CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CrowdStrike.com
CrowdStrike Falcon Prevents Supply Chain Attack Involving Compromised NPM Packages
Recently, five popular NPM (Node Package Manager) packages were compromised and modified to deliver a malicious DLL, dubbed “Scavenger”. The malware pushed via these compromised NPM packages executes ... Read more
-
security.nl
Duizenden SonicWall-appliances missen update voor buffer overflows
Duizenden appliances van SonicWall, waarvan zo'n honderd in Nederland, missen een beveiligingsupdate voor verschillende kwetsbaarheden die tot buffer overflows kunnen leiden en het mogelijk voor ongea ... Read more
-
CrowdStrike.com
CrowdStrike Falcon Prevents Supply Chain Attack Involving Compromised NPM Packages
Recently, five popular NPM (Node Package Manager) packages were compromised and modified to deliver a malicious DLL, dubbed “Scavenger”. The malware pushed via these compromised NPM packages executes ... Read more
-
security.nl
Amerikaanse overheid opgedragen Exchange-lek voor maandag te patchen
Het Amerikaanse cyberagentschap CISA heeft Amerikaanse overheidsinstanties opgedragen een nieuwe kwetsbaarheid in Exchange Server voor maandagochtend 9.00 uur te patchen. Volgens het CISA vormt het be ... Read more
-
Help Net Security
August 2025 Patch Tuesday forecast: Try, try, again
July turned into a surprisingly busy month. It started slowly with a fairly ‘calm’ Patch Tuesday as I forecasted in my last blog. Although there were 130 new CVEs addressed across all the Microsoft re ... Read more
-
CybersecurityNews
CISA Releases Emergency Advisory Urges Feds to Patch Exchange Server Vulnerability by Monday
CISA has issued an emergency advisory directing all Federal Civilian Executive Branch agencies to mitigate a newly disclosed Microsoft Exchange urgently hybrid-joined vulnerability, tracked as CVE-202 ... Read more
-
Daily CyberSecurity
Android Studio Narwhal Arrives: AI Agent Mode, XR Tools, and K2 Kotlin Now in Stable Release
Google has officially released the stable version of Android Studio Narwhal Feature Drop, a development platform whose core updates center on AI collaboration and extended/virtual reality (XR) develop ... Read more
-
Daily CyberSecurity
RubyGems Under Attack: 60 Malicious Packages Found Stealing Credentials from Grey-Hat Marketers
Socket’s Threat Research Team has revealed a long-running supply chain attack in the RubyGems ecosystem, where a single threat actor—operating under aliases including zon, nowon, kwonsoonje, and soonj ... Read more
-
Daily CyberSecurity
Critical JWE Ruby Flaw (CVE-2025-54887) Bypasses AES-GCM Authentication, Exposing Encrypted Data
A severe security vulnerability has been uncovered in the Ruby implementation of JSON Web Encryption (JWE), tracked as CVE-2025-54887, carrying a CVSS score of 9.1. The flaw stems from missing authent ... Read more
-
BleepingComputer
CISA orders fed agencies to patch new Exchange flaw by Monday
CISA has issued an emergency directive ordering all Federal Civilian Executive Branch (FCEB) agencies to mitigate a critical Microsoft Exchange hybrid vulnerability tracked as CVE-2025-53786 by Monday ... Read more