Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
- Cybersecurity News
Threat Actors Exploiting Misconfigured Docker Remote API Servers with Gafgyt Malware
Trend Micro Research has revealed a significant evolution in the behavior of the Gafgyt malware (also known as Bashlite or Lizkebab), which is now targeting misconfigured Docker Remote API servers. Th ... Read more
- Cybersecurity News
Google Chrome Addresses High-Severity Flaw in V8 JavaScript Engine (CVE-2024-12053)
Google has released a security update for its Chrome web browser to mitigate a high-severity “type confusion” vulnerability (CVE-2024-12053) residing within the V8 JavaScript engine. This vulnerabilit ... Read more
- Cybersecurity News
Protect Your Network: Zyxel Issues Firmware Updates
Zyxel Networks has released firmware updates to address multiple vulnerabilities affecting a range of its networking products, including 4G LTE/5G NR CPEs, DSL/Ethernet CPEs, fiber ONTs, and WiFi exte ... Read more
- TheCyberThrone
CISA KEV Catalog Update Part I – December 2024
The US CISA has added the below vulnerabilities to its Known Exploited Vulnerabilities Catalog based on the evidence of active exploitation.CVE-2023-45727 Tracked as CWE-611, North Grid Proself Enterp ... Read more
- Trend Micro
The Road to Agentic AI: Exposed Foundations
Report highlights: Retrieval augmented generation (RAG) enables enterprises to build customized, efficient, and cost-effective applications based on private data. However, research reveals significant ... Read more
- The Register
Perfect 10 directory traversal vuln hits SailPoint's IAM solution
Updated It's time to rev up those patch engines after SailPoint disclosed a perfect 10/10 severity vulnerability in its identity and access management (IAM) platform IdentityIQ. The bug is not attache ... Read more
- Dark Reading
Decade-Old Cisco Vulnerability Under Active Exploit
Source: Kristoffer Tripplaar via Alamy Stock PhotoNEWS BRIEFCisco is warning customers of a security vulnerability impacting its Adaptive Security Appliance (ASA) that is actively being exploited by t ... Read more
- BleepingComputer
Exploit released for critical WhatsUp Gold RCE flaw, patch now
A proof-of-concept (PoC) exploit for a critical-severity remote code execution flaw in Progress WhatsUp Gold has been published, making it critical to install the latest security updates as soon as po ... Read more
- BleepingComputer
Veeam warns of critical RCE bug in Service Provider Console
Veeam released security updates today to address two Service Provider Console (VSPC) vulnerabilities, including a critical remote code execution (RCE) discovered during internal testing. VSPC, descri ... Read more
- Help Net Security
Veeam plugs serious holes in Service Provider Console (CVE-2024-42448, CVE-2024-42449)
Veeam has fixed two vulnerabilities in Veeam Service Provider Console (VSPC), one of which (CVE-2024-42448) may allow remote attackers to achieve code exection on the VSPC server machine. The vulnerab ... Read more