CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
seclists.org
APPLE-SA-12-12-2025-3 macOS Tahoe 26.2
Full Disclosure mailing list archives From: Apple Product Security via Fulldisclosure <fulldisclosure () seclists org> Date: Fri, 12 Dec 2025 14:56:07 -0700 -----BEGIN PGP SIGNED MESSAGE----- Hash: SH ...
-
seclists.org
APPLE-SA-12-12-2025-2 iOS 18.7.3 and iPadOS 18.7.3
Full Disclosure mailing list archives From: Apple Product Security via Fulldisclosure <fulldisclosure () seclists org> Date: Fri, 12 Dec 2025 14:55:33 -0700 -----BEGIN PGP SIGNED MESSAGE----- Hash: SH ...
-
seclists.org
APPLE-SA-12-12-2025-1 iOS 26.2 and iPadOS 26.2
Full Disclosure mailing list archives From: Apple Product Security via Fulldisclosure <fulldisclosure () seclists org> Date: Fri, 12 Dec 2025 14:54:58 -0700 -----BEGIN PGP SIGNED MESSAGE----- Hash: SH ...
-
Daily CyberSecurity
Critical OpenShift GitOps Flaw Risks Cluster Takeover (CVE-2025-13888) via Privilege Escalation to Root
A critical vulnerability has been uncovered in Red Hat OpenShift GitOps, exposing Kubernetes clusters to a complete takeover by users with limited privileges. Tracked as CVE-2025-13888 with a severity ...
-
Daily CyberSecurity
Critical ScreenConnect Flaw (CVE-2025-14265) Risks Config Exposure & Untrusted Extension Installation
ConnectWise has issued an important security update for its widely used remote support software, ScreenConnect, addressing a critical vulnerability that could expose sensitive configuration data. The ...
-
Daily CyberSecurity
Enterprise Alert: Windows 10 Update KB5071546 Breaks MSMQ Service with Insufficient Permissions
Microsoft has recently published documentation confirming that installing the extended security update KB5071546 on Windows 10 can cause failures in Microsoft Message Queuing (MSMQ). MSMQ is a service ...
-
Daily CyberSecurity
Critical FortiGate SSO Flaw Under Active Exploitation: Attackers Bypass Auth and Exfiltrate Configs
A critical security crisis is unfolding for Fortinet administrators this week. Just days after the vendor disclosed two high-severity vulnerabilities, threat actors have begun actively exploiting them ...
-
Daily CyberSecurity
5-Year Threat: Malicious NuGet Package Used Homoglyphs and Typosquatting to Steal Crypto Wallets
Image: Socket A malicious NuGet package masquerading as a popular .NET logging tool has been caught stealing cryptocurrency wallet data for over five years. The package, Tracer.Fody.NLog, successfully ...
-
Daily CyberSecurity
macOS LPE Flaw Resurfaces: .localized Directory Exploited to Hijack Installers and Gain Root Access
A stubborn vulnerability in macOS third-party installers has resurfaced, allowing attackers to hijack privileged processes and gain root access to a system. Discovered by security researcher Csaba Fit ...
-
Daily CyberSecurity
BlackForce PhaaS Weaponizes React and Stateful Sessions to Bypass MFA & Steal Credentials
A sophisticated new player has entered the Phishing-as-a-Service (PhaaS) market, offering cybercriminals a powerful toolset designed to bypass modern security controls with alarming ease. Dubbed Black ...