Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Help Net Security
Hackers exploit old FortiGate vulnerabilities, use symlink trick to retain limited access to patched devices
A threat actor that has been using known old FortiOS vulnerabilities to breach FortiGate devices for years has also been leveraging a clever trick to maintain undetected read-only access to them after ... Read more
-
Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
BentoML Vulnerability Allows Remote Code Execution on AI Servers
TL;DR: A critical deserialization vulnerability (CVSS 9.8 – CVE-2025-27520) in BentoML (v1.3.8–1.4.2) lets attackers execute remote code without authentication. Discovered by Checkmarx Zero. Upgrade t ... Read more
-
CrowdStrike.com
Kubernetes IngressNightmare Vulnerabilities: What You Need to Know
We would like to recognize Amit Serper, Travis Lowe, Tony Gore, Adrian Godoy, Mihai Vasilescu, Suraj Sahu, Pablo Ramos, Raj Jammalamadaka, Lacie Griffin, and Josh Grunzweig for their contributions in ... Read more
-
CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs
Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more
-
BleepingComputer
Fortinet: Hackers retain access to patched FortiGate VPNs using symlinks
Fortinet warns that threat actors use a post-exploitation technique that helps them maintain read-only access to previously compromised FortiGate VPN devices even after the original attack vector was ... Read more
-
CrowdStrike.com
Kubernetes IngressNightmare Vulnerabilities: What You Need to Know
We would like to recognize Amit Serper, Travis Lowe, Tony Gore, Adrian Godoy, Mihai Vasilescu, Suraj Sahu, Pablo Ramos, Raj Jammalamadaka, Lacie Griffin, and Josh Grunzweig for their contributions in ... Read more
-
CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs
Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more
-
security.nl
Microsoft adviseert Windowsgebruikers inetpub-map niet te verwijderen
Microsoft adviseert Windowsgebruikers om een map genaamd 'inetpub' niet te verwijderen. De map wordt aangemaakt na de installatie van een beveiligingsupdate voor een kwetsbaarheid aangeduid als CVE-20 ... Read more
-
Cyber Security News
CISA Releases 10 ICS Advisories Covering Vulnerabilities & Exploits
The Cybersecurity and Infrastructure Security Agency (CISA) has issued ten new advisories addressing vulnerabilities in Industrial Control Systems (ICS). These advisories aim to inform stakeholders ab ... Read more
-
BleepingComputer
Microsoft: Windows 'inetpub' folder created by security fix, don’t delete
Microsoft has now confirmed that an April 2025 Windows security update is creating a new empty "inetpub" folder and warned users not to delete it. This folder is typically used by Microsoft's Internet ... Read more