Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
NSO Group Fined $168M for Targeting 1,400 WhatsApp Users With Pegasus Spyware
A federal jury on Tuesday decided that NSO Group must pay Meta-owned WhatsApp WhatsApp approximately $168 million in monetary damages, more than four months after a federal judge ruled that the Israel ... Read more
-
huntress.com
Rapid Response: Samsung MagicINFO 9 Server Flaw
TL;DR: While reports have indicated the latest version of Samsung MagicINFO 9 Server fixes a high-severity flaw (CVE-2024-7399), Huntress has independently verified that the latest version (21.1050.0) ... Read more
-
TheCyberThrone
CISA Adds CVE-2025-27363 to KEV Catalog
The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-27363, a critical out-of-bounds write vulnerability in FreeType, to its Known Exploited Vulnerabilities (KEV) Catalog due ... Read more
-
Daily CyberSecurity
CVE-2025-25014 (CVSS 9.1): Prototype Pollution in Kibana Opens Door to Code Execution
Elastic has issued a critical security advisory for Kibana, warning users of a vulnerability tracked as CVE-2025-25014. Scoring a CVSS of 9.1, this flaw stems from a prototype pollution vulnerability ... Read more
-
Daily CyberSecurity
Botnet Exploits Old GeoVision IoT Devices via CVE-2024-6047 & CVE-2024-11120
The Akamai Security Intelligence and Response Team (SIRT) has identified active exploitation of two command injection vulnerabilities — CVE-2024-6047 and CVE-2024-11120 — in discontinued GeoVision IoT ... Read more
-
Daily CyberSecurity
CVE-2025-46728: cpp-httplib Vulnerability Exposes Servers to Denial of Service
The cpp-httplib, a C++11 single-file header-only cross-platform HTTP/HTTPS library known for its ease of setup, is facing a serious security vulnerability. A recently identified flaw, tracked as CVE-2 ... Read more
-
Daily CyberSecurity
CVE-2025-47241: Critical Whitelist Bypass in Browser Use Exposes Internal Services
Security researchers from ARIMLABS.AI have disclosed a serious vulnerability in the Browser Use project—a tool that provides browser automation capabilities for AI agents. Tracked as CVE-2025-47241, t ... Read more
-
Daily CyberSecurity
CoGUI Phishing Kit: Advanced Evasion Tactics Target Japan
Threat actors using a sophisticated phishing kit called CoGUI have launched a torrent of Japanese-language credential theft campaigns, flooding inboxes with millions of phishing emails each month, acc ... Read more
-
Daily CyberSecurity
CVE-2025-24977: Critical RCE Flaw in OpenCTI Platform Exposes Infrastructure to Root-Level Attacks
A critical security vulnerability has been identified in the OpenCTI Platform, an open-source solution used by organizations to manage cyber threat intelligence. The vulnerability, tracked as CVE-2025 ... Read more
-
Daily CyberSecurity
Critical AWS Amplify Studio Flaw Allows Code Execution – Update Now!
A critical-severity security flaw has been identified in AWS Amplify Studio, specifically within the amplify-codegen-ui package. This vulnerability, tracked as CVE-2025-4318 and with a critical CVSSv4 ... Read more