CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
InfoSec Write-ups
How I Discovered a Critical Vulnerability in an Internet Service Provider’s Software
IntroductionAs a Security Researcher, I focus on finding and responsibly reporting security vulnerabilities to enhance the safety of systems worldwide. Not long ago, I identified a critical SQL inject ...
-
Help Net Security
Week in review: AWS S3 data encrypted without ransomware, data of 15k Fortinet firewalls leaked
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Attackers are encrypting AWS S3 data without using ransomware A ransomware gang dubbed Codefinger is e ...
-
TheCyberThrone
CVE-2025-0107 PoC Exploit Code Released for PaloAlto Flaw
Background:CVE-2025-0107 is a critical OS command injection vulnerability discovered in Palo Alto Networks’ Expedition Tool, version 1.2.101 and earlier. Recently, security researchers released a Proo ...
-
Cybersecurity News
CVE-2024-12297 (CVSS 9.2): Critical Authorization Vulnerability in Moxa EDS-508A Series
Moxa has issued a security advisory detailing CVE-2024-12297 (CVSS 9.2), a critical vulnerability in its EDS-508A Series Ethernet switches. This flaw, which affects devices running firmware version 3. ...
-
Cybersecurity News
CL-UNK-0979 Exploit Zero-Day Flaw in Ivanti Connect Secure to Gain Access to Networks
Palo Alto Networks has issued a detailed threat briefing on two critical vulnerabilities in Ivanti products—CVE-2025-0282 and CVE-2025-0283. The vulnerabilities affect Ivanti’s Connect Secure, Policy ...
-
TheCyberThrone
CVE-2024-7344 impacts UEFI based systems
CVE-2024-7344 is a critical vulnerability affecting UEFI-based systems. It was discovered by researchers at ESET and involves a bypass of the UEFI Secure Boot mechanism, allowing untrusted code to run ...
-
Silver Platter Tryhackme Walkthrough
Can you breach the server?room link : https://tryhackme.com/r/room/silverplatterAfter spending considerable time attempting to gain an initial foothold, I realized that the solution was in plain sight ...
-
Whiterose TryHackMe Motion Graphics Writeup | Easy Room | Detailed THM Walkthrough
Full writeup for the TryHackMe room : Whiterose ( Easy Room )Kudos to the Creator(s) of this room →ROOM DIFFICULTYEasy → Difficulty [ Name : Whiterose , Room loosely Based on the TV Show → Mr. Robot ] ...
-
CVE-2024-50379: Apache Tomcat Race Condition Vulnerability Leads to Remote Code Execution
CVE-2024-50379: Apache Tomcat Race Condition Vulnerability Leads to Remote Code Execution[Write-up] CVE-2024-50379: Apache Tomcat Race Condition POC - RCE Tested on Local Lab.IntroductionApache Tomcat ...
-
The Hacker News
U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk Typhoon
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) has imposed sanctions against a Chinese cybersecurity company and a Shanghai-based cyber actor for their alleged links to the Sal ...