Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
objective-see.org
Rootpipe Reborn (Part II)
Rootpipe Reborn (Part II) CVE-2019-8565 feedback assistant race condition, leads to root April 22, 2019 In this guest blog post, the talented @CodeColorist writes about yet another neat macOS vulnerab ... Read more
-
objective-see.org
Sniffing Authentication References on macOS
Sniffing Authentication References on macOS details of a privilege-escalation vulnerability (CVE-2017-7170) by: Patrick Wardle / March 16, 2020 Our research, tools, and writing, are supported by the " ... Read more
-
TheCyberThrone
Progress fixes Critical Vulnerability in Telerik -CVE-2024-6327
Progress Software’s has fixed two vulnerabilities in Telerik Reporting tools that could lead to full system compromise and allow attackers to remotely execute code or inject malicious objects into aff ... Read more
-
Help Net Security
Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
A critical-severity Docker Engine vulnerability (CVE-2024-41110) may be exploited by attackers to bypass authorization plugins (AuthZ) via specially crafted API request, allowing them to perform unaut ... Read more
-
Cyber Security News
6600+ Vulnerable GeoServer instances Exposed to the Internet
Security analysts have identified 6,635 GeoServer instances exposed to the Internet, which makes them vulnerable to critical remote code execution (RCE) attacks. A recent tweet from the Shadowserver F ... Read more
-
Cyber Security News
Progress Telerik Report Server Flaw Let Attackers Execute Remote Code
A critical security vulnerability has been discovered in the Progress® Telerik® Report Server, potentially allowing attackers to execute remote code on affected systems. The flaw, identified as CVE-20 ... Read more
-
Cyber Security News
GitLab Patched XSS Vulnerability that Lets Attackers to Execute Arbitrary Code
GitLab has released new Community Edition (CE) and Enterprise Edition (EE) versions to address multiple vulnerabilities. Among these, a high-severity cross-site scripting (XSS) vulnerability has garne ... Read more
-
The Hacker News
Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins
Container Security / Vulnerability Docker is warning of a critical flaw impacting certain versions of Docker Engine that could allow an attacker to sidestep authorization plugins (AuthZ) under specifi ... Read more
-
TheCyberThrone
Microsoft SmartScreen bug exploited in an infostealer campaign
Researchers have uncovered an info stealer campaign targeting Microsoft Windows users. This campaign exploits a known vulnerability to bypass security measures and steal sensitive data.The vulnerabili ... Read more
-
Cyber Security News
BIND DNS Vulnerability Lets Attackers Flood Server With DNS Messages
The Internet Systems Consortium (ISC) has released critical security advisories addressing multiple vulnerabilities in the Berkeley Internet Name Domain (BIND) 9 software, a cornerstone of the Domain ... Read more