CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Help Net Security
PoC exploit for SysAid pre-auth RCE released, upgrade quickly!
WatchTowr researchers have released a proof-of-concept (PoC) exploit that chains two vulnerabilities in SysAid On-Prem – the self-hosted version of the platform behind SysAid’s popular IT service mana ... Read more
-
security.nl
Symantec: Windows-lek voor uitkomen patch gebruikt bij malware-aanval
Een kwetsbaarheid in Windows waarvoor op 8 april een beveiligingsupdate verscheen is al voor het uitkomen van de patch gebruikt voor het verspreiden van malware, zo stelt Symantec. Eerder maakte Micro ... Read more
-
Kaspersky
Safeguarding your browsing history | Kaspersky official blog
In April, the release of version 136 of Google Chrome finally addressed a privacy issue for the browser that’s been widely known about since 2002 (which issue, btw, is also present in all other major ... Read more
-
Cyber Security News
Critical AWS Amplify Studio Vulnerability Let Attackers Execute Arbitrary Code
A critical security vulnerability in AWS Amplify Studio has been identified, potentially allowing authenticated users to execute arbitrary JavaScript code during component rendering and build processe ... Read more
-
Cyber Security News
Windows 0-Day Vulnerability Exploited in the Wild to Deploy Play Ransomware
Threat actors linked to the Play ransomware operation exploited a zero-day vulnerability in Microsoft Windows prior to its patching on April 8, 2025. The vulnerability, tracked as CVE-2025-29824, affe ... Read more
-
The Hacker News
SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version
Vulnerability / IT Service Cybersecurity researchers have disclosed multiple security flaw in the on-premise version of SysAid IT support software that could be exploited to achieve pre-authenticated ... Read more
-
Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited, Warns CISA
CISA warns of active exploitation of critical Langflow vulnerability (CVE-2025-3248). Critical RCE flaw allows full server takeover. Patch to version 1.3.0 now! In April 2025, cybersecurity researcher ... Read more
-
Daily CyberSecurity
Zero-Day CLFS Vulnerability (CVE-2025-29824) Exploited in Ransomware Attacks
Symantec’s Threat Hunter Team has uncovered a sophisticated attack involving a zero-day privilege escalation vulnerability in Microsoft’s Common Log File System (CLFS) driver — CVE-2025-29824 — active ... Read more
-
The Hacker News
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization
Threat actors with links to the Play ransomware family exploited a recently patched security flaw in Microsoft Windows as a zero-day as part of an attack targeting an unnamed organization in the Unite ... Read more
-
BleepingComputer
Microsoft: April updates cause Windows Server auth issues
Microsoft says the April 2025 security updates are causing authentication issues on some Windows Server 2025 domain controllers. The list of impacted platforms includes Windows Server 2016, Windows Se ... Read more