CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Google Rolls Out Chrome 142 Patching 20 Security Flaws
The Google Chrome team has urgently promoted Chrome version 142 to the stable channel for Windows, Mac, and Linux, addressing a major security risk for all desktop users. The update, version 142.0.744 ...
-
seclists.org
Re: [FD] : "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Full Disclosure mailing list archives From: josephgoyd via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 29 Oct 2025 11:15:18 +0000 The exploit I caught in the wild and the flow of the at ...
-
seclists.org
Re: : "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Full Disclosure mailing list archives From: Christoph Gruber <list () guru at> Date: Wed, 29 Oct 2025 06:44:04 +0100 It seems, the whole account is down -- Christoph Gruber Am 29.10.2025 um 03:37 schr ...
-
seclists.org
Dovecot CVE-2025-30189: Auth cache causes access to wrong account
Full Disclosure mailing list archives Dovecot CVE-2025-30189: Auth cache causes access to wrong account From: Aki Tuomi via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 29 Oct 2025 10:22 ...
-
Daily CyberSecurity
Researcher Details Critical Authentication Bypasses in WSO2 API Manager and Identity Server
Security researcher Crnkovic has disclosed three critical vulnerabilities — CVE-2025-9152, CVE-2025-10611, and CVE-2025-9804 — in WSO2 API Manager and WSO2 Identity Server, each scoring 9.8 on the CVS ...
-
Daily CyberSecurity
TEE.fail: Researchers Break Intel SGX/TDX and AMD SEV-SNP with Sub-$1,000 DDR5 Memory Bus Attack
In a study titled “TEE.fail: Breaking Trusted Execution Environments via DDR5 Memory Bus Interposition,” researchers from Georgia Tech and Purdue University have demonstrated that even the latest Inte ...
-
Daily CyberSecurity
Researcher Details Windows Cloud Files Mini Filter Driver Elevation of Privilege Flaw (CVE-2025-55680)
Researchers from Exodus Intelligence, led by Michele Campa, have disclosed a privilege-escalation vulnerability in Microsoft’s Cloud Files Minifilter driver (cldflt.sys) that affects all versions of W ...
-
BleepingComputer
WordPress security plugin exposes private data to site subscribers
The Anti-Malware Security and Brute-Force Firewall plugin for WordPress, installed on over 100,000 sites, has a vulnerability that allows subscribers to read any file on the server, potentially exposi ...
-
hackread.com
Hackers Hijack Corporate XWiki Servers for Crypto Mining
A critical security flaw is being actively exploited by cybercriminals to compromise corporate XWiki servers for cryptomining. This is an urgent threat targeting unpatched installations of the open-so ...
-
CybersecurityNews
WordPress Plugin Vulnerability Exposes 7 Million Sites to XSS Attack
A critical cross-site scripting (XSS) vulnerability has been discovered in the popular LiteSpeed Cache plugin for WordPress, affecting millions of websites worldwide. The vulnerability, tracked as CVE ...