CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
security.nl
Amerikaanse overheidsinstantie gehackt na niet installeren GeoServer-update
Een federale Amerikaanse overheidsinstantie is vorig jaar gehackt omdat het had nagelaten een beveiligingsupdate voor een kritieke kwetsbaarheid in GeoServer te installeren. De patch was drie weken ee ... Read more
-
security.nl
Libraesva dicht actief aangevallen kwetsbaarheid in Email Security Gateway
Aanbieder van e-mailoplossingen Libraesva heeft een beveiligingsupdate uitgebracht voor een actief aangevallen kwetsbaarheid in de Email Security Gateway (ESG) die het biedt. Volgens het bedrijf is he ... Read more
-
The Hacker News
Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials
Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services (AW ... Read more
-
CrowdStrike.com
September 2025 Patch Tuesday: Two Publicly Disclosed Zero-Days and Eight Critical Vulnerabilities Among 84 CVEs
Microsoft has addressed 84 vulnerabilities in its September 2025 security update release. This month's patches address two publicly disclosed zero-day vulnerabilities and eight Critical vulnerabilitie ... Read more
-
The Hacker News
State-Sponsored Hackers Exploiting Libraesva Email Security Gateway Vulnerability
Sep 24, 2025Ravie LakshmananVulnerability / Email Security Libraesva has released a security update to address a vulnerability in its Email Security Gateway (ESG) solution that it said has been expl ... Read more
-
CybersecurityNews
CISA Details That Hackers Gained Access to a U.S. Federal Agency Network Via GeoServer RCE Vulnerability
CISA has released a comprehensive cybersecurity advisory detailing how threat actors successfully compromised a U.S. federal civilian executive branch agency’s network by exploiting CVE-2024-36401, a ... Read more
-
CrowdStrike.com
September 2025 Patch Tuesday: Two Publicly Disclosed Zero-Days and Eight Critical Vulnerabilities Among 84 CVEs
Microsoft has addressed 84 vulnerabilities in its September 2025 security update release. This month's patches address two publicly disclosed zero-day vulnerabilities and eight Critical vulnerabilitie ... Read more
-
Daily CyberSecurity
CISA adds Chrome zero-day CVE-2025-10585 to KEV after public exploit appears
CISA this week added CVE-2025-10585, a high-severity type-confusion flaw in Google’s V8 JavaScript engine, to its Known Exploited Vulnerabilities catalog after evidence of active exploitation was obse ... Read more
-
Daily CyberSecurity
OpenSSF Warns: Open Source Software Is Not a Free Service
The Open Source Security Foundation (OpenSSF), together with several prominent open-source and software foundations, has issued a joint statement declaring that it can no longer serve as the unpaid ga ... Read more
-
Daily CyberSecurity
CVE-2025-9844: Salesforce CLI Installer Vulnerability Could Lead to SYSTEM-Level Compromise
Salesforce has published a security advisory detailing a high-severity flaw in its Salesforce-CLI installer (sf-x64.exe). The vulnerability, tracked as CVE-2025-9844 with a CVSS score of 8.8, could al ... Read more