CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CrowdStrike.com
CrowdStrike Falcon Prevents Supply Chain Attack Involving Compromised NPM Packages
Recently, five popular NPM (Node Package Manager) packages were compromised and modified to deliver a malicious DLL, dubbed “Scavenger”. The malware pushed via these compromised NPM packages executes ... Read more
-
Daily CyberSecurity
Firefox’s New AI Feature Is Causing Major CPU Spikes and Draining Batteries
Image: Mozilla In its recent v141.0 release, Firefox introduced support for managing tab groups through a built-in artificial intelligence model. For example, when a user creates a new tab group, the ... Read more
-
CybersecurityNews
WinRAR 0-Day in Phishing Attacks to Deploy RomCom Malware
A critical zero-day vulnerability has been identified in WinRAR that cybercriminals are actively exploiting through sophisticated phishing campaigns to distribute RomCom malware. The flaw, designated ... Read more
-
The Cyber Express
BadCam Attack Turns Trusted Linux Webcams into Stealthy USB Weapons
A new class of USB-based attacks has come to light. These attacks are not just targeting removable devices, but existing, trusted peripherals already connected to systems: Linux webcams. Attackers can ... Read more
-
The Hacker News
WinRAR Zero-Day Under Active Exploitation – Update to Latest Version Immediately
The maintainers of the WinRAR file archiving utility have released an update to address an actively exploited zero-day vulnerability. Tracked as CVE-2025-8088 (CVSS score: 8.8), the issue has been des ... Read more
-
Help Net Security
From legacy to SaaS: Why complexity is the enemy of enterprise security
In this Help Net Security interview, Robert Buljevic, Technology Consultant at Bridge IT, discusses how the coexistence of legacy systems and SaaS applications is changing the way organizations approa ... Read more
-
CybersecurityNews
7-Zip Arbitrary File Write Vulnerability Let Attackers Execute Arbitrary Code
A newly disclosed security vulnerability in the popular 7-Zip file compression software has raised significant concerns in the cybersecurity community. CVE-2025-55188, discovered and reported by secur ... Read more
-
Daily CyberSecurity
Urgent Xerox FreeFlow Core Patch: Critical Flaws (CVSS 9.8) Allow RCE and SSRF
Xerox has released a security update for FreeFlow Core, addressing two high-impact vulnerabilities that could allow attackers to perform Server-Side Request Forgery (SSRF) or gain Remote Code Executio ... Read more
-
Daily CyberSecurity
CVE-2025-5095 (CVSS 9.8): Critical Flaw in ARC Solo Broadcasting Devices Allows Unauthenticated Takeover
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security advisory warning about a critical authentication bypass vulnerability affecting ARC Solo devices — widely used monitor ... Read more
-
Daily CyberSecurity
Linux Kernel Flaw (CVE-2025-38236): Privilege Escalation Risk, PoC Code Available
Security researcher Jann Horn from Google Project Zero disclosed the technical details and proof-of-concept exploit code for a high-severity vulnerability in the Linux kernel — CVE-2025-38236 (CVSS 7. ... Read more