to the open source Wi-Fi router project last week. Paul Spooren, develo ... Read more
- The Hacker News
⚡ THN Recap: Top Cybersecurity Threats, Tools and Tips (Dec 2 - 8)
Cyber Threats / Weekly Recap This week's cyber world is like a big spy movie. Hackers are breaking into other hackers' setups, sneaky malware is hiding in popular software, and AI-powered scams are tr ... Read more