Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
macOS Vulnerability CVE-2024-54527 Unveiled: TCC Bypass PoC Exploit Code Released
A detailed technical and a proof-of-concept (PoC) exploit code from security researcher Mickey Jin has unveiled a critical TCC (Transparency, Consent, and Control) bypass vulnerability in macOS, CVE-2 ... Read more
-
Cybersecurity News
Mutiple Vulnerabilities Found in Palo Alto Networks Expedition Tool
Palo Alto Networks has issued a security advisory addressing multiple vulnerabilities in its Expedition migration tool, which could expose sensitive data and allow unauthorized actions on affected sys ... Read more
-
Cybersecurity News
GitLab Tackles Critical Security Flaws in Latest Patch Release
GitLab, the popular DevOps platform, has released a patch update addressing several security vulnerabilities affecting its import functionality and other core features. Versions 17.7.1, 17.6.3, and 17 ... Read more
-
Cybersecurity News
Apache OpenMeetings Users Urged to Patch Critical Flaw – CVE-2024-54676 (CVSS 9.8)
A critical security vulnerability (CVE-2024-54676, CVSS 9.8) has been discovered in Apache OpenMeetings, a popular open-source platform for video conferencing and online collaboration. The flaw could ... Read more
-
Cybersecurity News
MirrorFace: Unmasking the Chinese Cyber Espionage Group Targeting Japan
On January 8, 2025, the Japanese National Police Agency (NPA) issued a critical warning regarding ongoing cyberattacks attributed to the MirrorFace group, also known as “Earth Kasha.” Active since 201 ... Read more
-
Cybersecurity News
CVE-2024-54006 & CVE-2024-54007: Command Injection Flaws in HPE Aruba Devices, PoC Publicly Available
HPE Aruba Networking has issued a security advisory addressing multiple command injection vulnerabilities in its 501 Wireless Client Bridge. These flaws, tracked as CVE-2024-54006 and CVE-2024-54007, ... Read more
-
Cybersecurity News
CVE-2024-5594 (CVSS 9.1): Critical Vulnerability in OpenVPN Enables Code Execution
The open-source VPN software OpenVPN has patched three significant vulnerabilities in OpenVPN 2.6.11, released on June 21, 2024. While the initial announcement mentioned security fixes, the severity o ... Read more
-
Cybersecurity News
CVE-2024-46622 (CVSS 9.8): SecureAge Security Suite Patches Critical Privilege Escalation Flaw
SecureAge Technology has released updates to address a critical privilege escalation vulnerability in its SecureAge Security Suite. The vulnerability, tracked as CVE-2024-46622 and assigned a CVSS sco ... Read more
-
TheCyberThrone
CVE-2025-0282: Affecting Ivanti Products
OverviewCVE-2025-0282 is a critical stack-based buffer overflow vulnerability. It impacts Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Neurons for Zero Trust Access (ZTA) gateways. This vul ... Read more
-
Trend Micro
Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
In December 2024, two critical vulnerabilities in Microsoft's Windows Lightweight Directory Access Protocol (LDAP) were addressed via Microsoft’s monthly Patch Tuesday release. Both vulnerabilities we ... Read more