Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Cyber Express
AI Red Teaming in Focus: Why CISA Advocates a Secure by Design Approach
Artificial Intelligence (AI) has become a critical enabler across sectors, reshaping industries from healthcare to transportation. However, with its transformative potential comes a spectrum of safety ... Read more
-
Cybersecurity News
CVE-2024-0130: NVIDIA Patches High-Severity Vulnerability in UFM Products
NVIDIA has recently released a firmware update to address a high-severity vulnerability affecting its UFM Enterprise, UFM Appliance, and UFM CyberAI products. The vulnerability, identified as CVE-2024 ... Read more
-
Cybersecurity News
RomCom Exploits Zero-Days in Firefox (CVE-2024-9680) & Windows (CVE-2024-49039) with No User Interaction
Exploit chain to compromise the victim | Image: ESETIn a recent cybersecurity report, ESET researchers have unveiled a coordinated attack by the Russia-aligned threat actor RomCom, exploiting zero-day ... Read more
-
Cybersecurity News
macOS Vulnerability (CVE-2023-32428) Grants Root Access, PoC Published
Image: GergelySecurity researcher Gergely Kalman has detailed a high-severity vulnerability in Apple’s MallocStackLogging framework that could allow attackers to gain local privilege escalation (LPE) ... Read more
-
TheCyberThrone
Russian RomCom exploiting twin bugs
Security researchers at ESET have uncovered an attack chain that exploitis multiple vulnerabilities to deploy the RomCom backdoor without requiring any user interaction.RomCom, also known as Tropical ... Read more
-
Cybersecurity News
CVE-2024-8114: GitLab Vulnerability Allows Privilege Escalation
GitLab has released critical security updates to address multiple vulnerabilities affecting its Community Edition (CE) and Enterprise Edition (EE) products. Versions 17.6.1, 17.5.3, and 17.4.5 contain ... Read more
-
Cybersecurity News
VMware Aria Operations Hit By Multiple Vulnerabilities
VMware has recently issued patches to address multiple vulnerabilities affecting its Aria Operations product. The vulnerabilities, responsibly reported to VMware, range in severity from Important to M ... Read more
-
Cybersecurity News
CVE-2024-21887 and More: How Earth Estries APT Group Exploits VPNs & Servers
Campaign Alpha overview | Image: Trend MicroIn a detailed report from Trend Micro, the Chinese advanced persistent threat (APT) group Earth Estries, also known by aliases like Salt Typhoon and GhostEm ... Read more
-
Cybersecurity News
CVE-2024-41779 (CVSS 9.8): IBM Rhapsody Model Manager Vulnerability Puts Systems at Risk
IBM has recently released a security bulletin addressing a critical vulnerability in IBM Engineering Systems Design Rhapsody – Model Manager (RMM). The vulnerability, identified as CVE-2024-41779 with ... Read more
-
BleepingComputer
New NachoVPN attack uses rogue VPN servers to install malicious updates
A set of vulnerabilities dubbed "NachoVPN" allows rogue VPN servers to install malicious updates when unpatched Palo Alto and SonicWall SSL-VPN clients connect to them. AmberWolf security researchers ... Read more