CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
cert.pl
Vulnerability in NetBird VPN software
Vulnerability in NetBird VPN software CVE ID CVE-2025-10678 Publication date 20 October 2025 Vendor NetBird VPN Product NetBird Vulnerable versions All before 0.57.0 Vulnerability type (CWE) Use of De ...
-
The Register
A simple AI prompt saved a developer from this job interview scam
INFOSEC IN BRIEF Engineer David Dodda says he was just "30 seconds away" from running malware on his own computer after nearly falling victim to a North Korea-type job interview scam with a "legitimat ...
-
CybersecurityNews
PoC Exploit Released for Windows Server Update Services Remote Code Execution Vulnerability
A proof-of-concept (PoC) exploit has been released for a critical vulnerability in Microsoft’s Windows Server Update Services (WSUS), enabling unauthenticated attackers to execute remote code with SYS ...
-
Daily CyberSecurity
Critical Squid Proxy Flaw (CVE-2025-62168, CVSS 10.0) Leaks HTTP Credentials and Security Tokens via Error Handling
The developers of Squid, the widely used open-source caching proxy for web traffic acceleration, have disclosed and patched a critical information disclosure vulnerability tracked as CVE-2025-62168 (C ...
-
Daily CyberSecurity
GlassWorm Supply Chain Worm Uses Invisible Unicode and Solana Blockchain for Stealth C2
Cybersecurity researchers at Koi Security have discovered the world’s first self-propagating malware targeting VS Code extensions on the OpenVSX Marketplace. Dubbed GlassWorm, the threat marks a histo ...
-
Daily CyberSecurity
Critical Moxa Flaw (CVE-2025-6950, CVSS 9.9) Allows Unauthenticated Admin Takeover via Hard-Coded JWT Secret
Moxa, a leading manufacturer of industrial networking and security appliances, has released an urgent security advisory addressing five critical vulnerabilities affecting multiple product series, incl ...
-
Daily CyberSecurity
Critical Keras 3 RCE Flaw (CVE-2025-49655, CVSS 9.8) Allows Code Execution on Model Load
Researchers at HiddenLayer have disclosed a critical arbitrary code execution vulnerability in the Keras 3 deep learning framework (CVE-2025-49655, CVSS 9.8), which affects the Torch backend of Keras ...
-
CybersecurityNews
PoC Exploit Released for Linux-PAM Vulnerability Allowing Root Privilege Escalation
A high-severity vulnerability in the Pluggable Authentication Modules (PAM) framework was assigned the identifier CVE-2025-8941. This vulnerability stems from the heart of Linux operating systems, ena ...
-
CybersecurityNews
WatchGuard VPN Vulnerability Let Remote Attacker Execute Arbitrary Code
WatchGuard has disclosed a critical out-of-bounds write vulnerability in its Fireware OS, enabling remote unauthenticated attackers to execute arbitrary code via IKEv2 VPN connections. Designated CVE- ...
-
Help Net Security
Week in review: F5 data breach, Microsoft patches three actively exploited zero-days
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Building a healthcare cybersecurity strategy that works In this Help Net Security interview, Wayman Cu ...