CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
security.nl
Microsoft komt met noodpatch voor kritiek lek in Windows Server
Microsoft heeft een noodpatch uitgebracht om een kritieke kwetsbaarheid in Windows Server "volledig" te patchen. Proof-of-concept exploitcode is inmiddels op internet beschikbaar en Microsoft verwacht ...
-
The Cyber Express
SessionReaper Exploits Erupt as Magento Sites Lag on Patching
Six weeks after Adobe shipped an emergency fix, attackers have begun weaponizing SessionReaper — and most Magento stores still stand exposed. Security firm Sansec’s forensics team said it blocked hund ...
-
CybersecurityNews
Microsoft Releases Emergency Patch For Windows Server Update Service RCE Vulnerability
Microsoft has rolled out an out-of-band emergency patch for a remote code execution (RCE) vulnerability affecting the Windows Server Update Services (WSUS). Identified as CVE-2025-59287, the issue ste ...
-
BleepingComputer
Windows Server emergency patches fix WSUS bug with PoC exploit
Microsoft has released out-of-band (OOB) security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with publicly available proof-of-concept exploit code. WSUS is ...
-
security.nl
WordPress-sites aangevallen via kritiek beveiligingslek in plug-ins
WordPress-sites zijn het doelwit van een aanval waarbij misbruik wordt gemaakt van kritieke kwetsbaarheden in twee plug-ins genaamd GutenKit en Hunk Companion. Via de beveiligingslekken kan een ongeau ...
-
cert.pl
Vulnerability in Request Tracker software
Vulnerability in Request Tracker software CVE ID CVE-2025-9158 Publication date 24 October 2025 Vendor Best Practical Product Request Tracker Vulnerable versions From 5.0.4 through 5.0.8 and from 6.0. ...
-
CybersecurityNews
Bitter APT Hackers Exploit WinRAR Zero-Day Via Weaponized Word Documents to Steal Sensitive Data
The Bitter APT group, also tracked as APT-Q-37 and known in China as 蔓灵花, has launched a sophisticated cyberespionage campaign targeting government agencies, military installations, and critical infra ...
-
Huntress
Exploitation of Windows Server Update Services Remote Code Execution Vulnerability (CVE-2025-59287)
Acknowledgments: Special thanks to Luke Wilkinson, Joshua Kiriakoff, and Jordan Sexton for their contributions to this investigation and writeup.TL;DR: Huntress has observed threat actors exploiting a ...
-
Daily CyberSecurity
Warlock Ransomware Hits US Firms Exploiting SharePoint Zero-Day, Linked to China’s CamoFei APT
Researchers from Symantec and Carbon Black have published a detailed analysis of Warlock ransomware, a newly emerging threat that made its debut in June 2025 and rapidly gained notoriety after being d ...
-
Daily CyberSecurity
PhantomCaptcha Spyware Targets Ukraine NGOs with Fake Cloudflare Lure to Deploy WebSocket RAT
Researchers from SentinelLABS, in collaboration with the Digital Security Lab of Ukraine, have exposed a coordinated spearphishing campaign aimed at humanitarian organizations and regional government ...