CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
cert.pl
Vulnerability in Flexibits Fantastical software
Vulnerability in Flexibits Fantastical software CVE ID CVE-2025-8533 Publication date 07 August 2025 Vendor Flexibits Product Fantastical Vulnerable versions All before 4.0.16 Vulnerability type (CWE) ... Read more
-
The Hacker News
Microsoft Discloses Exchange Server Flaw Enabling Silent Cloud Access in Hybrid Setups
Aug 07, 2025Ravie LakshmananVulnerability / Threat Detection Microsoft has released an advisory for a high-severity security flaw affecting on-premise versions of Exchange Server that could allow an ... Read more
-
The Hacker News
6,500 Axis Servers Expose Remoting Protocol, 4,000 in U.S. Vulnerable to Exploits
Aug 07, 2025Ravie LakshmananVulnerability / Threat Intelligence Cybersecurity researchers have disclosed multiple security flaws in video surveillance products from Axis Communications that, if succ ... Read more
-
The Hacker News
SonicWall Confirms Patched Vulnerability Behind Recent VPN Attacks, Not a Zero-Day
Aug 07, 2025Ravie LakshmananNetwork Security / Vulnerability SonicWall has revealed that the recent spike in activity targeting its Gen 7 and newer firewalls with SSL VPN enabled is related to an ol ... Read more
-
security.nl
VS deelt informatie over malware aangetroffen bij SharePoint-aanvallen
Het Amerikaanse cyberagentschap CISA heeft informatie gedeeld over malware die bij recente aanvallen tegen Microsoft SharePoint-servers is aangetroffen. Met de informatie kunnen organisaties kijken of ... Read more
-
CrowdStrike.com
CrowdStrike Falcon Prevents Supply Chain Attack Involving Compromised NPM Packages
Recently, five popular NPM (Node Package Manager) packages were compromised and modified to deliver a malicious DLL, dubbed “Scavenger”. The malware pushed via these compromised NPM packages executes ... Read more
-
CybersecurityNews
HashiCorp Vault 0-Day Vulnerabilities Let Attackers Execute Remote Code
Security researchers uncovered a series of critical zero-day vulnerabilities in HashiCorp Vault in early August 2025, the widely adopted secrets management solution. These flaws, spanning authenticati ... Read more
-
security.nl
SonicWall: recente SSLVPN-aanvallen zeer waarschijnlijk geen zeroday
Bij recente aanvallen op SonicWall-firewalls is zeer waarschijnlijk geen gebruikgemaakt van een zerodaylek, zo laat SonicWall zelf weten. Het securitybedrijf denkt dat de aanvallen samenhangen met een ... Read more
-
BleepingComputer
Microsoft warns of high-severity flaw in hybrid Exchange deployments
Microsoft has warned customers to mitigate a high-severity vulnerability in Exchange Server hybrid deployments that could allow attackers to escalate privileges in Exchange Online cloud environments u ... Read more
-
The Cyber Express
Microsoft to Pull Plug on Shared EWS Access in Hybrid Exchange by October
Organizations using Exchange hybrid deployments should prepare for new changes taking effect over the next few months. Microsoft has announced that beginning in August 2025, it will temporarily block ... Read more