CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Evernote Relaunches as AI-First Note App with Semantic Search and OpenAI Assistant
Once the defining name in note-taking applications, Evernote had seen its presence wane in recent years. Yet under the stewardship of Italian developer Bending Spoons, the platform has undergone its m ...
-
Daily CyberSecurity
Critical AWS VPN Client Flaw CVE-2025-11462 (CVSS 9.3) Allows Root Privilege Escalation on macOS
Amazon Web Services (AWS) has released an important security bulletin warning users of a critical local privilege escalation vulnerability in the AWS Client VPN application for macOS. The flaw, tracke ...
-
Daily CyberSecurity
Critical Nagios Flaw CVE-2025-44823 (CVSS 9.9) Leaks Plaintext Admin API Keys, PoC Available
Image: Nagios Security researchers have identified two critical vulnerabilities in Nagios Log Server, the enterprise log management solution widely used for centralized logging, real-time monitoring, ...
-
Daily CyberSecurity
Zimbra XSS Zero-Day (CVE-2025-27915) Actively Exploited; CISA Adds to KEV Catalog
A cross-site scripting (XSS) vulnerability in Synacor Zimbra Collaboration Suite (ZCS) — tracked as CVE-2025-27915 — has been confirmed to be actively exploited in the wild, prompting CISA to add the ...
-
Daily CyberSecurity
OpenSSH Flaw (CVE-2025-61984) Allows Remote Code Execution via Usernames
Security researcher David Leadbeater has disclosed a vulnerability in OpenSSH, identified as CVE-2025-61984, which highlights how even minor quirks in command-line parsing and shell behavior can open ...
-
Daily CyberSecurity
Chrome 141 Stable Fixes Two High-Severity Flaws: Heap Overflow in Sync and UAF in Storage
Google has released a new Stable Channel update for Chrome 141.0.7390.65/.66 on Windows and macOS and 141.0.7390.65 for Linux, addressing three significant security vulnerabilities that could allow at ...
-
Daily CyberSecurity
Actively Exploited: Critical Flaw CVE-2025-5947 (CVSS 9.8) Allows Unauthenticated Admin Takeover in WordPress Plugin
Security researchers at Wordfence have issued an urgent warning about an actively exploited authentication bypass vulnerability in the Service Finder Bookings plugin — a component bundled with the pop ...
-
TheCyberThrone
CISA Adds Zimbra XSS Flaw to KEV After Active Exploitation
October 8, 2025On October 6, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2025-27915—an actively exploited vulnerability in Zimbra Collaboration Suite (ZCS)—to its Known ...
-
krebsonsecurity.com
ShinyHunters Wage Broad Corporate Extortion Spree
A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this year has launched a website that threatens to publish data stolen fr ...
-
seclists.org
Re: [FD] Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain → Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Full Disclosure mailing list archives Re: [FD] Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain → Secure Enclave Key Theft, Wormable RCE, Crypto Theft From: josephgoyd via Ful ...