Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
CVE-2024-47374: LiteSpeed Cache Plugin Flaw Threatens Millions of WordPress Sites
A significant security vulnerability has been discovered in the LiteSpeed Cache plugin for WordPress, a widely used tool with over 6 million active installations. The flaw is an unauthenticated stored ... Read more
-
Cybersecurity News
DrayTek Patched Multi Flaws in Routers, Including CVE-2024-41592 (CVSS 10.0)
Potential attack scenarios | Image: ForescoutExperts from Forescout have uncovered 14 vulnerabilities in DrayTek routers, potentially allowing malicious actors to gain full access to these devices and ... Read more
-
Dark Reading
Near-'perfctl' Fileless Malware Targets Millions of Linux Servers
Source: J Poulssen via Alamy Stock PhotoA multipurpose and mysterious malware dropper has been terrorizing Linux servers worldwide for years, infecting untold thousands of victims with cryptomining an ... Read more
-
Ars Technica
Attackers exploit critical vulnerability recently patched in Zimbra servers
Attackers are actively exploiting a critical vulnerability in mail servers sold by Zimbra in an attempt to remotely execute malicious commands that install a backdoor, researchers warn. The vulnerabil ... Read more
-
Ars Technica
Attackers exploit critical Zimbra vulnerability using cc’d email addresses
Attackers are actively exploiting a critical vulnerability in mail servers sold by Zimbra in an attempt to remotely execute malicious commands that install a backdoor, researchers warn. The vulnerabil ... Read more
-
The Register
700K+ DrayTek routers are sitting ducks on the internet, open to remote hijacking
Fourteen newly found bugs in DrayTek Vigor routers — including one critical remote-code-execution flaw that received a perfect 10 out of 10 CVSS severity rating — could be abused by crooks looking to ... Read more
-
Dark Reading
Unix Printing Vulnerabilities Enable Easy DDoS Attacks
Source: sofiacorte via ShutterstockIt turns out that remote code execution is not the only way attackers can leverage a critical set of four vulnerabilities that a researcher recently disclosed in the ... Read more
-
The Register
Two simple give-me-control security bugs found in Optigo network switches used in critical manufacturing
Two trivial but critical security holes have been found in Optigo's Spectra Aggregation Switch, and so far no patch is available. The vulnerabilities, both with CVSS v4 severity scores of 9.3, can be ... Read more
-
BleepingComputer
Critical Ivanti RCE flaw with public exploit now used in attacks
CISA warned today that a critical Ivanti vulnerability that can let threat actors gain remote code execution on vulnerable Endpoint Manager (EPM) appliances is now actively exploited in attacks. Ivant ... Read more
-
Palo Alto Networks Blog
The Top 5 Largest Scale Intrusions in 2023
What Powered Them? Large-scale cyber intrusions increased during 2023, exploiting vulnerabilities in web applications and internet-facing software. Attackers favored this attack vector even more than ... Read more