CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
CISA says hackers breached federal agency using GeoServer exploit
CISA has revealed that attackers breached the network of an unnamed U.S. federal civilian executive branch (FCEB) agency last year after compromising an unpatched GeoServer instance. The security bug ...
-
CybersecurityNews
SonicWall Releases Urgent Update to Remove Rootkit Malware ‘OVERSTEP’ from SMA Devices
SonicWall has issued an urgent firmware update, version 10.2.2.2-92sv, for its Secure Mobile Access (SMA) 100 series appliances to detect and remove known rootkit malware. The advisory, SNWLID-2025-00 ...
-
BleepingComputer
SolarWinds releases third patch to fix Web Help Desk RCE bug
SolarWinds has released a hotfix for a critical a critical vulnerability in Web Help Desk that allows remote code execution (RCE) without authentication. Tracked as CVE-2025-26399, the security issue ...
-
BleepingComputer
SonicWall releases SMA100 firmware update to wipe rootkit malware
SonicWall has released a firmware update that can help customers remove rootkit malware deployed in attacks targeting SMA 100 series devices. "SonicWall SMA 100 10.2.2.2-92sv build has been released w ...
-
Help Net Security
SonicWall adds rootkit removal capabilities to the SMA 100 series
SonicWall has released new firmware for its Secure Mobile Access (SMA) 100 series appliances, adding file-checking capabilities that help users remove known rootkit malware. The malware in question is ...
-
The Hacker News
SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw
Sep 23, 2025Ravie LakshmananVulnerability / Data Security SolarWinds has released hot fixes to address a critical security flaw impacting its Web Help Desk software that, if successfully exploited, ...
-
CybersecurityNews
SolarWinds Web Help Desk Vulnerability Enables Unauthenticated RCE
SolarWinds has released an urgent security advisory for a critical vulnerability in its Web Help Desk software that could allow an unauthenticated attacker to achieve remote code execution (RCE). The ...
-
CybersecurityNews
Hackers Exploits IMDS Service to Gain Initial Access to a Cloud Environment
Threat actors were manipulating the Instance Metadata Service (IMDS), a core component designed to securely furnish compute instances with temporary credentials to infiltrate and navigate cloud infras ...
-
Daily CyberSecurity
No Going Back: Apple Disables iOS 26 Downgrades
Apple is currently pushing a broad wave of automatic upgrades to iOS 26, and while some users may find little appeal in its new liquid glass visual effect, those already upgraded have no way to undo t ...
-
Daily CyberSecurity
CVE-2025-26399 (CVSS 9.8): SolarWinds Web Help Desk Hit by Critical RCE Vulnerability
SolarWinds has released a hotfix for its Web Help Desk (WHD) software after the discovery of a critical remote code execution (RCE) vulnerability tracked as CVE-2025-26399. The flaw, rated CVSS 9.8, s ...