CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
CyberVolk: From Hacktivism to Ransomware – Researcher Exposes New Threat
CyberVolk dialog window | Image: Rapid7Cybersecurity researchers at Rapid7 Labs have released a detailed report on CyberVolk, a politically motivated hacktivist group that transitioned into using rans ... Read more
-
Cybersecurity News
Researchers Detail Ruby-SAML/GitLab Flaw (CVE-2024-45409) Allows SAML Authentication Bypass
In a recent analysis conducted by Harsh Jaiswal and Rahul Maini at ProjectDiscovery, a critical vulnerability, CVE-2024-45409, was uncovered, exposing a flaw in Ruby-SAML and OmniAuth-SAML libraries, ... Read more
-
InfoSec Write-ups
High-Risk Vulnerabilities in Apache HTTP Server’s mod_proxy Encoding Problem Allow Authentication…
Apache HTTP Server — ACL BypassCVE-2024–38473 Overview:Description:The vulnerability is due to an encoding problem in mod_proxy, which allows request URLs with incorrect encoding to be sent to backend ... Read more
-
Critical Vulnerabilities in porte_plume plugin to Remote Exploits -$$$$ Bounty -CVE-2024–7954
Description:The porte_plume plugin, utilized by SPIP versions prior to 4.30-alpha2, 4.2.13, and 4.1.16, is susceptible to a critical arbitrary code execution (RCE) vulnerability. This flaw allows a re ... Read more
-
HTB | Editorial — SSRF and CVE-2022–24439
This is a Linux box. You can find it here.Skill LearnedSSRFgitCVE-2022–24439NMAPIP:10.10.11.11nmap -sT -p- --min-rate 10000 10.10.11.20nmap -sC -sV -p 22,80 10.10.11.20nmapPort 80let’s visit port 80po ... Read more
-
TheCyberThrone
Apple fixes critical bugs in iOS 18
If you have any Apple devices running iOS 18, then make sure they have the latest patches installed.Apple has released an urgent iOS 18.0.1 and iPadOS 18.0.1 updates to fix two vulnerabilities, respec ... Read more
-
Help Net Security
Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: October 2024 Patch Tuesday forecast: Recall can be recalled October arrived, and Microsoft started the ... Read more
-
TheCyberThrone
PoC for Microsoft Office Zeroday CVE-2024-38200 released
Security researcher Metin Yunus Kandemir have released the technical details and a PoC exploit that reveals a critical information disclosure flaw in Microsoft Office. This vulnerability, which affect ... Read more
-
The Hacker News
Apple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password Vulnerability
Data Privacy / Mobile Security Apple has released iOS and iPadOS updates to address two security issues, one of which could have allowed a user's passwords to be read out aloud by its VoiceOver assist ... Read more
-
TheCyberThrone
CISA adds Zimbra Vulnerability CVE-2024-45519 to its KEV Catalog
The US CISA has added Synacor Zimbra vulnerability to its Known Exploited Vulnerabilities Catalog based on the evidence of active exploitation.The vulnerability tracked as CVE-2024-45519 with a CVSS s ... Read more