Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
WorkflowKit Race Vulnerability (CVE-2024-27821): Researcher Reveals Exploit that Let Malicious Apps Hijack Shortcuts
Security researcher Snoolie K has published an in-depth analysis of a significant security flaw in WorkflowKit, which has been assigned CVE-2024-27821. This vulnerability, dubbed the “WorkflowKit Race ... Read more
-
Cybersecurity News
FrostyGoop: New ICS Malware Exploits Modbus TCP Protocol
Recently, Palo Alto Networks has released an in-depth analysis of FrostyGoop, also known as BUSTLEBERM, a sophisticated malware targeting operational technology (OT). This malware gained attention in ... Read more
-
Cybersecurity News
New Attack Vector: Misconfigured Jupyter Servers Targeted for Illegal Streaming
Aqua Nautilus security researchers have uncovered a novel attack vector where threat actors exploit misconfigured servers, particularly JupyterLab and Jupyter Notebook environments, to hijack computin ... Read more
-
Cybersecurity News
Critical Vulnerability in D-Link EOL Routers Allows Remote Code Execution
D-Link has issued a security announcement concerning several End-of-Life (EOL) and End-of-Service (EOS) router models, including the DSR-150, DSR-150N, DSR-250, and DSR-250N. The advisory highlights a ... Read more
-
huntress.com
You Can Run, But You Can’t Hide: Defender Exclusions | Huntress
The endpoint team at Huntress is focused on providing telemetry and protections around real adversary threats. One thing we've noticed that's often overlooked is adversaries leveraging Microsoft Defen ... Read more
-
TheCyberThrone
CISA adds VMware twin flaws to KEV Catalog
The US CISA has added VMware vulnerabilities to its Known Exploited Vulnerability Catalog based on the evidence of active exploitation. A detailed write-up about these vulnerabilities has been already ... Read more
-
BleepingComputer
Ubuntu Linux impacted by decade-old 'needrestart' flaw that gives root
Five local privilege escalation (LPE) vulnerabilities have been discovered in the needrestart utility used by Ubuntu Linux, which was introduced over 10 years ago in version 21.04. The flaws were disc ... Read more
-
TheCyberThrone
Apple addressed twin flaws with an emergency patch release
Apple has released security patches to address vulnerabilities in its products that are being actively exploited by cybercriminalsThe first vulnerability tracked as CVE-2024-44308 stems in the JavaScr ... Read more
-
The Register
Google's AI bug hunters sniff out two dozen-plus code gremlins that humans missed
Google's OSS-Fuzz project, which uses large language models (LLMs) to help find bugs in code repositories, has now helped identify 26 vulnerabilities, including a critical flaw in the widely used Open ... Read more
-
Google Online Security Blog
Leveling Up Fuzzing: Finding more vulnerabilities with AI
Recently, OSS-Fuzz reported 26 new vulnerabilities to open source project maintainers, including one vulnerability in the critical OpenSSL library (CVE-2024-9143) that underpins much of internet infra ... Read more