CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
nextron-systems.com
AURORA – Leveraging ETW for Advanced Threat Detection
Aurora is a lightweight endpoint agent that applies Sigma rules and IOCs directly to Windows system events reconstructed from Event Tracing for Windows (ETW). Unlike traditional logging tools or Sysmo ... Read more
-
The Hacker News
Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install
Jul 31, 2025Ravie LakshmananVulnerability / Website Security Threat actors are actively exploiting a critical security flaw in "Alone – Charity Multipurpose Non-profit WordPress Theme" to take over ... Read more
-
The Cyber Express
iOS 18.6 to macOS 15.6: Apple Releases Comprehensive Security Updates
Apple has rolled out a wide-ranging series of Apple security updates and Rapid Security Responses, spanning iOS, iPadOS, macOS, tvOS, watchOS, and visionOS. These carefully coordinated Apple security ... Read more
-
Help Net Security
Secrets are leaking everywhere, and bots are to blame
Secrets like API keys, tokens, and credentials are scattered across messaging apps, spreadsheets, CI/CD logs, and even support tickets. According to Entro Security’s NHI & Secrets Risk Report H1 2025, ... Read more
-
Daily CyberSecurity
Microsoft PlayReady DRM Certificates Leaked: SL3000 Pulled from GitHub, Amazon Suspends Pirate Accounts
Digital Rights Management (DRM) mechanisms are crucial for safeguarding streaming content—platforms like Netflix rely on DRM to protect their media, and Microsoft employs its proprietary Microsoft Pla ... Read more
-
Daily CyberSecurity
Lazarus Group’s Covert Supply Chain Attack: North Korean APT Poisons Open Source to Steal Developer Secrets
Image: Sonatype In a recently expose, Sonatype reveals a covert cyberespionage campaign orchestrated by the North Korea-linked Lazarus Group, targeting developers through poisoned open source packages ... Read more
-
Daily CyberSecurity
Critical OAuth2-Proxy Flaw (CVE-2025-54576, CVSS 9.1) Allows Authentication Bypass via Query Parameters
A critical vulnerability in the popular OAuth2-Proxy open-source authentication tool has been discovered, allowing attackers to bypass authentication protections by manipulating query parameters. Trac ... Read more
-
MacRumors
iOS 18.6 and macOS Sequoia 15.6 Address Chrome Zero-Day Attack
Wednesday July 30, 2025 5:09 pm PDT by Juli CloverThe iOS 18.6, iPadOS 18.6, and macOS Sequoia 15.6 updates that Apple released yesterday address a major zero-day attack that targeted Chrome users, ac ... Read more
-
Daily CyberSecurity
onsemi & NVIDIA Partner to Revolutionize AI Data Centers with 800VDC Power for Extreme Efficiency
onsemi has announced a strategic collaboration with NVIDIA to accelerate the transformation of AI data centers toward an 800-volt direct current (800VDC) power architecture. This shift aims to signifi ... Read more
-
AttackIQ
Response to CISA Alert: Microsoft Releases Guidance on Exploitation of SharePoint Vulnerabilities
On July 8, 2025, vulnerabilities CVE-2025-49704 (Remote Code Execution) and CVE-2025-49706 (Network Spoofing), affecting on-premises Microsoft SharePoint servers, were officially reported. On the same ... Read more