CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
New TamperedChef Malware Leverages Productivity Tools to Gain Access and Exfiltrate Sensitive Data
A sophisticated malware campaign has emerged that weaponizes seemingly legitimate productivity tools to infiltrate systems and steal sensitive information. The TamperedChef malware represents a concer ... Read more
-
The Hacker News
⚡ Weekly Recap: Cisco 0-Day, Record DDoS, LockBit 5.0, BMC Bugs, ShadowV2 Botnet & More
Sep 29, 2025Ravie LakshmananCybersecurity / Hacking News Cybersecurity never stops—and neither do hackers. While you wrapped up last week, new attacks were already underway. From hidden software bug ... Read more
-
CybersecurityNews
WhatsApp 0-Click Vulnerability Exploited Using Malicious DNG File
Security researchers detailed a zero-click remote code execution (RCE) vulnerability affecting WhatsApp on Apple’s iOS, macOS, and iPadOS platforms. The attack chain exploits two distinct vulnerabilit ... Read more
-
cert.pl
Vulnerability in CivetWeb software
Vulnerability in CivetWeb software CVE ID CVE-2025-9648 Publication date 29 September 2025 Vendor CivetWeb Product CivetWeb Vulnerable versions All before 1.08 Vulnerability type (CWE) Improper Neutra ... Read more
-
CybersecurityNews
SUSE Rancher Vulnerabilities Let Attackers Lockout the Administrators Account
A critical flaw in SUSE Rancher’s user management module allows privileged users to disrupt administrative access by modifying usernames of other accounts. Tracked as CVE-2024-58260, this vulnerabilit ... Read more
-
The Cyber Express
Google Project Zero Exposes ASLR Bypass Vulnerability in Apple’s Serialization Framework
Google Project Zero has revealed a new technique capable of bypassing Address Space Layout Randomization (ASLR) protections on Apple devices. The finding, published by security researcher Jann Horn, s ... Read more
-
CybersecurityNews
Lesson From Cisco ASA 0-Day RCE Vulnerability That Actively Exploited In The Wild
The cybersecurity landscape experienced a significant escalation in September 2025, when Cisco disclosed multiple critical zero-day vulnerabilities affecting its Adaptive Security Appliance (ASA) and ... Read more
-
CybersecurityNews
Formbricks Signature Verification Vulnerability Let Attackers Reset User Passwords Without Authorization
A critical security flaw discovered in Formbricks, an open-source experience management platform, demonstrates how missing JWT signature verification can lead to complete account takeovers. The vulner ... Read more
-
security.nl
Criminelen rollen ransomware uit via MFA-beveiligde SonicWall VPN-accounts
Criminelen maken gebruik van met multifactorauthenticatie (MFA) beveiligde SSL VPN-accounts van SonicWall-firewalls om bij organisaties ransomware uit te rollen, zo meldt securitybedrijf Arctic Wolf. ... Read more
-
CybersecurityNews
Notepad++ DLL Hijacking Vulnerability Let Attackers Execute Malicious Code
A newly discovered DLL hijacking vulnerability in Notepad++, the popular source code editor, could allow attackers to execute arbitrary code on a victim’s machine. Tracked as CVE-2025-56383, the flaw ... Read more