CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Critical macOS ‘Sploitlight’ Vulnerability Let Attackers Steal Private Data of Files Bypassing TCC
A critical macOS vulnerability enables attackers to bypass Transparency, Consent, and Control (TCC) protections and steal sensitive user data, including files from protected directories and Apple Inte ... Read more
-
CybersecurityNews
CISA Warns of Cisco Identity Services Engine Vulnerability Exploited in Attacks
CISA has issued an urgent warning regarding two critical injection vulnerabilities in Cisco’s Identity Services Engine (ISE) that threat actors are actively exploiting. The vulnerabilities, tracked as ... Read more
-
The Hacker News
CISA Adds PaperCut NG/MF CSRF Vulnerability to KEV Catalog Amid Active Exploitation
Jul 29, 2025Ravie LakshmananVulnerability / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security vulnerability impacting PaperC ... Read more
-
Daily CyberSecurity
Microsoft Edge Unleashes “Copilot Mode”: AI Assistant Gains Full Browse Context Access
Following its concerted efforts to integrate Copilot AI into Windows and Office productivity tools, Microsoft has taken a further step by embedding its Copilot AI technology into the Microsoft Edge br ... Read more
-
Daily CyberSecurity
Microsoft Uncovers “Sploitlight”: macOS Flaw (CVE-2025-31199) Bypasses TCC, Leaking Apple Intelligence Data
Microsoft Threat Intelligence has unveiled a critical macOS vulnerability that exploits Spotlight plugins to bypass the system’s Transparency, Consent, and Control (TCC) protections. Dubbed “Sploitlig ... Read more
-
Daily CyberSecurity
Python Tarfile Vulnerability (CVE-2025-8194) Allows DoS via Malicious Archives
A newly discovered vulnerability in Python’s tarfile module, identified as CVE-2025-8194, threatens to hang applications that process malicious archive files—triggering infinite loops and potential de ... Read more
-
Daily CyberSecurity
Linux Kernel 6.16 Released: Boosting Hardware Support, Filesystems, & Networking
Version 6.16 of the Linux Kernel has now been officially released. As this is not a Long-Term Support (LTS) release, its lifecycle is relatively short, making it more suitable for rolling installation ... Read more
-
TheCyberThrone
CISA adds CISCO ISE and PaperCut MF flaws to KEV Catalog
Skip to content July 29, 2025The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three significant vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog on July 2 ... Read more
-
Daily CyberSecurity
GitHub Hit by Widespread Outage: Core Services Disrupted Globally
Microsoft-owned code hosting platform GitHub began experiencing a widespread service outage on July 28, 2025, at 16:50 UTC. The disruption has affected multiple core functionalities, including but not ... Read more
-
Daily CyberSecurity
Critical Node-SAML Flaw (CVE-2025-54419, CVSS 10.0) Allows Authentication Bypass in SAML 2.0 Web Apps
A newly disclosed critical vulnerability in Node-SAML, a widely used SAML 2.0 authentication provider for Node.js, could allow attackers to manipulate signed login responses—potentially enabling authe ... Read more