Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
HPE Insight Remote Support Hit with Critical Vulnerabilities, Urgent Patch Released
HPE has issued an urgent security bulletin addressing multiple critical vulnerabilities discovered in its Insight Remote Support service. These flaws could allow attackers to gain unauthorized access ... Read more
-
Cybersecurity News
Jenkins Users Beware: Multiple Security Vulnerabilities Discovered
Jenkins, the widely-used open-source automation server, has issued a security advisory addressing multiple vulnerabilities impacting both its core system and associated plugins. These flaws, ranging f ... Read more
-
Cybersecurity News
XorBot Botnet Resurfaces with Advanced Evasion and Exploits, Threatens IoT Devices
NSFOCUS has identified a resurgence of the XorBot botnet, a potent threat to Internet of Things (IoT) devices worldwide. First observed in late 2023, XorBot has evolved significantly, introducing adva ... Read more
-
Cybersecurity News
SMOKEDHAM Backdoor: UNC2465’s Stealth Weapon for Extortion and Ransomware Campaigns
A comprehensive analysis by TRAC Labs has shed light on the SMOKEDHAM backdoor, a malicious tool leveraged by the financially motivated threat actor UNC2465. Active since 2019, SMOKEDHAM plays a centr ... Read more
-
The Register
Salt Typhoon's surge extends far beyond US telcos
The reach of the China-linked Salt Typhoon gang extends beyond telecommunications giants in the United States, and its arsenal includes several backdoors – including a brand-new malware dubbed GhostSp ... Read more
-
BleepingComputer
Microsoft re-releases Exchange updates after fixing mail delivery
Microsoft has re-released the November 2024 security updates for Exchange Server after pulling them earlier this month due to email delivery issues on servers using custom mail flow rules. The compan ... Read more
-
BleepingComputer
Hackers exploit ProjectSend flaw to backdoor exposed servers
Threat actors are using public exploits for a critical authentication bypass flaw in ProjectSend to upload webshells and gain remote access to servers. The flaw, tracked as CVE-2024-11680, is a critic ... Read more
-
seclists.org
SEC Consult SA-20241127-0 :: Stored Cross-Site Scripting in Omada Identity (CVE-2024-52951)
Full Disclosure mailing list archives SEC Consult SA-20241127-0 :: Stored Cross-Site Scripting in Omada Identity (CVE-2024-52951) From: SEC Consult Vulnerability Lab via Fulldisclosure <fulldisclosure ... Read more
-
seclists.org
SEC Consult SA-20241125-0 :: Unlocked JTAG interface and buffer overflow in Siemens SM-2558 Protocol Element, Siemens CP-2016 & CP-2019
Full Disclosure mailing list archives From: SEC Consult Vulnerability Lab via Fulldisclosure <fulldisclosure () seclists org> Date: Mon, 25 Nov 2024 08:32:17 +0000 SEC Consult Vulnerability Lab Securi ... Read more
-
seclists.org
Re: Local Privilege Escalations in needrestart
Qualys Security Advisory LPEs in needrestart (CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003) ====================================================================== ... Read more