Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
huntress.com
Bitter Pill: Pharmaceutical Vendor Linked to Pharmacy and Health Clinic Cyberattack | Huntress
In a concerning development within the healthcare sector, Huntress has identified a series of unauthorized access that signifies internal reconnaissance and preparation for additional threat actor act ... Read more
-
huntress.com
Confluence to Cerber: Exploitation of CVE-2023-22518
On October 31, 2023, Atlassian published patches and an advisory for CVE-2023-22518, an improper authorization vulnerability affecting Confluence Data Center and Confluence Server. Later, on November ... Read more
-
cert.pl
Vulnerability in Apereo CAS software
CVE ID CVE-2023-4612 Publication date 03 November 2023 Vendor Apereo Foundation Product CAS Vulnerable versions All through 7.0.0-RC7 Vulnerability type (CWE) Improper Authentication (CWE-287) Report ... Read more
-
huntress.com
Critical Vulnerability: Exploitation of Apache ActiveMQ CVE-2023-46604 | Huntress
A partner recently deployed Huntress agents on October 30, 2023, after experiencing a “HelloKitty” ransomware attack on October 27. This ransomware attack followed closely with what was described by R ... Read more
-
huntress.com
Critical Vulnerability: Exploitation of Apache ActiveMQ CVE-2023-46604 | Huntress
A partner recently deployed Huntress agents on October 30, 2023, after experiencing a “HelloKitty” ransomware attack on October 27. This ransomware attack followed closely with what was described by R ... Read more
-
0patch.com
Micropatches Released For Microsoft Office Security Feature Bypass (CVE-2023-33150) - Plus a Small 0day
In July 2023, Microsoft released a patch for CVE-2023-33150, a vulnerability in Microsoft Office that allowed an attacker to create a malicious Word document which would not open in Protected View eve ... Read more
-
Google
Government-backed actors exploiting WinRAR vulnerability
K Kate Morgan Threat Analysis Group In recent weeks, Google’s Threat Analysis Group’s (TAG) has observed multiple government-backed hacking groups exploiting the known vulnerability, CVE-2023-38831, i ... Read more
-
cert.pl
Vulnerability in SmodBIP software
CVE ID CVE-2023-4837 Publication date 10 October 2023 Vendor Jan Syski Product SmodBIP Vulnerable versions All Vulnerability type (CWE) Cross-Site Request Forgery (CWE-352) Report source Own research ... Read more
-
0patch.com
Micropatches Released For Two Windows CNG Key Isolation Service Vulnerabilities (CVE-2023-28229, CVE-2023-36906)
Last month, security researcher @k0shl of Cyber Kunlun published a proof-of-concept for CVE-2023-28229, an elevation of privilege vulnerability in CNG Key Isolation Service. The same POC also demonstr ... Read more
-
cert.pl
Vulnerability in UptimeDC software
CVE ID CVE-2023-4997 Publication date 04 October 2023 Vendor ProIntegra S.A Product UptimeDC Vulnerable versions All below 2.0.0.33940 Vulnerability type (CWE) Missing Authorization (CWE-862) Report s ... Read more