Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Joomla Security Alert: Critical SQL Injection & MFA Bypass Vulnerabilities Uncovered
The Joomla Project has issued two security announcements addressing two significant vulnerabilities affecting its CMS and database packages, including a critical SQL injection flaw (CVE-2025-25226) an ... Read more
-
Daily CyberSecurity
Critical Vulnerabilities in Spotfire Products Allow Code Execution (CVE-2025-3114, CVE-2025-3115)
Cloud Software Group has released security advisories addressing critical vulnerabilities in its Spotfire products that could allow attackers to execute arbitrary code and compromise systems. The advi ... Read more
-
Daily CyberSecurity
Microsoft Enhances Exchange and SharePoint Security with AMSI Integration
Microsoft has announced enhanced security measures for its Exchange Server and SharePoint Server products, both of which are critical assets for many organizations. The core of this enhancement is the ... Read more
-
Daily CyberSecurity
Arista EOS: Critical Vulnerability Exposes Cleartext Transmission (CVE-2024-12378)
Arista Networks has released a security advisory addressing a critical vulnerability in its EOS (Extensible Operating System) that could lead to the transmission of sensitive information in cleartext. ... Read more
-
Daily CyberSecurity
Critical Vulnerability (CVE-2025-31498) Patched in c-ares DNS Library
The Domain Name System (DNS) plays a pivotal role, translating human-friendly domain names into the numerical IP addresses that computers understand. And at the heart of many applications facilitating ... Read more
-
SentinelOne
Re-Assessing Risk | Subdomain Takeovers As Supply Chain Attacks
Cybersecurity is defined by constant change. Whether it’s zero-days that disrupt operations and demand our immediate attention (e.g., tj-actions, XZ utility, and log4j), or the constant stream of upda ... Read more
-
Dark Reading
Zero-Day in CentreStack File Sharing Platform Under Attack
Source: Elena Uve via Alamy Stock PhotoA critical zero-day vulnerability in a file sharing platform widely used by managed services providers (MSPs) has been under exploitation since March.The vulnera ... Read more
-
cloudsecurityalliance.org
Oracle Cloud Infrastructure Breach: Mitigating Future Attacks with Agentic AI
Written by Ken Huang, CSA Fellow, Co-Chair of CSA AI Safety Working Groups. The cybersecurity community has been rocked by a significant breach of Oracle Cloud Infrastructure (OCI), specifically targe ... Read more
-
CrowdStrike.com
Kubernetes IngressNightmare Vulnerabilities: What You Need to Know
We would like to recognize Amit Serper, Travis Lowe, Tony Gore, Adrian Godoy, Mihai Vasilescu, Suraj Sahu, Pablo Ramos, Raj Jammalamadaka, Lacie Griffin, and Josh Grunzweig for their contributions in ... Read more
-
CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs
Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more