CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
CRITICAL Cisco Zero-Day (CVE-2025-20333, CVSS 9.9) Under Active Attack: VPN Flaw Allows Root RCE
Cisco has disclosed a zero-day vulnerability affecting its Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software. Tracked as CVE-2025-20333 with ... Read more
-
Daily CyberSecurity
Cisco Warns of Critical RCE Flaw (CVE-2025-20363) Affecting Firewall and Router Software
Cisco has disclosed a critical vulnerability affecting multiple product lines, including Secure Firewall ASA, Secure Firewall Threat Defense (FTD), IOS, IOS XE, and IOS XR Software. Tracked as CVE-202 ... Read more
-
Daily CyberSecurity
Supply Chain Attack: Malicious Rust Crates Steal Solana and Ethereum Private Keys
Image: Socket’s Threat Research Team Socket’s Threat Research Team has uncovered a supply chain attack involving two malicious Rust crates—faster_log and async_println—that impersonated the legitimate ... Read more
-
Daily CyberSecurity
Cisco Zero-Day CVE-2025-20362 Under Attack: VPN Flaw in ASA/FTD Exposes Restricted Resources
Cisco has released software updates addressing a zero-day vulnerability in the VPN web server of its Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) ... Read more
-
Daily CyberSecurity
CVE-2025-54831: Apache Airflow Bug Exposes Sensitive Connection Passwords to Read-Only Users
The Apache Software Foundation has released a fix for Apache Airflow, a popular open-source platform for authoring, scheduling, and monitoring workflows. The update addresses CVE-2025-54831, an import ... Read more
-
Daily CyberSecurity
GitLab Fixes High-Severity DoS Flaws: Unauthenticated Attackers Could Crash Instances
GitLab has released security updates for versions 18.4.1, 18.3.3, and 18.2.7 of its Community Edition (CE) and Enterprise Edition (EE). The company urges all self-managed users to upgrade immediately, ... Read more
-
Daily CyberSecurity
NVIDIA Patches High-Severity Code Injection Flaws in Megatron-LM AI Framework
Nvidia has issued an important security update addressing multiple high-severity vulnerabilities in its open-source Megatron-LM project, a large language model (LLM) framework widely used in AI resear ... Read more
-
Daily CyberSecurity
LNK Stomping: Attackers Bypass Windows Security by Stripping the ‘Mark of the Web’
Executing the lnk file using the LNK Stomping attack technique Windows shortcut files (.LNK) were designed to simplify user navigation, but for years, they’ve been a favorite tool in the attacker’s ar ... Read more
-
seclists.org
SEC Consult SA-20250925-0 :: Multiple Vulnerabilities in iMonitorSoft EAM employee monitoring #CVE-2025-10540 #CVE-2025-10541 #CVE-2025-10542
Full Disclosure mailing list archives From: SEC Consult Vulnerability Lab via Fulldisclosure <fulldisclosure () seclists org> Date: Thu, 25 Sep 2025 11:59:35 +0000 SEC Consult Vulnerability Lab Securi ... Read more
-
seclists.org
SEC Consult SA-20250923-0 :: Missing Certificate Validation leading to RCE in CleverControl employee monitoring software #CVE-2025-10548
Full Disclosure mailing list archives From: SEC Consult Vulnerability Lab via Fulldisclosure <fulldisclosure () seclists org> Date: Tue, 23 Sep 2025 07:58:36 +0000 SEC Consult Vulnerability Lab Securi ... Read more