CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Critical .NET Flaw (CVE-2025-55315) in QNAP: NAS Backup Utility Vulnerable to Credential Theft
Earlier, Microsoft released a security update to address a critical vulnerability in ASP.NET, identified as CVE-2025-55315 with a CVSS score of 9.8. At the time, the .NET team noted that the actual se ...
-
Daily CyberSecurity
Microsoft Teams Will Auto-Track Office Location via Wi-Fi
Microsoft’s collaborative workspace platform Microsoft Teams, widely used by enterprises and professional teams, is set to receive a notable new feature this December, according to the latest roadmap ...
-
Daily CyberSecurity
Values Over Cash: Python Foundation Rejects $1.5M US Grant Over Anti-DEI Clause
In January 2025, the Python Software Foundation (PSF) submitted a proposal to the U.S. National Science Foundation (NSF) under the Open Source Ecosystem Security, Safety, and Privacy initiative, aimin ...
-
Daily CyberSecurity
Kaspersky Exposes Chrome Zero-Day RCE (CVE-2025-2783) Delivering Memento Labs Spyware in ForumTroll Campaign
Researchers at Kaspersky uncovered a sophisticated espionage campaign exploiting a zero-day vulnerability in Google Chrome and delivering commercial spyware linked to the Italian company Memento Labs ...
-
Daily CyberSecurity
High-Severity OpenVPN Flaw (CVE-2025-10680) Allows Script Injection on Linux/macOS via Malicious DNS Server
Security researchers have disclosed a high-severity vulnerability, tracked as CVE-2025-10680 (CVSS 8.8), affecting OpenVPN 2.7_alpha1 through 2.7_beta1 releases. The flaw exposes Unix-like systems to ...
-
CybersecurityNews
Apache Tomcat Security Vulnerabilities Expose Servers to Remote Code Execution Attacks
The Apache Software Foundation has highlighted critical flaws in Apache Tomcat, a widely used open-source Java servlet container that powers numerous web applications. On October 27, 2025, Apache disc ...
-
Daily CyberSecurity
SideWinder APT Shifts to PDF/ClickOnce Chain to Target South Asian Diplomacy with StealerBot
Trellix Advanced Research Center (ARC) has exposed a sophisticated espionage campaign conducted by the SideWinder APT group, targeting multiple South Asian diplomatic entities — including embassies an ...
-
CrowdStrike.com
October 2025 Patch Tuesday: Two Publicly Disclosed, Three Zero-Days, and Eight Critical Vulnerabilities Among 172 CVEs
Microsoft has addressed 172 vulnerabilities in its October 2025 security update release, marking the highest number of vulnerabilities patched in a single month this year. This month's patches address ...
-
Daily CyberSecurity
Apache Tomcat Patches URL Rewrite Bypass (CVE-2025-55752) Risking RCE and Console ANSI Injection
The Apache Software Foundation has released multiple security patches for Apache Tomcat, addressing three newly disclosed vulnerabilities — CVE-2025-55752, CVE-2025-55754, and CVE-2025-61795 — affecti ...
-
The Register
WSUS attacks hit 'multiple' orgs as Google and other infosec sleuths ring Redmond’s alarm bell
More threat intel teams are sounding the alarm about a critical Windows Server Update Services (WSUS) remote code execution vulnerability, tracked as CVE-2025-59287 and now under active exploitation, ...