CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Critical SUSE Manager Vulnerability Let Attackers Execute Arbitrary Commands as Root
A newly disclosed critical security vulnerability in SUSE Manager poses severe risks to enterprise infrastructure, allowing unauthenticated attackers to execute arbitrary commands with root privileges ... Read more
-
CrowdStrike.com
CrowdStrike Detects and Blocks Initial SharePoint Zero-Day Exploitation
Beginning on July 18, 2025, at approximately 0700 UTC, CrowdStrike Falcon® Complete Next-Gen MDR and CrowdStrike Falcon® Adversary OverWatch™ identified a wave of Microsoft SharePoint exploitation att ... Read more
-
CrowdStrike.com
Preventing Container Escape Attempts with Falcon Cloud Security's Enhanced Runtime Capabilities
Container escape represents one of the most significant security threats in modern cloud computing environments. This allows attackers to break free from container isolation mechanisms, potentially le ... Read more
-
CrowdStrike.com
CrowdStrike Falcon Prevents Supply Chain Attack Involving Compromised NPM Packages
Recently, five popular NPM (Node Package Manager) packages were compromised and modified to deliver a malicious DLL, dubbed “Scavenger”. The malware pushed via these compromised NPM packages executes ... Read more
-
CybersecurityNews
APT Hackers Attacking Maritime and Shipping Industry to Launch Ransomware Attacks
The maritime industry, which facilitates approximately 90% of global trade, has emerged as a critical battleground for advanced persistent threat (APT) groups deploying sophisticated ransomware campai ... Read more
-
CybersecurityNews
Critical CrushFTP 0-Day RCE Vulnerability Technical Details and PoC Released
A significant zero-day vulnerability in CrushFTP has been disclosed, allowing unauthenticated attackers to achieve complete remote code execution on vulnerable servers. The flaw, tracked as CVE-2025-5 ... Read more
-
Daily CyberSecurity
Critical Rtpengine Flaws (CVE-2025-53399) Allow Audio Interception and Injection in VoIP Calls, PoC Publishes
Privacy & Transparencysecurityonline.info and our partners ask for your consent to use your personal data, and to store and/or access information on your device. This includes using your personal data ... Read more
-
CybersecurityNews
OAuth2-Proxy Vulnerability Enables Authentication Bypass by Manipulating Query Parameters
A critical security vulnerability has been identified in OAuth2-Proxy, a widely-used reverse proxy that provides authentication services for Google, Azure, OpenID Connect, and numerous other identity ... Read more
-
nextron-systems.com
AURORA – Leveraging ETW for Advanced Threat Detection
Aurora is a lightweight endpoint agent that applies Sigma rules and IOCs directly to Windows system events reconstructed from Event Tracing for Windows (ETW). Unlike traditional logging tools or Sysmo ... Read more
-
The Hacker News
Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install
Jul 31, 2025Ravie LakshmananVulnerability / Website Security Threat actors are actively exploiting a critical security flaw in "Alone – Charity Multipurpose Non-profit WordPress Theme" to take over ... Read more