Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
66,000 DrayTek Gateways Vulnerable to Remote Command Injection (CVE-2024-12987), PoC Published
Security researcher Netsecfish has discovered a command injection vulnerability, tracked as CVE-2024-12987, in the web management interface of popular DrayTek gateway devices. This flaw could enable a ... Read more
-
Cybersecurity News
Stealthy UEFI Bootkit Targets Windows Kernel, Raising Security Concerns
Security researchers NSG650 and Pdawg have unveiled a proof-of-concept UEFI bootkit that exploits a critical firmware function to compromise the Windows kernel during the boot process. This bootkit de ... Read more
-
Cybersecurity News
IBM’s HashiCorp Acquisition Under Scrutiny: CMA Investigates Competition Concerns
The United Kingdom’s Competition and Markets Authority (CMA) recently announced that it would launch an investigation into IBM’s $6.4 billion acquisition of HashiCorp, a software company specializing ... Read more
-
huntress.com
2024: Revisiting a Year in Threats | Huntress
Before you pop the bubbly and count down to a new year, let’s reminisce for a moment. Looking back on the past 365 days, it was clear cybercriminals had no intention of slowing down. But neither did w ... Read more
-
BleepingComputer
US Treasury Department breached through remote support platform
Chinese state-sponsored threat actors hacked the U.S. Treasury Department after breaching a remote support platform used by the federal agency. In a letter sent to lawmakers and seen by the New York T ... Read more
-
BleepingComputer
Hackers exploit Four-Faith router flaw to open reverse shells
Threat actors are exploiting a post-authentication remote command injection vulnerability in Four-Faith routers tracked as CVE-2024-12856 to open reverse shells back to the attackers. The malicious ac ... Read more
-
The Hacker News
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips
Cybersecurity / Hacking News Every week, the digital world faces new challenges and changes. Hackers are always finding new ways to breach systems, while defenders work hard to keep our data safe. Whe ... Read more
-
The Cyber Express
Microsoft, Ivanti, and More: 2024 KEV Catalog Highlights Vendor Vulnerabilities
In 2024, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) continued to build on its critical cybersecurity initiative by expanding its Known Exploited Vulnerabilities (KEV) catalog. Th ... Read more
-
TheCyberThrone
CVE-2024-56512 impacts Apache NiFi
CVE-2024-56512 is a security vulnerability identified in Apache NiFi, specifically affecting versions 1.10.0 through 2.0.0. This vulnerability is due to missing fine-grained authorization checks when ... Read more
-
cert.pl
Vulnerability in Infinix Mobile Weather application
CVE ID CVE-2024-12993 Publication date 30 December 2024 Vendor Infinix Mobile Product com.rlk.weathers Vulnerable versions 7.0.0.037 Vulnerability type (CWE) Exposure of Sensitive System Information t ... Read more