Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CrowdStrike.com
CrowdStrike Falcon Prevents Supply Chain Attack Involving Compromised NPM Packages
Recently, five popular NPM (Node Package Manager) packages were compromised and modified to deliver a malicious DLL, dubbed “Scavenger”. The malware pushed via these compromised NPM packages executes ... Read more
-
Daily CyberSecurity
Critical Axios Flaw (CVE-2025-54371) in Form-Data Dependency Exposes Millions to HTTP Manipulation
Axios, the popular promise-based HTTP client for Node.js and browsers, has been found vulnerable through a critical flaw in a transitive dependency, putting millions of applications at risk of multipa ... Read more
-
Daily CyberSecurity
Dropping Elephant Targets Türkiye’s Missile Industry with Stealthy Conference Lures & VLC DLL Sideloading
Arctic Wolf Labs has uncovered a new cyber-espionage campaign orchestrated by the threat actor Dropping Elephant, targeting Türkiye’s defense industrial base—specifically a manufacturer of precision-g ... Read more
-
Daily CyberSecurity
400,000 WordPress Sites at Risk: CVE-2025-24000 in Post SMTP Plugin Allows Full Site Takeover
A vulnerability in the popular Post SMTP WordPress plugin—installed on over 400,000 websites—has been disclosed by Patchstack, exposing sites to full account takeover attacks via broken access control ... Read more
-
Daily CyberSecurity
High-Severity SQL Injection (CVE-2025-52914) in Mitel MiCollab Allows Data Access, Command Execution
Mitel has released a security advisory addressing a high-severity SQL injection vulnerability in its MiCollab platform—an issue that could allow authenticated attackers to execute arbitrary database c ... Read more
-
The Register
No login? No problem: Cisco ISE flaw gave root access before fix arrived, say researchers
Threat actors have actively exploited a newly patched vulnerability in Cisco's Identity Services Engine (ISE) software since early July, weeks before the networking giant got around to issuing a fix. ... Read more
-
CybersecurityNews
TP-Link Network Video Recorder Vulnerability Let Attackers Execute Arbitrary Commands
Two high-severity vulnerabilities in TP-Link VIGI network video recorder (NVR) systems could allow attackers to execute arbitrary commands on affected devices. The security flaws, identified as CVE-20 ... Read more
-
CybersecurityNews
SharePoint 0-day Vulnerability Exploited in Wild by All Sorts of Hacker Groups
A critical zero-day vulnerability in Microsoft SharePoint servers has become a playground for threat actors across the cybercriminal spectrum, with attacks ranging from opportunistic hackers to sophis ... Read more
-
The Hacker News
Critical Mitel Flaw Lets Hackers Bypass Login, Gain Full Access to MiVoice MX-ONE Systems
Jul 24, 2025Ravie LakshmananVulnerability / Network Security Mitel has released security updates to address a critical security flaw in MiVoice MX-ONE that could allow an attacker to bypass authenti ... Read more
-
The Hacker News
Fire Ant Exploits VMware Flaws to Compromise ESXi Hosts and vCenter Environments
Jul 24, 2025Ravie LakshmananVirtualization / Network Security Virtualization and networking infrastructure have been targeted by a threat actor codenamed Fire Ant as part of a prolonged cyber espion ... Read more