Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
New NachoVPN attack uses rogue VPN servers to install malicious updates
A set of vulnerabilities dubbed "NachoVPN" allows rogue VPN servers to install malicious updates when unpatched Palo Alto and SonicWall SSL-VPN clients connect to them. AmberWolf security researchers ... Read more
-
Dark Reading
'RomCom' APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor
Source: Collection Chrisophel via Alamy Stock PhotoFor a brief window of time in October, Russian hackers had the ability to launch arbitrary code against anyone in the world using Firefox or Tor.On O ... Read more
-
Dark Reading
Salt Typhoon Builds Out Malware Arsenal With GhostSpider
Source: 3D generator via Alamy Stock PhotoThe Chinese threat actor known as Salt Typhoon has been spying on some high-value government and telecommunications organizations for several years now, recen ... Read more
-
Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News
‘Matrix’ Hackers Deploy Massive New IoT Botnet for DDoS Attacks
Aqua Nautilus researchers have discovered a campaign powering a series of large-scale DDoS attacks launched by Matrix, which could be a Russian threat actor. Learn about the vulnerabilities exploited, ... Read more
-
Help Net Security
Researchers reveal exploitable flaws in corporate VPN clients
Researchers have discovered vulnerabilities in the update process of Palo Alto Networks (CVE-2024-5921) and SonicWall (CVE-2024-29014) corporate VPN clients that could be exploited to remotely execute ... Read more
-
BleepingComputer
Hackers exploit critical bug in Array Networks SSL VPN products
America's cyber defense agency has received evidence of hackers actively exploiting a remote code execution vulnerability in SSL VPN products Array Networks AG and vxAG ArrayOS. The security issue is ... Read more
-
The Hacker News
Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks
Vulnerability / Website Security Two critical security flaws impacting the Spam protection, Anti-Spam, and FireWall plugin WordPress could allow an unauthenticated attacker to install and enable malic ... Read more
-
security.nl
Aanvallers combineerden Firefox- en Windows-lek voor verspreiding backdoor
Aanvallers hebben een kwetsbaarheid in Mozilla Firefox en Windows gecombineerd voor het automatisch infecteren van gebruikers met een backdoor, zo laat antivirusbedrijf ESET weten. Op het moment van d ... Read more
-
BleepingComputer
Firefox and Windows zero-days exploited by Russian RomCom hackers
Russian-based RomCom cybercrime group chained two zero-day vulnerabilities in recent attacks targeting Firefox and Tor Browser users across Europe and North America. The first flaw (CVE-2024-9680) is ... Read more
-
The Cyber Express
CISA Adds Array Networks’ CVE-2023-28461 to KEV List: Critical Patching Urged
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently added a critical security flaw, CVE-2023-28461, to its Known Exploited Vulnerabilities (KEV) catalog. This vulnerability i ... Read more