CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
seclists.org
KL-001-2025-013: Xorux XorMon-NG Web Application Privilege Escalation to Administrator
Full Disclosure mailing list archives From: KoreLogic Disclosures via Fulldisclosure <fulldisclosure () seclists org> Date: Mon, 28 Jul 2025 18:39:36 -0500 KL-001-2025-013: Xorux XorMon-NG Web Applica ... Read more
-
seclists.org
KL-001-2025-012: Xorux XorMon-NG Read Only User Export Device Configuration Exposing Sensitive Information
Full Disclosure mailing list archives From: KoreLogic Disclosures via Fulldisclosure <fulldisclosure () seclists org> Date: Mon, 28 Jul 2025 18:38:51 -0500 KL-001-2025-012: Xorux XorMon-NG Read Only U ... Read more
-
The Register
Microsoft spotlights Apple bug patched in March as SharePoint exploits continue
Amidst its own failure to fix a couple of bugs now under mass exploitation and being abused for espionage, data theft, and ransomware infections, Microsoft said Monday that it spotted a macOS vulnerab ... Read more
-
CrowdStrike.com
CrowdStrike Detects and Blocks Initial SharePoint Zero-Day Exploitation
Beginning on July 18, 2025, at approximately 0700 UTC, CrowdStrike Falcon® Complete Next-Gen MDR and CrowdStrike Falcon® Adversary OverWatch™ identified a wave of Microsoft SharePoint exploitation att ... Read more
-
CrowdStrike.com
Preventing Container Escape Attempts with Falcon Cloud Security's Enhanced Runtime Capabilities
Container escape represents one of the most significant security threats in modern cloud computing environments. This allows attackers to break free from container isolation mechanisms, potentially le ... Read more
-
CrowdStrike.com
CrowdStrike Falcon Prevents Supply Chain Attack Involving Compromised NPM Packages
Recently, five popular NPM (Node Package Manager) packages were compromised and modified to deliver a malicious DLL, dubbed “Scavenger”. The malware pushed via these compromised NPM packages executes ... Read more
-
BleepingComputer
Microsoft: macOS Sploitlight flaw leaks Apple Intelligence data
Attackers could use a recently patched macOS vulnerability to bypass Transparency, Consent, and Control (TCC) security checks and steal sensitive user information, including Apple Intelligence cached ... Read more
-
Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
macOS Sploitlight Flaw Exposes Apple Intelligence-Cached Data to Attackers
A newly disclosed macOS vulnerability is allowing attackers to bypass Apple’s privacy controls and access sensitive user data, including files cached by Apple Intelligence. Tracked as CVE-2025-31199, ... Read more
-
BleepingComputer
Exploit available for critical Cisco ISE bug exploited in attacks
Security researcher Bobby Gould has published a blog post demonstrating a complete exploit chain for CVE-2025-20281, an unauthenticated remote code execution vulnerability in Cisco Identity Services E ... Read more
-
BleepingComputer
CISA flags PaperCut RCE bug as exploited in attacks, patch now
CISA warns that threat actors are exploiting a high-severity vulnerability in PaperCut NG/MF print management software, which can allow them to gain remote code execution in cross-site request forgery ... Read more