CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
48+ Cisco Firewalls Vulnerable to Actively Exploited 0-Day Vulnerability in the Wild
A critical zero-day vulnerability affecting thousands of Cisco firewalls is being actively exploited by threat actors in the wild. The vulnerability, tracked as CVE-2025-20333, poses an immediate risk ... Read more
-
CybersecurityNews
OpenSSL Vulnerabilities Let Attackers Execute Malicious Code and Recover Private Key Remotely
The OpenSSL Project has released a critical security advisory, addressing three significant vulnerabilities that could allow attackers to execute remote code and potentially recover private cryptograp ... Read more
-
Daily CyberSecurity
CVE-2025-10725 (CVSS 9.9): Red Hat OpenShift AI Privilege Escalation Flaw Could Lead to Full Cluster Compromise
The Red Hat Security team has disclosed a serious vulnerability in Red Hat OpenShift AI, a platform designed to build, deploy, and manage machine learning (ML) models across hybrid cloud environments. ... Read more
-
Daily CyberSecurity
NVIDIA Patches Multi Flaws in Delegated License Service, Allows Unauthenticated Access and DoS
NVIDIA has issued a security bulletin addressing multiple vulnerabilities across the NVIDIA App for Windows and the Delegated License Service (DLS) component of the NVIDIA License System. The flaws ra ... Read more
-
Daily CyberSecurity
Apache Kylin Flaw: Authentication Bypass and SSRF Vulnerabilities Found in Big Data Platform
The Apache Software Foundation has published a new security advisory disclosing three vulnerabilities in Apache Kylin, a high-concurrency OLAP engine widely used for big data analytics. The vulnerabil ... Read more
-
Daily CyberSecurity
Backdoor Disguised as SOCKS5 Proxy: Malicious PyPI Package SoopSocks Grants Root Access
The security of the open-source software supply chain was once again tested when JFrog’s security research team uncovered a malicious package on PyPI. The package, named SoopSocks (XRAY-725599), masqu ... Read more
-
Daily CyberSecurity
CVE-2025-7493: Critical Flaw in FreeIPA Allows Host Users to Escalate to Domain Administrator
The FreeIPA Team has released a security advisory addressing a critical privilege escalation vulnerability (CVE-2025-7493) that could allow attackers to escalate privileges from a host-level account t ... Read more
-
TheCyberThrone
CVE-2025-41244: VMware Privilege Escalation in the Wild
October 1, 2025IntroductionOn September 29, 2025, security researchers and IT administrators across the globe were alerted to a potentially game-changing zero-day—CVE-2025-41244. This vulnerability st ... Read more
-
Daily CyberSecurity
OpenSSL Patches Three Flaws: Timing Side-Channel RCE Risk and Memory Corruption Affect All Versions
The OpenSSL Project has released a new security advisory addressing three vulnerabilities affecting multiple versions of the widely used cryptographic library. The issues range from denial-of-service ... Read more
-
Daily CyberSecurity
Hackers Hijack Industrial Cellular Routers to Launch Widespread Smishing Campaigns Across Europe
A new report from Sekoia.io’s Threat Detection & Research (TDR) team reveals how attackers are weaponizing industrial cellular routers to launch widespread smishing campaigns across Europe, with Belgi ... Read more