Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Dark Reading
Critical Apache OfBiz Vulnerability Allows Preauth RCE
Brian Jackson via Alamy Stock PhotoA critical pre-authentication remote code execution (RCE) security vulnerability in Apache OFBiz could open organizations to data theft, lateral movement by threat a ... Read more
-
TheCyberThrone
Apache OFBiz fixes CVE-2024-38856
Apache OFBiz has released an urgent security advisory due to the potential for unauthorized code execution.The vulnerability tracked as CVE-2024-38856 stems into an incorrect authorization handling wi ... Read more
-
Help Net Security
Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856)
CVE-2024-38856, an incorrect authorization vulnerability affecting all but the latest version of Apache OFBiz, may be exploited by remote, unauthenticated attackers to execute arbitrary code on vulner ... Read more
-
Dark Reading
Russia's 'Fighting Ursa' APT Uses Car Ads to Install HeadLace Malware
Source: Uwe Deffner via Alamy Stock PhotoA prolific Russian threat actor known as Fighting Ursa is targeting diplomats through a used-car sale email scheme that then distributes HeadLace backdoor malw ... Read more
-
Cyber Security News
APT41 Hackers Attacking Research Institute with ShadowPad and Cobalt Strike
Cisco Talos has unearthed a sophisticated cyber-espionage campaign targeting a Taiwanese government-affiliated research institute. The attack, attributed to the notorious Chinese hacking group APT41, ... Read more
-
The Cyber Express
Immediate Action Required: Critical Apache InLong Vulnerability Exploitable
The Apache InLong project, a widely used data integration framework designed for managing large-scale data streams, has issued an urgent security advisory regarding a critical vulnerability in its Tub ... Read more
-
Cyber Security News
Rockwell Automation Devices Flaw Let Hackers Gain Unauthorized Access
A critical security vulnerability in Rockwell Automation’s ControlLogix and GuardLogix controllers has been discovered. This vulnerability could potentially allow attackers to bypass security measures ... Read more
-
Cyber Security News
Leaked Wallpaper Exploit Let Attackers Escalate Privilege on Windows Systems
A critical security flaw in Windows’ wallpaper handling mechanism has been uncovered. It allows attackers to gain system-level privileges on affected machines. Security researcher Andrea Pierini discl ... Read more
-
The Hacker News
Critical Flaw in Rockwell Automation Devices Allows Unauthorized Access
Network Security / Vulnerability A high-severity security bypass vulnerability has been disclosed in Rockwell Automation ControlLogix 1756 devices that could be exploited to execute common industrial ... Read more
-
The Register
Google gamed into advertising a malicious version of Authenticator
Infosec in brief Scammers have been using Google's own ad system to fool people into downloading a borked copy of the Chocolate Factory's Authenticator software. A team at security shop Malwarebytes s ... Read more