Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
WordPress Plugin Vulnerability Exposes Millions of Websites to Script Injection Attacks
A critical security vulnerability in the Essential Addons for Elementor plugin (CVE-2025-24752) has put over two million WordPress websites at risk of cross-site scripting (XSS) attacks. The vulnerabi ... Read more
-
Cyber Security News
2850+ Ivanti Connect Secure Devices Vulnerable to Remote Code Execution Attacks
A critical vulnerability, CVE-2025-22467, in Ivanti Connect Secure (ICS) devices has left approximately 2,850 instances worldwide unpatched and vulnerable to remote code execution (RCE) attacks. This ... Read more
-
The Register
200-plus impressively convincing GitHub repos are serving up malware
Infosec bytes Kaspersky says it has found more than 200 GitHub repos hosting fairly convincing-looking fake projects laced with malicious software. The Russian infosec house reckons the rotten reposit ... Read more
-
CrowdStrike.com
February 2025 Patch Tuesday: Four Zero-Days and Three Critical Vulnerabilities Among 67 CVEs
Microsoft has released security updates for 67 vulnerabilities in its February 2025 Patch Tuesday rollout. Among these are three Critical vulnerabilities and four zero-days affecting the Windows NTLMv ... Read more
-
Cyber Security News
CISA Warns of Microsoft Partner Center Access Control Vulnerability Exploited in Wild
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent advisory on February 25, 2025, confirming that threat actors are actively exploiting a critical privilege escalation v ... Read more
-
The Hacker News
CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation
Enterprise Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed two security flaws impacting Microsoft Partner Center and Synacor Zimbra Collabor ... Read more
-
CrowdStrike.com
February 2025 Patch Tuesday: Four Zero-Days and Three Critical Vulnerabilities Among 67 CVEs
Microsoft has released security updates for 67 vulnerabilities in its February 2025 Patch Tuesday rollout. Among these are three Critical vulnerabilities and four zero-days affecting the Windows NTLMv ... Read more
-
Cybersecurity News
CVE-2024-12084 & CVE-2024-12085: Rsync Flaws Allow Hackers to Take Over Servers, PoC Published
A set of high-risk vulnerabilities has been disclosed in Rsync, the widely used file synchronization and data transfer tool. Security researchers Simon Scannell, Pedro Gallegos, and Jasiel Spelman fro ... Read more
-
Cybersecurity News
SoaPy: A New Tool for Stealthy Active Directory Enumeration via ADWS
Enumeration of service accounts using SoaPy | Image: IBMIBM X-Force Research has introduced SoaPy, a new Python-based tool designed for stealthy Active Directory (AD) enumeration using Active Director ... Read more
-
Cybersecurity News
CISA Flags Actively Exploited Zimbra (CVE-2023-34192) and Microsoft (CVE-2024-49035) Vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning, adding two critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. This move underscores the ur ... Read more