Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
WordPress WPLMS and VibeBP Vulnerabilities
Two widely-used WordPress plugins, WPLMS and VibeBP, have recently been discovered with critical vulnerabilities. These vulnerabilities, if left unaddressed, could potentially expose websites to sever ... Read more
-
The Cyber Express
CISA Flags CVE-2021-44207 in Exploited Vulnerabilities Catalog: High Impact Alert
The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of a new vulnerability, CVE-2021-44207, to its Known Exploited Vulnerabilities (KEV) Catalog. This action follows ... Read more
-
The Hacker News
Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks
The Apache Software Foundation (ASF) has released a security update to address an important vulnerability in its Tomcat server software that could result in remote code execution (RCE) under certain c ... Read more
-
TheCyberThrone
Zeroday Vulnerabilities Prevailed in 2024 Analysis-Part II
This is the continuation of Zeroday vulnerabilities in 2024. Let’s delve deeply into the continuation of zero-day vulnerabilities of 2024, providing a comprehensive analysis.1. CVE-2023-46805: Authen ... Read more
-
Cybersecurity News
PoC Exploit Released for CVE-2024-30085: Windows Elevation of Privilege Vulnerability
Security researcher Alex Birnberg with SSD Secure Disclosure published the technical details and a proof-of-concept (PoC) exploit code for CVE-2024-30085 – a Windows Cloud Files Mini Filter Driver Ele ... Read more
-
Cybersecurity News
CVE-2024-12828 (CVSS 9.9): Webmin Vulnerability Leaves a Million Servers Exposed to RCE
The popular web-based system administration tool, Webmin, has been found to harbor a critical security vulnerability (CVE-2024-12828) that could allow attackers to seize control of servers. With an es ... Read more
-
Cybersecurity News
CVE-2024-56334: Command Injection Flaw Exposes Millions of Node.js Systems to Attack
A severe command injection vulnerability (CVE-2024-56334) has been identified in the widely used Node.js system information package, which has over 8 million monthly downloads and a staggering 330 mil ... Read more
-
Cybersecurity News
CVE-2024-53552 (CVSS 9.8): CrushFTP Flaw Exposes Users to Account Takeover
CrushFTP, a popular file transfer server known for its robust features and user-friendly interface, has issued an urgent security advisory regarding a critical vulnerability that could lead to account ... Read more
-
Cybersecurity News
PoC Exploit Emerges for Adobe ColdFusion CVE-2024-53961—Apply Security Updates Now
Adobe has released urgent security updates to address a critical vulnerability in ColdFusion versions 2023 and 2021. This vulnerability, identified as CVE-2024-53961, could allow attackers to read arb ... Read more
-
Cybersecurity News
WikiKit Phishing Kit Targets Major Industries with Evasive Techniques
TRAC Labs recently unveiled a new phishing kit, named WikiKit, which is targeting industries across automotive, manufacturing, medical, and more. This sophisticated attack employs unique techniques to ... Read more