CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
CISA orders agencies to patch Cisco flaws exploited in zero-day attacks
CISA has issued a new emergency directive ordering U.S. federal agencies to secure their Cisco firewall devices against two flaws that have been exploited in zero-day attacks. Emergency Directive 25-0 ... Read more
-
CrowdStrike.com
September 2025 Patch Tuesday: Two Publicly Disclosed Zero-Days and Eight Critical Vulnerabilities Among 84 CVEs
Microsoft has addressed 84 vulnerabilities in its September 2025 security update release. This month's patches address two publicly disclosed zero-day vulnerabilities and eight Critical vulnerabilitie ... Read more
-
BleepingComputer
Cisco warns of ASA firewall zero-days exploited in attacks
Cisco warned customers today to patch two zero-day vulnerabilities that are actively being exploited in attacks and impact the company's firewall software. The first one (CVE-2025-20333) allows authen ... Read more
-
CrowdStrike.com
September 2025 Patch Tuesday: Two Publicly Disclosed Zero-Days and Eight Critical Vulnerabilities Among 84 CVEs
Microsoft has addressed 84 vulnerabilities in its September 2025 security update release. This month's patches address two publicly disclosed zero-day vulnerabilities and eight Critical vulnerabilitie ... Read more
-
The Cyber Express
SolarWinds Issues Third Patch to Address Persistent Web Help Desk RCE Vulnerability
SolarWinds has released a new hotfix aimed at resolving a critical remote code execution (RCE) vulnerability affecting its Web Help Desk (WHD) software. The flaw, now identified as CVE-2025-26399, mar ... Read more
-
CrowdStrike.com
September 2025 Patch Tuesday: Two Publicly Disclosed Zero-Days and Eight Critical Vulnerabilities Among 84 CVEs
Microsoft has addressed 84 vulnerabilities in its September 2025 security update release. This month's patches address two publicly disclosed zero-day vulnerabilities and eight Critical vulnerabilitie ... Read more
-
TheCyberThrone
Cisco IOS and IOS XE SNMP Zero-Day CVE-2025-20352
September 25, 2025Cisco recently disclosed a highly critical zero-day vulnerability, CVE-2025-20352, impacting its widely deployed IOS and IOS XE software platforms. This flaw, which resides in the Si ... Read more
-
Ars Technica
As many as 2 million Cisco devices affected by actively exploited 0-day
As many as 2 million Cisco devices are susceptible to an actively exploited zeroday that can remotely crash or execute code on vulnerable systems. Cisco said Wednesday that the vulnerability, tracked ... Read more
-
CybersecurityNews
ZendTo Vulnerability Let Attackers Bypass Security Controls and Access Sensitive Data
A critical path traversal flaw in ZendTo has been assigned CVE-2025-34508 researchers discovered that versions 6.15–7 and prior enable authenticated users to manipulate file paths and retrieve sensiti ... Read more
-
Daily CyberSecurity
Two WordPress Core Vulnerabilities Disclosed Without Patch: Sensitive Data Exposure and Stored XSS
Two vulnerabilities were found in WordPress Core, affecting all versions up to and including 6.8.2. Both flaws were accidentally made public by a third-party before patches were available, though the ... Read more