Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
CVE-2024-10924 (CVSS 9.8): Authentication Bypass in Really Simple Security Plugin Affects 4 Million Sites
The Wordfence Threat Intelligence team identified a severe authentication bypass vulnerability (CVE-2024-10924) in the Really Simple Security plugin, including its Pro and Pro Multisite versions. This ... Read more
-
Cybersecurity News
CISA Flags Critical Exploits in Palo Alto Networks’ Expedition with Public PoC Code
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about two critical vulnerabilities in Palo Alto Networks Expedition that malicious actors are actively exploiti ... Read more
-
Cybersecurity News
macOS Security Compromised: Novel Exploit Bypasses Sandbox Protections
A newly discovered vulnerability in macOS could allow attackers to bypass critical security mechanisms and gain unauthorized access to sensitive files. This revelation comes from independent security ... Read more
-
Cybersecurity News
LodaRAT Strikes Again: New Campaign Targets Global Victims with Updated Capabilities
Researchers at Rapid7 have uncovered a fresh campaign using LodaRAT, a well-known remote access tool (RAT) that has been active since 2016. Initially developed for information gathering, LodaRAT has b ... Read more
-
The Register
Fortinet patches VPN app flaw that could give rogue users, malware a privilege boost
A now-patched, high-severity bug in Fortinet's FortiClient VPN application potentially allows a low-privilege rogue user or malware on a vulnerable Windows system to gain higher privileges from anothe ... Read more
-
BleepingComputer
CISA warns of more Palo Alto Networks bugs exploited in attacks
CISA warned today that two more critical security vulnerabilities in Palo Alto Networks' Expedition migration tool are now actively exploited in the wild. Attackers can use the two unauthenticated com ... Read more
-
Dark Reading
Varonis Warns of Bug Discovered in PostgreSQL PL/Perl
Source: tofino via Alamy Stock PhotoResearchers at Varonis discovered a vulnerability within Postgres language extension PL/Perl, allowing a user to set arbitrary environment variables in PostgreSQL s ... Read more
-
InfoSec Write-ups
The Story of Finding and Mitigating CVE-2021–42063 Vulnerability in Lenovo’s SAP Knowledge…
In the world of cybersecurity, vulnerabilities can pose significant threats to organizations and their sensitive data. A recent discovery involving Lenovo’s SAP Knowledge Warehouse, specifically versi ... Read more
-
security.nl
WordPress.org forceert update wegens kritiek lek in Really Simple Security
Een kritieke kwetsbaarheid in Really Simple Security, een plug-in voor WordPress, maakt het mogelijk om websites op afstand over te nemen. Vanwege de impact heeft WordPress.org besloten om de update, ... Read more
-
cert.pl
Vulnerability in TCL Camera software
CVE ID CVE-2024-11136 Publication date 14 November 2024 Vendor TCL Product Camera Vulnerable versions v6.00.04.0067.3.0 Vulnerability type (CWE) Path Traversal (CWE-35) Report source Report to CERT Po ... Read more