CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
ReVault flaws let hackers bypass Windows login on Dell laptops
ControlVault3 firmware vulnerabilities impacting over 100 Dell laptop models can allow attackers to bypass Windows login and install malware that persists across system reinstalls. Dell ControlVault i ... Read more
-
CrowdStrike.com
Preventing Container Escape Attempts with Falcon Cloud Security's Enhanced Runtime Capabilities
Container escape represents one of the most significant security threats in modern cloud computing environments. This allows attackers to break free from container isolation mechanisms, potentially le ... Read more
-
CrowdStrike.com
CrowdStrike Falcon Prevents Supply Chain Attack Involving Compromised NPM Packages
Recently, five popular NPM (Node Package Manager) packages were compromised and modified to deliver a malicious DLL, dubbed “Scavenger”. The malware pushed via these compromised NPM packages executes ... Read more
-
Help Net Security
Trend Micro Apex One flaws exploted in the wild (CVE-2025-54948, CVE-2025-54987)
Unauthenticated command injection vulnerabilities (CVE-2025-54948, CVE-2025-54987) affecting the on-premise version of Trend Micro’s Apex One endpoint security platform are being probed by attackers, ... Read more
-
security.nl
Aanvallers gebruiken ThrottleStop-driver voor uitschakelen antivirussoftware
Aanvallers maken gebruik van een kwetsbaarheid in een driver van TechPowerUp ThrottleStop om antivirussoftware op systemen uit te schakelen en uiteindelijk ransomware uit te rollen. Dat laat antivirus ... Read more
-
CybersecurityNews
Chinese Hackers Exploit SharePoint Vulnerabilities to Deploy Toolsets Includes Backdoor, Ransomware and Loaders
A sophisticated Chinese threat actor has been exploiting critical vulnerabilities in Microsoft SharePoint to deploy an advanced malware toolset dubbed “Project AK47,” according to new research publish ... Read more
-
CybersecurityNews
Adobe AEM Forms 0-Day Vulnerability Let Attackers Execute Arbitrary Code
Adobe has released an urgent security update for Adobe Experience Manager Forms on Java Enterprise Edition (JEE) to address two critical zero-day vulnerabilities that could allow attackers to execute ... Read more
-
BleepingComputer
Trend Micro warns of Apex One zero-day exploited in attacks
Trend Micro has warned customers to immediately secure their systems against an actively exploited remote code execution vulnerability in its Apex One endpoint security platform. Apex One is an endpoi ... Read more
-
Kaspersky
Driver of destruction: How a legitimate driver is being used to take down AV processes
Introduction In a recent incident response case in Brazil, we spotted intriguing new antivirus (AV) killer software that has been circulating in the wild since at least October 2024. This malicious ar ... Read more
-
security.nl
Trend Micro waarschuwt voor actief misbruik van Apex One-lek
Antivirusbedrijf Trend Micro waarschuwt klanten voor actief misbruik van een kritieke kwetsbaarheid in endpoint security platform Apex One en heeft een tijdelijke oplossing uitgebracht om organisaties ... Read more