Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
Hackers Actively Exploiting GeoServer RCE Flaw, 6635 Servers Vulnerable
A critical vulnerability in GeoServer, an open-source Java-based software server, has put thousands of servers at risk. The flaw, CVE-2024-36401, allows unauthenticated users to execute remote code, p ... Read more
-
TheCyberThrone
Google fixes critical vulnerability CVE-2024-6990 in Chrome
Google has released the latest security update for its Chrome browser, addressing several critical vulnerabilities.The latest advisory includes three significant security fixes, two classified as high ... Read more
-
Cyber Security News
Multiple SMTP Servers Vulnerable to Spoofing Attacks, Hackers Bypassing Authentication
A recent discovery has unveiled vulnerabilities in multiple hosted, outbound SMTP servers, allowing authenticated users and certain trusted networks to send emails with spoofed sender information. The ... Read more
-
Cyber Security News
Google Patched Critical Chrome Vulnerability Leads to Browser Crash
Google has rolled out a critical security update for its Chrome browser, addressing a severe flaw that could lead to browser crashes. The update, now available on the Stable channel, brings Chrome to ... Read more
-
TheCyberThrone
CISA adds CVE-2024-37085 to its KEV catalog
The U.S. CISA added an authentication bypass VMware ESXi vulnerability, tracked as CVE-2024-37085 with a CVSS score of 6.8, to its Known Exploited Vulnerabilities (KEV) catalog.The flaw is an authenti ... Read more
-
TheCyberThrone
MOVEit fixes High Severity Vulnerability -CVE-2024-6576
Progress Software has warned customers about a new high-severity vulnerability that could allow attackers to escalate privileges within the system.The vulnerability tracked as CVE-2024-6576 with a CVS ... Read more
-
Zero Day Initiative
Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 1
The number of link following vulnerabilities submitted to the Trend Micro ZDI program has been increasing rapidly over the past several years. These submissions have provided us with insight into how ... Read more
-
cert.pl
Vulnerability in Stackposts Social Marketing Tool software
CVE ID CVE-2024-7127 Publication date 30 July 2024 Vendor Stackposts Product Social Marketing Tool Vulnerable versions All Vulnerability type (CWE) Improper Neutralization of Input During Web Page Gen ... Read more
-
Cyber Security News
New MOVEit File Transfer Vulnerability Let Attackers Escalate Privileges
Progress Software has disclosed a new high-severity vulnerability in its MOVEit Transfer file transfer solution that could allow attackers to escalate privileges through improper authentication. The v ... Read more
-
Help Net Security
VMware ESXi auth bypass zero-day exploited by ransomware operators (CVE-2024-37085)
Ransomware operators have been leveraging CVE-2024-37085, an authentication bypass vulnerability affecting Active Directory domain-joined VMware ESXi hypervisors, to gain full administrative access to ... Read more