Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
ShadowLogic: The Codeless Backdoor Threatening AI Supply Chains
In a major development in AI cybersecurity, the HiddenLayer Security AI (SAI) team has uncovered a groundbreaking method for embedding backdoors in machine learning models, dubbed ShadowLogic. This ne ... Read more
-
Cybersecurity News
Ragic Enterprise Cloud Database Patches Multi Flaws, Including CVE-2024-9984 (CVSS 9.8)
Taiwan’s Computer Emergency Response Team (TWCERT/CC) has issued a warning regarding multiple vulnerabilities discovered in the Ragic Enterprise Cloud Database, a popular no-code platform for building ... Read more
-
TheCyberThrone
Kubernetes fixes Critical Vulnerability CVE-2024-9486
The Kubernetes Security Response Committee has disclosed two security vulnerabilities in the Kubernetes Image Builder that could allow attackers to gain root access to virtual machines. The vulnerabil ... Read more
-
Cybersecurity News
Matrix Discloses High-Severity Vulnerabilities in Encryption Key Sharing
The Matrix.org Security Team has recently disclosed two high-severity vulnerabilities impacting the matrix-js-sdk and matrix-react-sdk. These vulnerabilities, related to MSC3061 (a specification for s ... Read more
-
Cybersecurity News
Apache CloudStack Patches Critical Security Flaws in Latest Release
The Apache CloudStack project has announced the release of LTS security releases 4.18.2.4 and 4.19.1.2 to address four security vulnerabilities, including two rated as “Important.” CloudStack is a pop ... Read more
-
BleepingComputer
Iranian hackers act as brokers selling critical infrastructure access
Iranian hackers are breaching critical infrastructure organizations to collect credentials and network data that can be sold on cybercriminal forums to enable cyberattacks from other threat actors. Go ... Read more
-
BleepingComputer
Google: 70% of exploited flaws disclosed in 2023 were zero-days
Google Mandiant security analysts warn of a worrying new trend of threat actors demonstrating a better capability to discover and exploit zero-day vulnerabilities in software. Specifically, of the 138 ... Read more
-
The Register
Critical default credential bug in Kubernetes Image Builder allows SSH root access
A critical bug in Kubernetes Image Builder could allow unauthorized SSH access to virtual machines (VMs) thanks to default credentials being enabled during the image build process. Image Builder is a ... Read more
-
The Register
SolarWinds critical hardcoded credential bug under active exploit
A critical, hardcoded login credential in SolarWinds' Web Help Desk line has been exploited in the wild by criminals, according to the US Cybersecurity and Infrastructure Security Agency, which has ad ... Read more
-
BleepingComputer
SolarWinds Web Help Desk flaw is now exploited in attacks
CISA has added three flaws to its 'Known Exploited Vulnerabilities' (KEV) catalog, among which is a critical hardcoded credentials flaw in SolarWinds Web Help Desk (WHD) that the vendor fixed in late ... Read more