CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Critical Flaw (CVE-2025-7783, CVSS 9.4) in Form-Data Library Exposes Millions of Apps to Multipart Injection & RCE
A critical vulnerability has been uncovered in the widely used JavaScript library Form-Data, impacting millions of applications that rely on it to submit form data and file uploads. Tracked as CVE-202 ... Read more
-
Daily CyberSecurity
Microsoft: China-Backed APTs Actively Exploiting SharePoint Flaws (CVE-2025-49704 & CVE-2025-49706)
Last week, the Microsoft Security Response Center (MSRC) issued an urgent advisory regarding active exploitation of critical vulnerabilities in on-premises SharePoint Server installations. The alert, ... Read more
-
CybersecurityNews
Chrome High-Severity Vulnerabilities Allow Attackers to Execute Arbitrary Code
Google has released an urgent security update for its Chrome browser, addressing three critical vulnerabilities that could enable attackers to execute arbitrary code on users’ systems. The Stable chan ... Read more
-
Daily CyberSecurity
Google Patches Two High-Severity V8 Vulnerabilities (CVE-2025-8010, CVE-2025-8011) in Chrome
Google has released a new Stable Channel Update for Chrome Desktop, bringing the browser to version 138.0.7204.168/.169 for Windows and macOS, and 138.0.7204.168 for Linux. The update is rolling out g ... Read more
-
Daily CyberSecurity
Critical Manager.io Flaw (CVE-2025-54122, CVSS 10.0) Allows Unauthenticated SSRF & Cloud Takeover
A newly disclosed critical vulnerability in Manager.io, a free accounting software used by businesses across Australia and New Zealand, poses a severe threat to network security and cloud environments ... Read more
-
Daily CyberSecurity
Mimo Strikes Magento: New Campaign Shifts to Cryptojacking, Proxyjacking, & Stealthy Persistence
The once Craft CMS-focused threat actor known as Mimo—or Mimo’lette—has resurfaced with new vigor, broadening its scope and evolving into a persistent adversary. In its latest campaign, detailed by th ... Read more
-
SentinelOne
More From Our Main Blog: Defending Against ToolShell: SharePoint’s Latest Critical Vulnerability
A new, critical zero-day vulnerability dubbed “ToolShell” (CVE-2025-53770) poses a significant threat to on-premises SharePoint Server deployments. This vulnerability enables unauthenticated remote co ... Read more
-
SentinelOne
More From Our Main Blog: Defending Against ToolShell: SharePoint’s Latest Critical Vulnerability
A new, critical zero-day vulnerability dubbed “ToolShell” (CVE-2025-53770) poses a significant threat to on-premises SharePoint Server deployments. This vulnerability enables unauthenticated remote co ... Read more
-
CrowdStrike.com
July 2025 Patch Tuesday: One Publicly Disclosed Zero-Day and 14 Critical Vulnerabilities Among 137 CVEs
Microsoft has addressed 137 vulnerabilities in its July 2025 security update release, more than double the number of vulnerabilities in June. This month's patches include fixes for one publicly disclo ... Read more
-
CrowdStrike.com
CrowdStrike Detects and Blocks Widespread SharePoint Zero-Day Exploitation
Beginning on July 18, 2025, at approximately 0700 UTC, CrowdStrike Falcon® Complete Next-Gen MDR and CrowdStrike Falcon® Adversary OverWatch™ identified a wave of Microsoft SharePoint exploitation att ... Read more