CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
XWiki RCE Vulnerability Actively Exploted In Wild To Deliver Coinminer
A critical remote code execution (RCE) flaw in XWiki, a popular open-source wiki platform, was exploited in the wild to deploy cryptocurrency mining malware on compromised servers. The vulnerability, ...
-
Help Net Security
Italian-made spyware Dante linked to Chrome zero-day exploitation campaign
CVE-2025-2783, a Chrome zero-day vulnerability that was detected being exploited in March 2025 and was subsequently fixed by Google, was used by unknown attackers to deliver LeetAgent, suspected comme ...
-
CybersecurityNews
Open-Source Firewall IPFire 2.29 With New Reporting For Intrusion Prevention System
IPFire 2.29 Core Update 198 marks a significant advancement for users of this open-source firewall, introducing enhanced Intrusion Prevention System (IPS) capabilities powered by Suricata 8.0.1. This ...
-
CybersecurityNews
Critical .NET Vulnerability Lets Attacker Bypass Security in QNAP Backup Software
Microsoft has unveiled a critical vulnerability in ASP.NET Core that could enable attackers to sidestep essential security measures. Disclosed on October 24, 2025, under CVE-2025-55315, this flaw stem ...
-
The Cyber Express
Critical Flaw CVE-2025-55315 Exposes QNAP NetBak PC Agent to Security Bypass Attacks
A critical vulnerability, tracked as CVE-2025-55315, has been identified in QNAP’s NetBak PC Agent, stemming from a flaw within Microsoft’s ASP.NET Core framework. The issue allows attackers to exploi ...
-
cert.pl
Vulnerability in Asseco Poland mMedica software
Vulnerability in Asseco Poland mMedica software CVE ID CVE-2025-9313 Publication date 28 October 2025 Vendor Asseco Poland S.A. Product mMedica Vulnerable versions All before 11.9.5 Vulnerability type ...
-
hackread.com
Mass Attack Targets WordPress via GutenKit and Hunk Companion Plugins
Mass exploitation attacks are once again targeting WordPress websites, this time through serious vulnerabilities in two popular plugins, GutenKit and Hunk Companion. Cybersecurity researchers say the ...
-
The Hacker News
Chrome Zero-Day Exploited to Deliver Italian Memento Labs' LeetAgent Spyware
The zero-day exploitation of a now-patched security flaw in Google Chrome led to the distribution of an espionage-related tool from Italian information technology and services provider Memento Labs, a ...
-
CybersecurityNews
CISA Warns Of Critical Veeder-Root Vulnerabilities Let Attackers Execute System-level Commands
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a stark advisory highlighting two severe vulnerabilities in Veeder-Root’s TLS4B Automatic Tank Gauge System, a critical tool ...
-
CybersecurityNews
OpenVPN Vulnerability Exposes Linux, macOS Systems to Script Injection Attacks
A new vulnerability in early versions of OpenVPN has been disclosed, potentially allowing malicious servers to execute arbitrary commands on client machines. The flaw affects OpenVPN releases from 2.7 ...