Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
- Help Net Security
December 2024 Patch Tuesday forecast: The secure future initiative impact
December 2024 Patch Tuesday is now live: Microsoft fixes exploited zero-day (CVE-2024-49138) It seems like 2024 just started, but the final Patch Tuesday of the year is almost here! In retrospect, it ... Read more
- Cybersecurity News
Django Releases Patches for CVE-2024-53907 and CVE-2024-53908 to Mitigate DoS and SQLi Threats
The Django team has recently announced the release of Django 5.1.4, Django 5.0.10, and Django 4.2.17 to address two security vulnerabilities. All users are strongly encouraged to upgrade their Django ... Read more
- Cybersecurity News
CVE-2024-43222 (CVSS 9.8): Critical Flaw in Sweet Date WordPress Theme Exposes Thousands of Sites to Potential Takeovers
A critical vulnerability (CVE-2024-43222) has been identified in the Sweet Date WordPress theme, a popular premium theme with nearly 10,000 sales. This vulnerability carries a CVSS score of 9.8, indic ... Read more
- Cybersecurity News
Multiple Vulnerabilities in SonicWall SMA 100 Could Lead to Remote Code Execution
SonicWall has issued a security advisory regarding several vulnerabilities impacting its SMA 100 series SSL-VPN products. These flaws range from path traversal issues inherited from Apache HTTP Server ... Read more
- Cybersecurity News
CVE-2024-53990 (CVSS 9.2): AsyncHttpClient Vulnerability Puts Java Applications at Risk
A critical severity vulnerability (CVE-2024-53990) has been discovered in the AsyncHttpClient (AHC) library, a popular Java library used for making asynchronous HTTP requests. This vulnerability, with ... Read more
- Cybersecurity News
Black Basta Resurgence: Social Engineering Campaign Delivers Zbot, DarkGate, and Custom Malware
The notorious Black Basta ransomware group is back, employing sophisticated social engineering tactics and deploying advanced malware payloads in their latest campaign. According to a detailed analysi ... Read more
- The Register
Solana blockchain's popular web3.js npm package backdoored to steal keys, funds
Malware-poisoned versions of the widely used JavaScript library @solana/web3.js were distributed via the npm package registry, according to an advisory issued Wednesday by project maintainer Steven Lu ... Read more
- 0patch.com
URL File NTLM Hash Disclosure Vulnerability (0day) - and Free Micropatches for it
Our researchers discovered a vulnerability on all Windows Workstation and Server versions from Windows 7 and Server 2008 R2 to the latest Windows 11 v24H2 and Server 2022. The vulnerability allows an ... Read more
- Dark Reading
Bypass Bug Revives Critical N-Day in Mitel MiCollab
Source: Kristoffer Tripplaar via Alamy Stock PhotoTwo new vulnerabilities in Mitel's MiCollab unified communications and collaboration (UCC) platform could help expose gobs of enterprise data.MiCollab ... Read more
- security.nl
Exploit gepubliceerd voor overnemen Mitel MiCollab communicatieplatform
Een securitybedrijf heeft proof-of-concept exploitcode gepubliceerd waarmee Mitel MiCollab-servers zijn over te nemen. De exploit maakt gebruik van twee kwetsbaarheden. Voor één van de beveiligingslek ... Read more