CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
CISA Alert: Actively Exploited Zero-Days in CrushFTP, Chrome, and SysAid Added to KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with four new entries that are currently under active exploitation. These ... Read more
-
Daily CyberSecurity
iOS 26 Beta Hints at HomePod with Display: Apple Preps Visual Smart Speaker for Launch
With the release of the fourth developer beta of iOS 26, developers have unearthed a curious phrase within the settings menu, subtly hinting that Apple may be preparing to unveil the long-rumored Home ... Read more
-
Daily CyberSecurity
Critical Flaw (CVE-2025-7783, CVSS 9.4) in Form-Data Library Exposes Millions of Apps to Multipart Injection & RCE
A critical vulnerability has been uncovered in the widely used JavaScript library Form-Data, impacting millions of applications that rely on it to submit form data and file uploads. Tracked as CVE-202 ... Read more
-
Daily CyberSecurity
Microsoft: China-Backed APTs Actively Exploiting SharePoint Flaws (CVE-2025-49704 & CVE-2025-49706)
Last week, the Microsoft Security Response Center (MSRC) issued an urgent advisory regarding active exploitation of critical vulnerabilities in on-premises SharePoint Server installations. The alert, ... Read more
-
CybersecurityNews
Chrome High-Severity Vulnerabilities Allow Attackers to Execute Arbitrary Code
Google has released an urgent security update for its Chrome browser, addressing three critical vulnerabilities that could enable attackers to execute arbitrary code on users’ systems. The Stable chan ... Read more
-
Daily CyberSecurity
Google Patches Two High-Severity V8 Vulnerabilities (CVE-2025-8010, CVE-2025-8011) in Chrome
Google has released a new Stable Channel Update for Chrome Desktop, bringing the browser to version 138.0.7204.168/.169 for Windows and macOS, and 138.0.7204.168 for Linux. The update is rolling out g ... Read more
-
Daily CyberSecurity
Critical Manager.io Flaw (CVE-2025-54122, CVSS 10.0) Allows Unauthenticated SSRF & Cloud Takeover
A newly disclosed critical vulnerability in Manager.io, a free accounting software used by businesses across Australia and New Zealand, poses a severe threat to network security and cloud environments ... Read more
-
Daily CyberSecurity
Mimo Strikes Magento: New Campaign Shifts to Cryptojacking, Proxyjacking, & Stealthy Persistence
The once Craft CMS-focused threat actor known as Mimo—or Mimo’lette—has resurfaced with new vigor, broadening its scope and evolving into a persistent adversary. In its latest campaign, detailed by th ... Read more
-
SentinelOne
More From Our Main Blog: Defending Against ToolShell: SharePoint’s Latest Critical Vulnerability
A new, critical zero-day vulnerability dubbed “ToolShell” (CVE-2025-53770) poses a significant threat to on-premises SharePoint Server deployments. This vulnerability enables unauthenticated remote co ... Read more
-
SentinelOne
More From Our Main Blog: Defending Against ToolShell: SharePoint’s Latest Critical Vulnerability
A new, critical zero-day vulnerability dubbed “ToolShell” (CVE-2025-53770) poses a significant threat to on-premises SharePoint Server deployments. This vulnerability enables unauthenticated remote co ... Read more