Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Help Net Security
CISA reveals new malware variant used on compromised Ivanti Connect Secure devices
CISA has released indicators of compromise, detection signatures, and updated mitigation advice for rooting out a newly identified malware variant used by the attackers who breached Ivanti Connect Sec ... Read more
-
CrowdStrike.com
Kubernetes IngressNightmare Vulnerabilities: What You Need to Know
We would like to recognize Amit Serper, Travis Lowe, Tony Gore, Adrian Godoy, Mihai Vasilescu, Suraj Sahu, Pablo Ramos, Raj Jammalamadaka, Lacie Griffin, and Josh Grunzweig for their contributions in ... Read more
-
The Hacker News
Hackers Exploit WordPress mu-Plugins to Inject Spam and Hijack Site Images
Data Theft / Website Security Threat actors are using the "mu-plugins" directory in WordPress sites to conceal malicious code with the goal of maintaining persistent remote access and redirecting site ... Read more
-
The Hacker News
⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More
Threat Intelligence / Cybersecurity Every week, someone somewhere slips up—and threat actors slip in. A misconfigured setting, an overlooked vulnerability, or a too-convenient cloud tool becomes the p ... Read more
-
CrowdStrike.com
Kubernetes IngressNightmare Vulnerabilities: What You Need to Know
We would like to recognize Amit Serper, Travis Lowe, Tony Gore, Adrian Godoy, Mihai Vasilescu, Suraj Sahu, Pablo Ramos, Raj Jammalamadaka, Lacie Griffin, and Josh Grunzweig for their contributions in ... Read more
-
Cyber Security News
Critical PHP Vulnerability Let Hackers Bypass the Validation To Load Malicious Content
A critical vulnerability in PHP’s libxml streams has been identified, potentially impacting web applications that rely on the DOM or SimpleXML extensions for HTTP requests. The flaw, tracked as CVE-20 ... Read more
-
Daily CyberSecurity
Canon Fixes Critical Printer Driver Flaw: CVE-2025-1268 Alert
Canon has issued a security notice regarding a critical vulnerability found in certain printer drivers for its production printers, office/small office multifunction printers, and laser printers. The ... Read more
-
Daily CyberSecurity
CrushFTP Hacked: Exploit CVE-2025-2825 with PoC and Nuclei Template
ProjectDiscovery has published a technical breakdown of CVE-2025-2825, a critical authentication bypass flaw in CrushFTP—a widely used enterprise-grade file transfer server. The vulnerability, affecti ... Read more
-
Daily CyberSecurity
CVE-2025-22398: Dell Unity Hit by 9.8 CVSS Root-Level Command Injection Flaw
Dell has released a security update for Unity OS version 5.4 and earlier, addressing a set of critical vulnerabilities that expose the popular enterprise storage systems—Unity, UnityVSA, and Unity XT— ... Read more
-
Daily CyberSecurity
Mitel Addresses High Severity XSS Vulnerability in MiContact Center Business
Mitel has issued a security advisory regarding a reflected cross-site scripting (XSS) vulnerability, tracked as CVE-2025-23092 (CVSS 7.1), in the Legacy Chat component of its MiContact Center Business ... Read more