CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Wordfence Warns of Active Exploits Targeting Critical Privilege Escalation Flaw in WP Freeio (CVE-2025-11533)
The Wordfence Threat Intelligence team has issued an urgent warning about CVE-2025-11533, a critical privilege escalation vulnerability (CVSS 9.8) in the WP Freeio plugin, a component of the premium F ... Read more
-
Daily CyberSecurity
Google Rolls Out Chrome 142 Patching 20 Security Flaws
The Google Chrome team has urgently promoted Chrome version 142 to the stable channel for Windows, Mac, and Linux, addressing a major security risk for all desktop users. The update, version 142.0.744 ... Read more
-
seclists.org
Re: [FD] : "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Full Disclosure mailing list archives From: josephgoyd via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 29 Oct 2025 11:15:18 +0000 The exploit I caught in the wild and the flow of the at ... Read more
-
seclists.org
Re: : "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Full Disclosure mailing list archives From: Christoph Gruber <list () guru at> Date: Wed, 29 Oct 2025 06:44:04 +0100 It seems, the whole account is down -- Christoph Gruber Am 29.10.2025 um 03:37 schr ... Read more
-
seclists.org
Dovecot CVE-2025-30189: Auth cache causes access to wrong account
Full Disclosure mailing list archives Dovecot CVE-2025-30189: Auth cache causes access to wrong account From: Aki Tuomi via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 29 Oct 2025 10:22 ... Read more
-
Daily CyberSecurity
Researcher Details Critical Authentication Bypasses in WSO2 API Manager and Identity Server
Security researcher Crnkovic has disclosed three critical vulnerabilities — CVE-2025-9152, CVE-2025-10611, and CVE-2025-9804 — in WSO2 API Manager and WSO2 Identity Server, each scoring 9.8 on the CVS ... Read more
-
Daily CyberSecurity
TEE.fail: Researchers Break Intel SGX/TDX and AMD SEV-SNP with Sub-$1,000 DDR5 Memory Bus Attack
In a study titled “TEE.fail: Breaking Trusted Execution Environments via DDR5 Memory Bus Interposition,” researchers from Georgia Tech and Purdue University have demonstrated that even the latest Inte ... Read more
-
Daily CyberSecurity
Researcher Details Windows Cloud Files Mini Filter Driver Elevation of Privilege Flaw (CVE-2025-55680)
Researchers from Exodus Intelligence, led by Michele Campa, have disclosed a privilege-escalation vulnerability in Microsoft’s Cloud Files Minifilter driver (cldflt.sys) that affects all versions of W ... Read more
-
CrowdStrike.com
Falcon Defends Against Git Vulnerability CVE-2025-48384
CrowdStrike has identified active exploitation of Git vulnerability CVE-2025-48384. In the observed activity, threat actors combined sophisticated social engineering tactics with malicious Git reposit ... Read more
-
CrowdStrike.com
How Falcon Exposure Management’s ExPRT.AI Predicts What Attackers Will Exploit
Nearly 40,000 vulnerabilities were disclosed in 2024.1 Security teams are overwhelmed, especially those relying on outdated tools. ExPRT.AI, the native intelligence engine embedded in CrowdStrike Falc ... Read more