Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
- Cybersecurity News
WhatsUp Gold Users Beware: Critical Authentication Bypass Flaw Exposed – CVE-2024-7763 (CVSS 9.8)
Progress Software has disclosed a severe new vulnerability in its popular network monitoring solution, WhatsUp Gold, that exposes organizations to potential cyberattacks by allowing unauthorized acces ... Read more
- Cybersecurity News
Healthcare Under Fire: HeptaX Campaign Steals and Manipulates Sensitive Data
Infection chain | Image: CRILCyble Research and Intelligence Labs (CRIL) has recently uncovered a covert and sophisticated cyberespionage campaign dubbed “HeptaX,” which exploits Remote Desktop Protoc ... Read more
- TheCyberThrone
Siemens fixes Critical Vulnerability CVE-2024-47901
Siemens has released patches for multiple vulnerabilities in its InterMesh wireless alarm reporting system that could allow an unauthenticated, remote attacker to execute arbitrary code with root priv ... Read more
- InfoSec Write-ups
CVE-2024–25600: WordPress Bricks Builder Remote Code Execution Vulnerability -$$$$ BOUNTY
Overview:The CVE-2024–25600 vulnerability is a high-severity flaw in the Bricks Builder plugin for WordPress, disclosed on February 26, 2024. It allows unauthenticated remote code execution (RCE), per ... Read more
- The Register
Senator accuses sloppy domain registrars of aiding Russian disinfo campaigns
in brief Senate intelligence committee chair Mark Warner (D-VA) is demanding to know why, in the wake of the bust-up of a massive online Russian disinformation operation, the names of six US-based dom ... Read more
- BleepingComputer
Fog ransomware targets SonicWall VPNs to breach corporate networks
Fog and Akira ransomware operators are increasingly breaching corporate networks through SonicWall VPN accounts, with the threat actors believed to be exploiting CVE-2024-40766, a critical SSL VPN acc ... Read more
- Help Net Security
Week in review: Fortinet patches critical FortiManager 0-day, VMware fixes vCenter Server RCE
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Fortinet releases patches for publicly undisclosed critical FortiManager vulnerability In the last cou ... Read more
- Cybersecurity News
CVE-2024-9488 (CVSS 9.8): Authentication Bypass Flaw in wpDiscuz Plugin, Over 80,000 Sites at Risk
A critical authentication bypass vulnerability has been discovered in wpDiscuz, a widely used WordPress plugin with over 80,000 active installations. This vulnerability, tracked as CVE-2024-9488 and a ... Read more
- TheCyberThrone
Windows Downdate attack lets downgrade OS to Vulnerable version
A researcher from SafeBreach Labs uncovered a new attack technique that could compromise the security of fully patched Windows 11 systems.The attack was reported in August 2024 at Black Hat USA 2024 a ... Read more
- BleepingComputer
New Cisco ASA and FTD features block VPN brute-force password attacks
Cisco has added new security features that significantly mitigate brute-force and password spray attacks on Cisco ASA and Firepower Threat Defense (FTD), helping protect the network from breaches and ... Read more