Cyber Newsroom Feed

The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.

  • cert.pl
Vulnerabilities in Phoniebox open-source project

CVE ID CVE-2024-3798 Publication date 10 July 2024 Vendor Phoniebox Product Phoniebox Vulnerable versions All through 2.7 Vulnerability type (CWE) Cross-Site Request Forgery (CSRF) (CWE-352) Report so ... Read more

Published Date: Jul 10, 2024 (2 months ago)
  • krebsonsecurity.com
Microsoft Patch Tuesday, July 2024 Edition

Microsoft Corp. today issued software updates to plug at least 139 security holes in various flavors of Windows and other Microsoft products. Redmond says attackers are already exploiting at least two ... Read more

Published Date: Jul 09, 2024 (2 months ago)
  • huntress.com
SlashAndGrab: The ConnectWise ScreenConnect Vulnerability Explained | Huntress

The “exploit” is trivial and embarrassingly easy.  These are words you never want to hear when talking about vulnerabilities in a widely used product, but that’s exactly how John Hammond, Principal Se ... Read more

Published Date: Jul 09, 2024 (2 months ago)
  • Zero Day Initiative
The July 2024 Security Update Review

None ... Read more

Published Date: Jul 09, 2024 (2 months ago)
  • cert.pl
SQL Injection vulnerability in MegaBIP software

CVE ID CVE-2024-6527 Publication date 09 July 2024 Vendor Jan Syski Product MegaBIP Vulnerable versions All through 5.13 Vulnerability type (CWE) Improper Neutralization of Special Elements used in an ... Read more

Published Date: Jul 09, 2024 (2 months ago)
  • The Cloudflare Blog
RADIUS/UDP vulnerable to improved MD5 collision attack

2024-07-0917 min readThe MD5 cryptographic hash function was first broken in 2004, when researchers demonstrated the first MD5 collision, namely two different messages X1 and X2 where MD5(X1) = MD5 (X ... Read more

Published Date: Jul 09, 2024 (2 months ago)
  • cert.pl
Vulnerabilities in Longse Technology devices

CVE ID CVE-2024-5631 Publication date 09 July 2024 Vendor Longse Technology Product NVR3608PGE2W Vulnerable versions All Vulnerability type (CWE) Cleartext Transmission of Sensitive Information (CWE-3 ... Read more

Published Date: Jul 09, 2024 (2 months ago)
  • InfoSec Write-ups
RegreSSHion (CVE-2024–6387): Dive into the Latest OpenSSH Server Threat

Explore CVE-2024–6387, a critical cybersecurity vulnerability. Learn its impact, how to detect it, and the best practices to safeguard your systems from potential exploits.Free articleCVE-2024–6387, a ... Read more

Published Date: Jul 08, 2024 (2 months ago)
  • InfoSec Write-ups
Art of finding zero day vulnerabilities using Open Source AI

I am Harish SG, a security researcher who studies Masters in Cybersecurity at UT Dallas and AI security engineer at Cisco,previously hunted on the Microsoft Bug Bounty Program and Google VRPI am shari ... Read more

Published Date: Jul 08, 2024 (2 months ago)
  • huntress.com
Critical Vulnerability: WebP Heap Buffer Overflow (CVE-2023-4863) | Huntress

The Huntress team is currently investigating CVE-2023-4863, a heap buffer overflow in the WebP image encoding/decoding (codec) library (libwebp). Threat actors are exploiting this critical vulnerabili ... Read more

Published Date: Jul 08, 2024 (2 months ago)

Filters

Showing 10 of 966 Results