CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
BitUnlocker – Multiple 0-days to Bypass BitLocker and Extract All Protected Data
Researchers have disclosed a series of critical zero-day vulnerabilities that completely bypass Windows BitLocker encryption, allowing attackers with physical access to extract all protected data from ... Read more
-
CybersecurityNews
28,000+ Microsoft Exchange Servers Vulnerable to CVE-2025-53786 Exposed Online
Over 28,000 unpatched Microsoft Exchange servers are exposed on the public internet and remain vulnerable to a critical security flaw designated CVE-2025-53786, according to new scanning data released ... Read more
-
Daily CyberSecurity
PyPI Rejects Malicious ZIP Archives to Block “Parser Confusion” Attacks
The Python Package Index (PyPI) has announced a set of new upload restrictions aimed at protecting Python package installers and inspection tools from ZIP parser confusion attacks. This move follows t ... Read more
-
Daily CyberSecurity
CISA Alert: Critical Flaws Expose EG4 Electronics Inverters to Remote Takeover
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a risk evaluation warning about multiple high-severity vulnerabilities affecting all versions of several EG4 Electronics inv ... Read more
-
CrowdStrike.com
CrowdStrike Falcon Prevents Supply Chain Attack Involving Compromised NPM Packages
Recently, five popular NPM (Node Package Manager) packages were compromised and modified to deliver a malicious DLL, dubbed “Scavenger”. The malware pushed via these compromised NPM packages executes ... Read more
-
CybersecurityNews
Axis Camera Server Vulnerabilities Exposes Thousands of Organizations to Attack
Critical security flaws in Axis Communications’ surveillance infrastructure have left over 6,500 organizations worldwide vulnerable to sophisticated cyberattacks, with potential impacts spanning gover ... Read more
-
BleepingComputer
WinRAR zero-day flaw exploited by RomCom hackers in phishing attacks
A recently fixed WinRAR vulnerability tracked as CVE-2025-8088 was exploited as a zero-day in phishing attacks to install the RomCom malware. The flaw is a directory traversal vulnerability that was f ... Read more
-
Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
15,000 Jenkins Servers at Risk from RCE Vulnerability (CVE-2025-53652)
A new report by VulnCheck exposes a critical command injection flaw (CVE-2025-53652) in the Jenkins Git Parameter plugin. Find out how this vulnerability, initially rated as medium, could allow hacker ... Read more
-
CrowdStrike.com
CrowdStrike Falcon Prevents Supply Chain Attack Involving Compromised NPM Packages
Recently, five popular NPM (Node Package Manager) packages were compromised and modified to deliver a malicious DLL, dubbed “Scavenger”. The malware pushed via these compromised NPM packages executes ... Read more
-
The Register
Star leaky app of the week: StarDict
As Trixie gets ready to début, a little-known app is hogging the limelight: StarDict, which sends whatever text you select, unencrypted, to servers in China. A discussion on the oss-security mailing l ... Read more