CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Huntress
Exploitation of Windows Server Update Services Remote Code Execution Vulnerability (CVE-2025-59287)
Acknowledgments: Special thanks to Luke Wilkinson, Joshua Kiriakoff, and Jordan Sexton for their contributions to this investigation and writeup.TL;DR: Huntress has observed threat actors exploiting a ...
-
Daily CyberSecurity
Warlock Ransomware Hits US Firms Exploiting SharePoint Zero-Day, Linked to China’s CamoFei APT
Researchers from Symantec and Carbon Black have published a detailed analysis of Warlock ransomware, a newly emerging threat that made its debut in June 2025 and rapidly gained notoriety after being d ...
-
Daily CyberSecurity
PhantomCaptcha Spyware Targets Ukraine NGOs with Fake Cloudflare Lure to Deploy WebSocket RAT
Researchers from SentinelLABS, in collaboration with the Digital Security Lab of Ukraine, have exposed a coordinated spearphishing campaign aimed at humanitarian organizations and regional government ...
-
hackread.com
Medusa Ransomware Leaks 834 GB of Comcast Data After $1.2M Demand
The Medusa ransomware group has leaked 186.36 GB of compressed data it claimed to have stolen from Comcast Corporation, a global media and technology company. According to Hackread.com’s earlier repor ...
-
The Register
Norks droning on about your dream job while pwning your PC
North Korea's Lazarus Group has successfully compromised Europe's unmanned aerial vehicle (UAV) sector with its Operation DreamJob campaign, which promises job seekers lucrative employment opportuniti ...
-
BleepingComputer
CISA warns of Lanscope Endpoint Manager flaw exploited in attacks
The Cybersecurity & Infrastructure Security Agency (CISA) is warning that hackers are exploiting a critical vulnerability in the Motex Landscope Endpoint Manager. The flaw is tracked as CVE-2025-61932 ...
-
The Register
Microsoft suggests temporary registry hack for stricken smart card users
Microsoft accidentally broke several things in the October 2025 Windows Update, but smart card authentication was not one of them. That was intentionally broken, and the temporary workaround requires ...
-
Help Net Security
Lanscope Endpoint Manager vulnerability exploited in zero-day attacks (CVE-2025-61932)
CVE-2025-61932, an “improper verification of source of a communication channel” vulnerability affecting Lanscope Endpoint Manager, has been exploited as a zero-day since April 2025, the Japan Computer ...
-
cybereason.com
Cybereason TTP Briefing Q3 2025: LOLBINs and CVE Exploits Dominate
Explore the latest trends, techniques, and procedures (TTPs) our incident response (IR) experts are actively facing with the TTP Briefing Q3 2025, a report built on frontline threat intelligence from ...
-
CybersecurityNews
Hackers Exploiting Adobe Magento RCE Vulnerability Exploited in the Wild – 3 in 5 Stores Vulnerable
Hackers have begun actively targeting a critical remote code execution flaw in Adobe’s Magento e-commerce platform, putting thousands of online stores at immediate risk just six weeks after Adobe issu ...