Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Cyber Express
Critical Flaw in Oracle Agile PLM Framework Exposes Sensitive Data: Patch Now
Oracle’s Agile Product Lifecycle Management (PLM) software has been flagged for a security vulnerability (CVE-2024-21287) by CERT-In (Computer Emergency Response Team – India). The vulnerability, cata ... Read more
-
Cybersecurity News
CVE-2024-42330 (CVSS 9.1): Zabbix Patches Critical Remote Code Execution Vulnerability
Popular open-source monitoring tool Zabbix has released urgent security updates to address a critical vulnerability that could allow attackers to execute arbitrary code on vulnerable systems. The vuln ... Read more
-
TheCyberThrone
Salt Typhoon Emergence and T-Mobile Cyber Incident
Salt Typhoon, a Chinese threat actor also known by aliases such as Earth Estries, FamousSparrow, GhostEmperor, and UNC2286, has been conducting cyber-espionage activities against high-value government ... Read more
-
InfoSec Write-ups
The Story of Finding CVE-2014–4210 in a Private Program
In the realm of cybersecurity, vulnerabilities often remain hidden until they are actively sought out. My journey into discovering CVE-2014–4210 began during a routine security assessment of a private ... Read more
-
HOW I HACKED BILLION ANDROID USERS SOCIAL AND 3rd PARTY ACCOUNT | A STORY ABOUT 5000$ BUG |…
In this blog, I will explain the process of how I discovered a vulnerability that triggers the mobile application which in turn allows me to take over multiple accounts.DEEPLINKDeep links are a type o ... Read more
-
TheCyberThrone
Nvidia fixed CVE-2024-0130 in UFM Enterprise
NVIDIA has patched a high-severity vulnerability affecting its UFM Enterprise, UFM Appliance, and UFM CyberAI products. could allow an attacker to gain escalated privileges, tamper with data, deny ser ... Read more
-
TheCyberThrone
Jenkins fixes multiple vulnerabilities
Jenkins has addressed multiple vulnerabilities impacting both its core system and associated plugins. These flaws, ranging from denial of service to cross-site scripting, pose significant risks to Jen ... Read more
-
Cybersecurity News
CVE-2024-42327 (CVSS 9.9): Critical SQL Injection Vulnerability Found in Zabbix
Zabbix, a popular open-source IT infrastructure monitoring tool used by organizations worldwide, has been found to contain a critical SQL injection vulnerability (CVE-2024-42327) with a CVSS score of ... Read more
-
Cybersecurity News
35 Million Devices Vulnerable: Matrix DDoS Campaign Highlights Growing IoT Threat
Aqua Nautilus researchers have uncovered a major Distributed Denial-of-Service (DDoS) campaign led by a threat actor operating under the name Matrix. This operation, detected through honeypot activiti ... Read more
-
Cybersecurity News
Elpaco Ransomware: A New Threat Actor Leverages CVE-2020-1472 for Global Attacks
Kaspersky Labs has unveiled a sophisticated new ransomware variant named Elpaco, which has emerged as an evolution of the Mimic ransomware family. This advanced malware exhibits a plethora of customiz ... Read more