Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
Grafana Vulnerability CVE-2024-9264: PoC Exploit Released for 9.9-Rated Critical Flaw
The researcher published the technical details and proof-of-concept (PoC) exploit code for CVE-2024-9264 – a critical vulnerability in Grafana—an open-source, multi-platform analytics, and visualizati ... Read more
-
The Cyber Express
IoT Vulnerabilities Exposed: Philips Smart Bulbs Pose Risks to Home Wi-Fi Security
In an era where the Internet of Things (IoT) promises convenience and efficiency, the rapid adoption of smart home technology comes with hidden security risks. From smart fridges to light bulbs, IoT d ... Read more
-
The Hacker News
Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel
A new attack technique could be used to bypass Microsoft's Driver Signature Enforcement (DSE) on fully patched Windows systems, leading to operating system (OS) downgrade attacks. "This bypass allows ... Read more
-
Cybersecurity News
Synology Fixes Critical Vulnerabilities in Synology Photos and BeePhotos After Pwn2Own Exposure
Synology has released security updates to address critical vulnerabilities in Synology Photos and BeePhotos, its photo management applications for network-attached storage (NAS), and personal cloud st ... Read more
-
Cybersecurity News
CVE-2022-45157 (CVSS 9.1): Critical Security Flaw in Rancher Exposes vSphere Credentials in Plaintext
Image: SUSEThe SUSE Rancher Security team has recently issued a high-severity advisory, CVE-2022-45157, warning users of a critical vulnerability affecting Rancher’s handling of vSphere’s Cloud Provid ... Read more
-
Cybersecurity News
Researcher Details CVE-2024-38812 (CVSS 9.8): Critical RCE Flaw in VMware vCenter
The SonicWall Capture Labs Threat Research Team has published an in-depth analysis of CVE-2024-38812, a critical heap-overflow vulnerability found in VMware vCenter Server. This vulnerability affects ... Read more
-
Cybersecurity News
WhatsUp Gold Users Beware: Critical Authentication Bypass Flaw Exposed – CVE-2024-7763 (CVSS 9.8)
Progress Software has disclosed a severe new vulnerability in its popular network monitoring solution, WhatsUp Gold, that exposes organizations to potential cyberattacks by allowing unauthorized acces ... Read more
-
Cybersecurity News
Healthcare Under Fire: HeptaX Campaign Steals and Manipulates Sensitive Data
Infection chain | Image: CRILCyble Research and Intelligence Labs (CRIL) has recently uncovered a covert and sophisticated cyberespionage campaign dubbed “HeptaX,” which exploits Remote Desktop Protoc ... Read more
-
TheCyberThrone
Siemens fixes Critical Vulnerability CVE-2024-47901
Siemens has released patches for multiple vulnerabilities in its InterMesh wireless alarm reporting system that could allow an unauthenticated, remote attacker to execute arbitrary code with root priv ... Read more
-
InfoSec Write-ups
CVE-2024–25600: WordPress Bricks Builder Remote Code Execution Vulnerability -$$$$ BOUNTY
Overview:The CVE-2024–25600 vulnerability is a high-severity flaw in the Bricks Builder plugin for WordPress, disclosed on February 26, 2024. It allows unauthenticated remote code execution (RCE), per ... Read more