CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
security.nl
Beveiligingslekken in Windows SMB-client en Kentico Xperience actief misbruikt
Kwetsbaarheden in de SMB-client van Windows en Kentico Xperience worden actief misbruikt bij aanvallen, zo waarschuwt het Amerikaanse cyberagentschap CISA. Microsoft kwam op 10 juni met beveiligingsup ...
-
BleepingComputer
Microsoft warns of Windows smart card auth issues after October updates
Microsoft says the October 2025 Windows security updates are causing smart card authentication and certificate issues due to a change designed to strengthen the Windows Cryptographic Services. This kn ...
-
The Hacker News
⚡ Weekly Recap: F5 Breached, Linux Rootkits, Pixnapping Attack, EtherHiding & More
It's easy to think your defenses are solid — until you realize attackers have been inside them the whole time. The latest incidents show that long-term, silent breaches are becoming the norm. The best ...
-
cert.pl
Vulnerability in NetBird VPN software
Vulnerability in NetBird VPN software CVE ID CVE-2025-10678 Publication date 20 October 2025 Vendor NetBird VPN Product NetBird Vulnerable versions All before 0.57.0 Vulnerability type (CWE) Use of De ...
-
The Register
A simple AI prompt saved a developer from this job interview scam
INFOSEC IN BRIEF Engineer David Dodda says he was just "30 seconds away" from running malware on his own computer after nearly falling victim to a North Korea-type job interview scam with a "legitimat ...
-
CybersecurityNews
PoC Exploit Released for Windows Server Update Services Remote Code Execution Vulnerability
A proof-of-concept (PoC) exploit has been released for a critical vulnerability in Microsoft’s Windows Server Update Services (WSUS), enabling unauthenticated attackers to execute remote code with SYS ...
-
Daily CyberSecurity
Critical Squid Proxy Flaw (CVE-2025-62168, CVSS 10.0) Leaks HTTP Credentials and Security Tokens via Error Handling
The developers of Squid, the widely used open-source caching proxy for web traffic acceleration, have disclosed and patched a critical information disclosure vulnerability tracked as CVE-2025-62168 (C ...
-
Daily CyberSecurity
GlassWorm Supply Chain Worm Uses Invisible Unicode and Solana Blockchain for Stealth C2
Cybersecurity researchers at Koi Security have discovered the world’s first self-propagating malware targeting VS Code extensions on the OpenVSX Marketplace. Dubbed GlassWorm, the threat marks a histo ...
-
Daily CyberSecurity
Critical Moxa Flaw (CVE-2025-6950, CVSS 9.9) Allows Unauthenticated Admin Takeover via Hard-Coded JWT Secret
Moxa, a leading manufacturer of industrial networking and security appliances, has released an urgent security advisory addressing five critical vulnerabilities affecting multiple product series, incl ...
-
Daily CyberSecurity
Critical Keras 3 RCE Flaw (CVE-2025-49655, CVSS 9.8) Allows Code Execution on Model Load
Researchers at HiddenLayer have disclosed a critical arbitrary code execution vulnerability in the Keras 3 deep learning framework (CVE-2025-49655, CVSS 9.8), which affects the Torch backend of Keras ...