Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
Exploitable PoC Released for CVE-2024-38077: 0-Click RCE Threatens All Windows Servers
Security researchers Ver, Lewis Lee, and Zhiniang Peng have detailed and published a proof-of-concept (PoC) exploit code for a critical vulnerability, designated as CVE-2024-38077 (CVSS 9.8) and refer ... Read more
-
Cybersecurity News
CVE-2024-5290: Wi-Fi Flaw Leaves Millions Vulnerable to Root Takeover
Security researchers have uncovered a critical vulnerability in wpa_supplicant, a ubiquitous software component responsible for managing Wi-Fi connections on countless devices. The flaw, dubbed CVE-20 ... Read more
-
Cybersecurity News
MongoDB Patches High-Severity Windows Vulnerability (CVE-2024-7553) in Multiple Products
MongoDB, the popular NoSQL database provider, announced the patching of a high-severity vulnerability affecting multiple versions of its server and driver products. The flaw, tracked as CVE-2024-7553 ... Read more
-
Cybersecurity News
1Password Updates macOS App to Fix Vulnerabilities CVE-2024-42218 and CVE-2024-42219
1Password, a leading password manager, has released security updates to address two vulnerabilities (CVE-2024-42218 and CVE-2024-42219) discovered in its macOS app. These vulnerabilities could potenti ... Read more
-
Cybersecurity News
CVE-2024-42458 (CVSS 9.8) – New Security Vulnerability in Neat VNC: Urgent Patch Released
Neat VNC, a popular open-source VNC server library used for remote desktop access and screen sharing, has been found vulnerable to a security vulnerability (CVE-2024-42458, CVSS 9.8). This flaw could ... Read more
-
The Register
Hello? Are you talking on a Cisco SPA300 or SPA500 IP phone? Now's the time to junk 'em
A boffin from British defence contractor BAE has found three critical flaws in Cisco's Small Business SPA300 and SPA500 IP phones – and another couple of nasties – none of which will be fixed or mitig ... Read more
-
The Cyber Express
SEC Won’t Bring Charges Against Progress Software Over MOVEit Supply Chain Attack
In a surprising move, the U.S. Securities and Exchange Commission (SEC) has decided not to bring charges against Progress Software over last year’s MOVEit software supply chain attack that exposed the ... Read more
-
The Cyber Express
Downgrade Attacks Could Affect Fully Updated Windows Systems With Previously Patched Vulnerabilities
A security researcher has uncovered a new threat within the Windows operating system that challenges the very notion of a fully-patched system. The new threat demonstrated by the researcher-built tool ... Read more
-
BleepingComputer
Cisco warns of critical RCE zero-days in end of life IP phones
Cisco is warning of multiple critical remote code execution zero-days in the web-based management interface of the end-of-life Small Business SPA 300 and SPA 500 series IP phones. The vendor has not m ... Read more
-
BleepingComputer
CISA warns about actively exploited Apache OFBiz RCE flaw
The U.S. Cybersecurity & Infrastructure Security Agency is warning of two vulnerabilities exploited in attacks, including a path traversal impacting Apache OFBiz. Apache OFBiz (Open For Business) is a ... Read more