Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
cert.pl
Vulnerabilities in CDeX software
CVE ID CVE-2024-2463 Publication date 21 March 2024 Vendor CDeX PSA Product CDeX Vulnerable versions through 5.71 Vulnerability type (CWE) Weak Password Recovery Mechanism for Forgotten Password (CWE- ... Read more
-
Trend Micro
TeamCity Vulnerability Exploits Lead to Jasmin Ransomware, Other Malware Types
On March 4, 2024, JetBrains disclosed two critical vulnerabilities — CVE-2024-27198 and CVE-2024-27199 — within the TeamCity On-Premises platform that allow attackers to bypass authentication measures ... Read more
-
Trend Micro
Jenkins Args4j CVE-2024-23897: Files Exposed, Code at Risk
Exploits & Vulnerabilities Jenkins, a popular open-source automation server, was discovered to be affected by a file read vulnerability, CVE-2024-23897. Jenkins, a popular open-source automation serve ... Read more
-
cert.pl
Vulnerabilities in BMC Control-M software
CVE ID CVE-2024-1604 Publication date 18 March 2024 Vendor BMC Product Control-M Vulnerable versions from 9.0.20 before 9.0.20.238, from 9.0.21 before 9.0.21.201 Vulnerability type (CWE) Incorrect Aut ... Read more
-
0patch.com
Micropatches Released for Microsoft Outlook "MonikerLink" Remote Code Execution Vulnerability (CVE-2024-21413)
Update 7/31/2024: Additional exploitation variants for this vulnerability were subsequently discovered. Consequently, original micropatches were revoked and new micropatches issued to cover these new ... Read more
-
Zero Day Initiative
CVE-2023-36049: Microsoft .NET CRLF Injection Arbitrary File Write/Deletion Vulnerability
None ... Read more
-
NVISO Labs
Covert TLS n-day backdoors: SparkCockpit & SparkTar
In early 2024, Ivanti’s Pulse Secure appliances suffered from wide-spread exploitation through the then reported vulnerabilities CVE-2023-46805 & CVE-2024-21887. Amongst the many victims, a critical-s ... Read more
-
osintme.com
Examples of recent attacks against my website
“The Wordfence Web Application Firewall has blocked 467 attacks over the last 10 minutes. Wordfence is blocking these attacks, and we’re sending this notice to make you aware that there is a higher vo ... Read more
-
cert.pl
Vulnerability in Laragon software
CVE ID CVE-2024-0864 Publication date 29 February 2024 Vendor Leo Khoa Product Laragon Vulnerable versions All Vulnerability type (CWE) Improper Input Validation (CWE-20) Report source Own research De ... Read more
-
0patch.com
Micropatches Released for Microsoft Outlook Information Disclosure Vulnerability (CVE-2023-35636)
In December 2023, still-Supported Microsoft Outlook versions got an official patch for CVE-2023-35636, a vulnerability that allowed an attacker to coerce user's Outlook to authenticate to attacker's r ... Read more