CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Critical CrushFTP 0-Day RCE Vulnerability Technical Details and PoC Released
A significant zero-day vulnerability in CrushFTP has been disclosed, allowing unauthenticated attackers to achieve complete remote code execution on vulnerable servers. The flaw, tracked as CVE-2025-5 ... Read more
-
Daily CyberSecurity
Critical Rtpengine Flaws (CVE-2025-53399) Allow Audio Interception and Injection in VoIP Calls, PoC Publishes
Privacy & Transparencysecurityonline.info and our partners ask for your consent to use your personal data, and to store and/or access information on your device. This includes using your personal data ... Read more
-
CybersecurityNews
OAuth2-Proxy Vulnerability Enables Authentication Bypass by Manipulating Query Parameters
A critical security vulnerability has been identified in OAuth2-Proxy, a widely-used reverse proxy that provides authentication services for Google, Azure, OpenID Connect, and numerous other identity ... Read more
-
nextron-systems.com
AURORA – Leveraging ETW for Advanced Threat Detection
Aurora is a lightweight endpoint agent that applies Sigma rules and IOCs directly to Windows system events reconstructed from Event Tracing for Windows (ETW). Unlike traditional logging tools or Sysmo ... Read more
-
The Hacker News
Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install
Jul 31, 2025Ravie LakshmananVulnerability / Website Security Threat actors are actively exploiting a critical security flaw in "Alone – Charity Multipurpose Non-profit WordPress Theme" to take over ... Read more
-
The Cyber Express
iOS 18.6 to macOS 15.6: Apple Releases Comprehensive Security Updates
Apple has rolled out a wide-ranging series of Apple security updates and Rapid Security Responses, spanning iOS, iPadOS, macOS, tvOS, watchOS, and visionOS. These carefully coordinated Apple security ... Read more
-
Help Net Security
Secrets are leaking everywhere, and bots are to blame
Secrets like API keys, tokens, and credentials are scattered across messaging apps, spreadsheets, CI/CD logs, and even support tickets. According to Entro Security’s NHI & Secrets Risk Report H1 2025, ... Read more
-
Daily CyberSecurity
Microsoft PlayReady DRM Certificates Leaked: SL3000 Pulled from GitHub, Amazon Suspends Pirate Accounts
Digital Rights Management (DRM) mechanisms are crucial for safeguarding streaming content—platforms like Netflix rely on DRM to protect their media, and Microsoft employs its proprietary Microsoft Pla ... Read more
-
Daily CyberSecurity
Lazarus Group’s Covert Supply Chain Attack: North Korean APT Poisons Open Source to Steal Developer Secrets
Image: Sonatype In a recently expose, Sonatype reveals a covert cyberespionage campaign orchestrated by the North Korea-linked Lazarus Group, targeting developers through poisoned open source packages ... Read more
-
Daily CyberSecurity
Critical OAuth2-Proxy Flaw (CVE-2025-54576, CVSS 9.1) Allows Authentication Bypass via Query Parameters
A critical vulnerability in the popular OAuth2-Proxy open-source authentication tool has been discovered, allowing attackers to bypass authentication protections by manipulating query parameters. Trac ... Read more