CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Apache Airflow Vulnerability Exposes Sensitive Details to Read-Only Users
A critical security flaw has emerged in Apache Airflow 3.0.3, exposing sensitive connection information to users with only read permissions. The vulnerability, tracked as CVE-2025-54831 and classified ... Read more
-
CybersecurityNews
New Botnet Loader-as-a-Service Exploiting Routers and IoT Devices to Deploy Mirai Payloads
A sophisticated botnet operation has emerged, employing a Loader-as-a-Service model to systematically weaponize internet-connected devices across the globe. The campaign exploits SOHO routers, IoT dev ... Read more
-
Daily CyberSecurity
CVE-2025-59934: Critical Flaw in Formbricks Allows Unauthorized Password Resets via Forged JWT Tokens
The Formbricks project, an open-source platform for building in-app and website surveys, has released an urgent patch addressing a critical authentication vulnerability. Tracked as CVE-2025-59934 with ... Read more
-
CybersecurityNews
Threat Actors Exploiting SonicWall Firewalls to Deploy Akira Ransomware Using Malicious Logins
A new wave of cyberattacks targeting organizations using SonicWall firewalls has been actively deploying Akira ransomware since late July 2025. Security researchers at Arctic Wolf Labs detected a surg ... Read more
-
Daily CyberSecurity
ChatGPT Pulse Arrives: The Proactive AI Assistant That Reshapes Your Morning Routine
OpenAI has introduced a new feature within ChatGPT called “ChatGPT Pulse”, a service designed to deliver personalized daily summaries, allowing users to quickly grasp essential information at the very ... Read more
-
Help Net Security
Attackers exploited critical Fortra GoAnywhere flaw in zero-day attacks (CVE-2025-10035)
CVE-2025-10035, a perfect CVSS 10.0 vulnerability in the Fortra GoAnywhere managed file transfer solution, has apparently been exploited in zero-day attacks before the patch was released on September ... Read more
-
The Register
‘An attacker's playground:’ Crims exploit GoAnywhere perfect-10 bug
Security researchers have confirmed that threat actors have exploited the maximum-severity vulnerability affecting Fortra's GoAnywhere managed file transfer (MFT), and chastised the vendor for a lack ... Read more
-
TheCyberThrone
Critical Cisco SSL VPN Vulnerabilities
September 26, 2025The cybersecurity world is on alert after multiple critical vulnerabilities were discovered in Cisco SSL VPN solutions, specifically affecting Cisco ASA and FTD platforms. These flaw ... Read more
-
BleepingComputer
Maximum severity GoAnywhere MFT flaw exploited as zero day
Hackers are actively exploiting a maximum severity vulnerability (CVE-2025-10035) in Fortra's GoAnywhere MFT that allows injecting commands remotely without authentication. The vendor disclosed the fl ... Read more
-
security.nl
NCSC: Cisco-lekken vereisen onmiddellijke aandacht van organisaties
Drie actief aangevallen kwetsbaarheden in Cisco ASA-firewalls vereisen onmiddellijke aandacht van organisaties, zo waarschuwt het Nationaal Cyber Security Centrum (NCSC). De overheidsinstantie verwach ... Read more