CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
CISA Releases Emergency Advisory Urges Feds to Patch Exchange Server Vulnerability by Monday
CISA has issued an emergency advisory directing all Federal Civilian Executive Branch agencies to mitigate a newly disclosed Microsoft Exchange urgently hybrid-joined vulnerability, tracked as CVE-202 ... Read more
-
Daily CyberSecurity
Android Studio Narwhal Arrives: AI Agent Mode, XR Tools, and K2 Kotlin Now in Stable Release
Google has officially released the stable version of Android Studio Narwhal Feature Drop, a development platform whose core updates center on AI collaboration and extended/virtual reality (XR) develop ... Read more
-
Daily CyberSecurity
RubyGems Under Attack: 60 Malicious Packages Found Stealing Credentials from Grey-Hat Marketers
Socket’s Threat Research Team has revealed a long-running supply chain attack in the RubyGems ecosystem, where a single threat actor—operating under aliases including zon, nowon, kwonsoonje, and soonj ... Read more
-
Daily CyberSecurity
Critical JWE Ruby Flaw (CVE-2025-54887) Bypasses AES-GCM Authentication, Exposing Encrypted Data
A severe security vulnerability has been uncovered in the Ruby implementation of JSON Web Encryption (JWE), tracked as CVE-2025-54887, carrying a CVSS score of 9.1. The flaw stems from missing authent ... Read more
-
BleepingComputer
CISA orders fed agencies to patch new Exchange flaw by Monday
CISA has issued an emergency directive ordering all Federal Civilian Executive Branch (FCEB) agencies to mitigate a critical Microsoft Exchange hybrid vulnerability tracked as CVE-2025-53786 by Monday ... Read more
-
The Hacker News
SocGholish Malware Spread via Ad Tools; Delivers Access to LockBit, Evil Corp, and Others
Aug 07, 2025Ravie LakshmananMalware / Threat Intelligence The threat actors behind the SocGholish malware have been observed leveraging Traffic Distribution Systems (TDSs) like Parrot TDS and Keitar ... Read more
-
The Register
Microsoft, CISA warn yet another Exchange server bug can lead to 'total domain compromise'
Microsoft and the feds late Wednesday sounded the alarm on another high-severity bug in Exchange Server hybrid deployments that could allow attackers to escalate privileges from on-premises Exchange t ... Read more
-
CybersecurityNews
SonicWall Confirms No New SSLVPN 0-Day – Ransomware Attack Linked to Old Vulnerability
Cybersecurity firm SonicWall has officially addressed recent concerns about a potential new zero-day vulnerability in its Secure Sockets Layer Virtual Private Network (SSLVPN) products. In a statement ... Read more
-
TheCyberThrone
CVE-2025-53786 affects Microsoft Exchange
August 7, 2025CVE-2025-53786 is a high-severity elevation of privilege vulnerability found in Microsoft Exchange Server hybrid deployments. The flaw allows an attacker with administrative access to an ... Read more
-
BleepingComputer
SonicWall finds no SSLVPN zero-day, links ransomware attacks to 2024 flaw
SonicWall says that recent Akira ransomware attacks exploiting Gen 7 firewalls with SSLVPN enabled are exploiting an older vulnerability rather than a zero-day flaw. The company says that the attacker ... Read more