CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
GitLab Patch: Fixes CI/CD Credential Theft & Unauthenticated DoS Attacks
GitLab has released an important security update today affecting both its Community Edition (CE) and Enterprise Edition (EE). The release addresses multiple high-severity vulnerabilities, ranging from ...
-
BleepingComputer
New ShadowV2 botnet malware used AWS outage as a test opportunity
A new Mirai-based botnet malware named ‘ShadowV2’ has been observed targeting IoT devices from D-Link, TP-Link, and other vendors with exploits for known vulnerabilities. Fortinet’s FortiGuard Labs re ...
-
Kaspersky
Microsoft Exchange on-premises hardening recommendations
Few cybersecurity experts would dispute that attacks on Microsoft Exchange servers should be viewed as inevitable, and the risk of compromise remains consistently high. In October, Microsoft ended sup ...
-
BleepingComputer
Popular Forge library gets fix for signature verification bypass flaw
A vulnerability in the ‘node-forge’ package, a popular JavaScript cryptography library, could be exploited to bypass signature verifications by crafting data that appears valid. The flaw is tracked as ...
-
The Register
Botnet takes advantage of AWS outage to smack 28 countries
A Mirai-based botnet named ShadowV2 emerged during last October's widespread AWS outage, infecting IoT devices across industries and continents, likely serving as a "test run" for future attacks, acco ...
-
CybersecurityNews
Water Gamayun APT Hackers Exploit MSC EvilTwin Vulnerability to Inject Malicious Code
Water Gamayun, a persistent threat group, has recently intensified its efforts by exploiting a newly identified MSC EvilTwin vulnerability (CVE-2025-26633) in Windows systems. This malware campaign is ...
-
security.nl
Asus waarschuwt voor kritieke AiCloud-kwetsbaarheid in routers
Asus waarschuwt voor een kritieke kwetsbaarheid in AiCloud, waardoor een ongeauthenticeerde aanvaller op afstand toegang tot routers kan krijgen. Er zijn firmware-updates uitgebracht om het probleem t ...
-
CybersecurityNews
Hackers Exploit NTLM Authentication Flaws to Target Windows Systems
More than two decades after its initial discovery, the NTLM authentication protocol continues to plague Windows systems worldwide. What started in 2001 as a theoretical vulnerability has evolved into ...
-
BleepingComputer
ASUS warns of new critical auth bypass flaw in AiCloud routers
ASUS has released new firmware to patch nine security vulnerabilities, including a critical authentication bypass flaw in routers with AiCloud enabled. AiCloud is a cloud-based remote access feature t ...
-
Kaspersky
Old tech, new vulnerabilities: NTLM abuse, ongoing exploitation in 2025
Just like the 2000s Flip phones grew popular, Windows XP debuted on personal computers, Apple introduced the iPod, peer-to-peer file sharing via torrents was taking off, and MSN Messenger dominated on ...