CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Lazarus Group’s Covert Supply Chain Attack: North Korean APT Poisons Open Source to Steal Developer Secrets
Image: Sonatype In a recently expose, Sonatype reveals a covert cyberespionage campaign orchestrated by the North Korea-linked Lazarus Group, targeting developers through poisoned open source packages ... Read more
-
Daily CyberSecurity
Critical OAuth2-Proxy Flaw (CVE-2025-54576, CVSS 9.1) Allows Authentication Bypass via Query Parameters
A critical vulnerability in the popular OAuth2-Proxy open-source authentication tool has been discovered, allowing attackers to bypass authentication protections by manipulating query parameters. Trac ... Read more
-
MacRumors
iOS 18.6 and macOS Sequoia 15.6 Address Chrome Zero-Day Attack
Wednesday July 30, 2025 5:09 pm PDT by Juli CloverThe iOS 18.6, iPadOS 18.6, and macOS Sequoia 15.6 updates that Apple released yesterday address a major zero-day attack that targeted Chrome users, ac ... Read more
-
Daily CyberSecurity
onsemi & NVIDIA Partner to Revolutionize AI Data Centers with 800VDC Power for Extreme Efficiency
onsemi has announced a strategic collaboration with NVIDIA to accelerate the transformation of AI data centers toward an 800-volt direct current (800VDC) power architecture. This shift aims to signifi ... Read more
-
AttackIQ
Response to CISA Alert: Microsoft Releases Guidance on Exploitation of SharePoint Vulnerabilities
On July 8, 2025, vulnerabilities CVE-2025-49704 (Remote Code Execution) and CVE-2025-49706 (Network Spoofing), affecting on-premises Microsoft SharePoint servers, were officially reported. On the same ... Read more
-
BleepingComputer
Hackers actively exploit critical RCE in WordPress Alone theme
Threat actors are actively exploiting a critical unauthenticated arbitrary file upload vulnerability in the WordPress theme 'Alone,' to achieve remote code execution and perform a full site takeover. ... Read more
-
Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
SonicWall Urges Patch After 3 Major VPN Vulnerabilities Disclosed
Cybersecurity firm watchTowr has uncovered multiple serious vulnerabilities within SonicWall’s SMA100 series SSL-VPN appliances, highlighting ongoing security challenges in widely used network infrast ... Read more
-
CrowdStrike.com
CrowdStrike Detects and Blocks Initial SharePoint Zero-Day Exploitation
Beginning on July 18, 2025, at approximately 0700 UTC, CrowdStrike Falcon® Complete Next-Gen MDR and CrowdStrike Falcon® Adversary OverWatch™ identified a wave of Microsoft SharePoint exploitation att ... Read more
-
CrowdStrike.com
Preventing Container Escape Attempts with Falcon Cloud Security's Enhanced Runtime Capabilities
Container escape represents one of the most significant security threats in modern cloud computing environments. This allows attackers to break free from container isolation mechanisms, potentially le ... Read more
-
CrowdStrike.com
CrowdStrike Falcon Prevents Supply Chain Attack Involving Compromised NPM Packages
Recently, five popular NPM (Node Package Manager) packages were compromised and modified to deliver a malicious DLL, dubbed “Scavenger”. The malware pushed via these compromised NPM packages executes ... Read more