Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
SysAid ITSM Platform Vulnerabilities Allows Pre-authenticated Remote Command Execution
A critical vulnerability chain in SysAid’s On-Premise IT Service Management (ITSM) platform that allows attackers to achieve pre-authenticated Remote Command Execution (RCE). The findings detail how m ... Read more
-
BleepingComputer
Play ransomware exploited Windows logging flaw in zero-day attacks
The Play ransomware gang has exploited a high-severity Windows Common Log File System flaw in zero-day attacks to gain SYSTEM privileges and deploy malware on compromised systems. The vulnerability, t ... Read more
-
BleepingComputer
NSO Group fined $167M for spyware attacks on 1,400 WhatsApp users
A U.S. federal jury has ordered Israeli spyware vendor NSO Group to pay WhatsApp $167,254,000 in punitive damages and $444,719 in compensatory damages for a 2019 campaign that targeted 1,400 users of ... Read more
-
The Hacker News
OttoKit WordPress Plugin with 100K+ Installs Hit by Exploits Targeting Multiple Flaws
Vulnerability / Web Security A second security flaw impacting the OttoKit (formerly SureTriggers) WordPress plugin has come under active exploitation in the wild. The vulnerability, tracked as CVE-202 ... Read more
-
Help Net Security
PoC exploit for SysAid pre-auth RCE released, upgrade quickly!
WatchTowr researchers have released a proof-of-concept (PoC) exploit that chains two vulnerabilities in SysAid On-Prem – the self-hosted version of the platform behind SysAid’s popular IT service mana ... Read more
-
security.nl
Symantec: Windows-lek voor uitkomen patch gebruikt bij malware-aanval
Een kwetsbaarheid in Windows waarvoor op 8 april een beveiligingsupdate verscheen is al voor het uitkomen van de patch gebruikt voor het verspreiden van malware, zo stelt Symantec. Eerder maakte Micro ... Read more
-
Kaspersky
Safeguarding your browsing history | Kaspersky official blog
In April, the release of version 136 of Google Chrome finally addressed a privacy issue for the browser that’s been widely known about since 2002 (which issue, btw, is also present in all other major ... Read more
-
Cyber Security News
Critical AWS Amplify Studio Vulnerability Let Attackers Execute Arbitrary Code
A critical security vulnerability in AWS Amplify Studio has been identified, potentially allowing authenticated users to execute arbitrary JavaScript code during component rendering and build processe ... Read more
-
Cyber Security News
Windows 0-Day Vulnerability Exploited in the Wild to Deploy Play Ransomware
Threat actors linked to the Play ransomware operation exploited a zero-day vulnerability in Microsoft Windows prior to its patching on April 8, 2025. The vulnerability, tracked as CVE-2025-29824, affe ... Read more
-
The Hacker News
SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version
Vulnerability / IT Service Cybersecurity researchers have disclosed multiple security flaw in the on-premise version of SysAid IT support software that could be exploited to achieve pre-authenticated ... Read more