CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Apache Kylin Flaw: Authentication Bypass and SSRF Vulnerabilities Found in Big Data Platform
The Apache Software Foundation has published a new security advisory disclosing three vulnerabilities in Apache Kylin, a high-concurrency OLAP engine widely used for big data analytics. The vulnerabil ... Read more
-
Daily CyberSecurity
Backdoor Disguised as SOCKS5 Proxy: Malicious PyPI Package SoopSocks Grants Root Access
The security of the open-source software supply chain was once again tested when JFrog’s security research team uncovered a malicious package on PyPI. The package, named SoopSocks (XRAY-725599), masqu ... Read more
-
Daily CyberSecurity
CVE-2025-7493: Critical Flaw in FreeIPA Allows Host Users to Escalate to Domain Administrator
The FreeIPA Team has released a security advisory addressing a critical privilege escalation vulnerability (CVE-2025-7493) that could allow attackers to escalate privileges from a host-level account t ... Read more
-
TheCyberThrone
CVE-2025-41244: VMware Privilege Escalation in the Wild
October 1, 2025IntroductionOn September 29, 2025, security researchers and IT administrators across the globe were alerted to a potentially game-changing zero-day—CVE-2025-41244. This vulnerability st ... Read more
-
Daily CyberSecurity
OpenSSL Patches Three Flaws: Timing Side-Channel RCE Risk and Memory Corruption Affect All Versions
The OpenSSL Project has released a new security advisory addressing three vulnerabilities affecting multiple versions of the widely used cryptographic library. The issues range from denial-of-service ... Read more
-
Daily CyberSecurity
Hackers Hijack Industrial Cellular Routers to Launch Widespread Smishing Campaigns Across Europe
A new report from Sekoia.io’s Threat Detection & Research (TDR) team reveals how attackers are weaponizing industrial cellular routers to launch widespread smishing campaigns across Europe, with Belgi ... Read more
-
CybersecurityNews
CISA Warns of Libraesva ESG Command Injection Vulnerability Actively Exploited in Attacks
In late September 2025, the Cybersecurity and Infrastructure Security Agency (CISA) issued a public alert regarding the active exploitation of a critical command injection vulnerability tracked as CVE ... Read more
-
The Cyber Express
New VMware Vulnerability CVE-2025-41244 Actively Exploited Since October 2024
A newly listed VMware zero-day vulnerability has been actively exploited by Chinese state-sponsored threat actors for almost a year, according to security researchers. The vulnerability, CVE-2025-4124 ... Read more
-
The Hacker News
$50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections
A group of academics from KU Leuven and the University of Birmingham has demonstrated a new vulnerability called Battering RAM to bypass the latest defenses on Intel and AMD cloud processors. "We buil ... Read more
-
CybersecurityNews
APT35 Hackers Attacking Government, Military Organizations to Steal Login Credentials
In recent months, a surge in targeted intrusions attributed to the Iranian-aligned threat group APT35 has set off alarm bells across government and military networks worldwide. First detected in early ... Read more