CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Ransomware crims that exploited SharePoint 0-days add Velociraptor to their arsenal
The ransomware gang caught exploiting Microsoft SharePoint zero-days over the summer has added a new tool to its arsenal: Velociraptor, an open-source digital forensics and incident response app not p ...
-
Kaspersky
Security risks of vibe coding and LLM assistants for developers
Although the benefits of AI assistants in the workplace remain debatable, where they’re being adopted most confidently of all is in software development. Here, LLMs play many roles — from refactoring ...
-
Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Auth Bypass Flaw in Service Finder WordPress Plugin Under Active Exploit
Website owners using the Service Finder WordPress theme and its bundled Bookings plugin must update their software immediately, as a serious security flaw is currently being targeted by cybercriminals ...
-
The Register
Zero-day in file-sharing software leads to RCE, and attacks are ongoing
Security research firm Huntress is warning all users of Gladinet's CentreStack and Triofox file-sharing tools to urgently apply an available mitigation, as a zero-day is being actively exploited and t ...
-
CybersecurityNews
Threat Actors Exploiting SonicWall SSL VPN Devices in Wild to Deploy Akira Ransomware
Threat actors have reemerged in mid-2025 leveraging previously disclosed vulnerabilities in SonicWall SSL VPN appliances to deploy Akira ransomware on enterprise networks. Beginning in July, multiple ...
-
The Register
Pro-Russia hacktivist group dies of cringe after falling into researchers' trap
Security researchers say they duped pro-Russia cybercriminals into targeting a fake critical infrastructure organization, which the crew later claimed - via their Telegram group - to be a real-world a ...
-
CybersecurityNews
RondoDox Botnet Exploits 50+ Vulnerabilities to Attack Routers, CCTV Systems and Web Servers
Since its emergence in early 2025, RondoDox has rapidly become one of the most pervasive IoT-focused botnets in operation, targeting a wide range of network-connected devices—from consumer routers to ...
-
The Hacker News
From Detection to Patch: Fortra Reveals Full Timeline of CVE-2025-10035 Exploitation
Oct 10, 2025Ravie LakshmananVulnerability / Network Security Fortra on Thursday revealed the results of its investigation into CVE-2025-10035, a critical security flaw in GoAnywhere Managed File Tra ...
-
InfoSec Write-ups
Living Off the Cloud: Abusing Cloud Services for Red Teaming | Cyber Codex
Introduction: Blending into the Digital SkylineCyber threats today no longer rely on flashy malware or sketchy infrastructure. Modern adversaries especially Advanced Persistent Threats (APTs) are turn ...
-
Help Net Security
Attackers are exploiting Gladinet CentreStack, Triofox vulnerability with no patch (CVE-2025-11371)
CVE-2025-11371, a unauthenticated Local File Inclusion vulnerability in Gladinet CentreStack and Triofox file-sharing and remote access platforms, is being exploited by attackers in the wild. While Gl ...