Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
CVE-2024-49112 (CVSS 9.8): Critical Windows LDAP Flaw Puts Networks at Risk of Remote Takeover
Microsoft has disclosed a critical Remote Code Execution (RCE) vulnerability in its Lightweight Directory Access Protocol (LDAP) service, tracked as CVE-2024-49112. Released as part of the company’s D ... Read more
-
Cybersecurity News
Hackers exploit critical Apache Struts RCE flaw (CVE-2024-53677) after PoC exploit release
Threat actors have begun exploiting a critical vulnerability in the Apache Struts framework, CVE-2024-53677, just days after a proof-of-concept (PoC) exploit was published online. Rated 9.5 on the CVS ... Read more
-
Cybersecurity News
CVE-2024-55661: RCE Vulnerability Discovered in Laravel Pulse Monitoring Tool
A serious security flaw has been discovered in Laravel Pulse, a popular real-time application performance monitoring and dashboard tool for Laravel applications. Tracked as CVE-2024-55661, this vulner ... Read more
-
Cybersecurity News
Critical Windows and Adobe ColdFusion Vulnerabilities Actively Exploited in the Wild, PoC Exploit Published
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about two critical vulnerabilities being actively exploited by malicious actors. These flaws, impacting bo ... Read more
-
Cybersecurity News
CVE-2024-55875 (CVSS 9.8): Critical XXE Vulnerability Found in http4k Toolkit
A critical XML External Entity (XXE) Injection vulnerability, identified as CVE-2024-55875, has been discovered in the http4k toolkit, a lightweight HTTP framework written in Kotlin. With a CVSS score ... Read more
-
Cybersecurity News
Voice Phishing on Microsoft Teams Facilitates DarkGate Malware Attack
Trend Micro has revealed a new vector for cyberattacks: voice phishing (vishing) conducted via Microsoft Teams. This tactic was recently employed to distribute DarkGate malware, a sophisticated threat ... Read more
-
The Register
Ransomware scum blow holes in Cleo software patches, Cl0p (sort of) claims responsibility
Supply chain integration vendor Cleo has urged its customers to upgrade three of its products after an October security update was circumvented, leading to widespread ransomware attacks that Russia-li ... Read more
-
BleepingComputer
FBI spots HiatusRAT malware attacks targeting web cameras, DVRs
The FBI warned today that new HiatusRAT malware attacks are now scanning for and infecting vulnerable web cameras and DVRs that are exposed online. As a private industry notification (PIN) published o ... Read more
-
BleepingComputer
Windows kernel bug now exploited in attacks to gain SYSTEM privileges
CISA has warned U.S. federal agencies to secure their systems against ongoing attacks targeting a high-severity Windows kernel vulnerability. Tracked as CVE-2024-35250, this security flaw is due to an ... Read more
-
Hackread - Latest Cybersecurity, Tech, Crypto & Hacking News
Cl0p Ransomware Exploits Cleo Vulnerability, Threatens Data Leaks
SUMMARY Cleo Vulnerability Exploited: The Cl0p ransomware group claims to have exploited a critical vulnerability in Cleo’s managed file transfer software, targeting businesses globally. Data Leak Thr ... Read more