CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Details emerge on WinRAR zero-day attacks that infected PCs with malware
Researchers have released a report detailing how a recent WinRAR path traversal vulnerability tracked as CVE-2025-8088 was exploited in zero-day attacks by the Russian 'RomCom' hacking group to drop d ... Read more
-
The Hacker News
New TETRA Radio Encryption Flaws Expose Law Enforcement Communications
Cybersecurity researchers have discovered a fresh set of security issues in the Terrestrial Trunked Radio (TETRA) communications protocol, including in its proprietary end-to-end encryption (E2EE) mec ... Read more
-
TheCyberThrone
CVE-2025-8088 WinRAR Zero-Day Vulnerability
August 11, 2025What is CVE-2025-8088?CVE-2025-8088 refers to a critical zero-day vulnerability in the Windows version of WinRAR—a widely used file archive utility.The flaw was actively exploited befor ... Read more
-
CrowdStrike.com
CrowdStrike Falcon Prevents Supply Chain Attack Involving Compromised NPM Packages
Recently, five popular NPM (Node Package Manager) packages were compromised and modified to deliver a malicious DLL, dubbed “Scavenger”. The malware pushed via these compromised NPM packages executes ... Read more
-
The Hacker News
Researchers Spot Surge in Erlang/OTP SSH RCE Exploits, 70% Target OT Firewalls
Aug 11, 2025Ravie LakshmananVulnerability / Network Security Malicious actors have been observed exploiting a now-patched critical security flaw impacting Erlang/Open Telecom Platform (OTP) SSH as e ... Read more
-
security.nl
Google beloont onderzoeker met 250.000 dollar voor melden van Chrome-lek
Google heeft een beveiligingsonderzoeker voor een kwetsbaarheid in Chrome een beloning van 250.000 dollar uitgekeerd. Het is één van de hoogste bug bounties die het techbedrijf ooit heeft uitgeloofd. ... Read more
-
cert.pl
TCC Bypass vulnerability in GIMP application for MacOS
TCC Bypass vulnerability in GIMP application for MacOS CVE ID CVE-2025-8672 Publication date 11 August 2025 Vendor GIMP Product GIMP Vulnerable versions All before 3.1.4.2 Vulnerability type (CWE) Inc ... Read more
-
CybersecurityNews
Hackers Weaponized Linux Webcams as Attack Tools to Inject Keystrokes and Launch Attacks
A critical vulnerability was uncovered that transforms ordinary Linux-powered webcams into weaponized BadUSB attack tools, enabling remote hackers to inject malicious keystrokes and compromise target ... Read more
-
CrowdStrike.com
CrowdStrike Falcon Prevents Supply Chain Attack Involving Compromised NPM Packages
Recently, five popular NPM (Node Package Manager) packages were compromised and modified to deliver a malicious DLL, dubbed “Scavenger”. The malware pushed via these compromised NPM packages executes ... Read more
-
Help Net Security
Win-DDoS: Attackers can turn public domain controllers into DDoS agents
SafeBreach researchers have released details on several vulnerabilities that could be exploited by attackers to crash Windows Active Directory domain controllers (DCs), one one of which (CVE-2025-3272 ... Read more