CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Chrome Type Confusion 0-Day Vulnerability Code Analysis Released
Google Chrome’s V8 JavaScript engine has been compromised by a critical type confusion zero-day vulnerability, designated CVE-2025-10585, marking the sixth actively exploited Chrome zero-day discovere ...
-
Help Net Security
Unpatched Fortra GoAnywhere instances at risk of full takeover (CVE-2025-10035)
If you’re running Fortra’s GoAnywhere managed file transfer solution and you haven’t updated to the latest available version for a while, do so now or risk getting your instance compromised via CVE-20 ...
-
cert.pl
Vulnerability in GALAYOU G2 software
Vulnerability in GALAYOU G2 software CVE ID CVE-2025-9983 Publication date 22 September 2025 Vendor GALAYOU Product G2 Vulnerable versions 11.100001.01.28 Vulnerability type (CWE) Missing Authenticati ...
-
The Cyber Express
Microsoft Entra ID Exposed: Actor Token Flaw Enables Stealthy Global Admin Takeove
A newly disclosed vulnerability tracked as CVE-2025-55241 has been reported. The flaw, discovered by an independent researcher and disclosed in September 2025, revealed that Microsoft Entra ID, former ...
-
Daily CyberSecurity
Apple’s In-House Chips Pave the Way for On-Device AI Revolution
In recent years, Apple has vigorously advanced its strategy of self-developing chips, evolving from the A-series and M-series processors to the Apple 16e, released earlier this year, which debuted the ...
-
CybersecurityNews
Hackers Bypassing Windows Mark of the Web Files Using LNK Stomping Attack
A sophisticated attack technique called LNK Stomping has emerged as a critical threat to Windows security, exploiting a fundamental flaw in how the operating system handles shortcut files to bypass se ...
-
The Hacker News
Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants
A critical token validation failure in Microsoft Entra ID (previously Azure Active Directory) could have allowed attackers to impersonate any user, including Global Administrators, across any tenant. ...
-
TheCyberThrone
The Actor Token Nightmare: CVE-2025-55241
September 22, 2025In July 2025, deep within the cloud fabric that powers thousands of businesses worldwide, a flaw silently waited to be discovered. It lurked in the legacy backend of Microsoft’s Entr ...
-
Daily CyberSecurity
PoC Released for CVE-2025-41243 – A Spring Cloud Gateway Flaw with CVSS 10.0
Privacy & Transparencysecurityonline.info and our partners ask for your consent to use your personal data, and to store and/or access information on your device. This includes using your personal data ...
-
Daily CyberSecurity
CountLoader: A New Malware Loader Linked to Russian Ransomware Groups
Researchers at Silent Push have identified a newly emerging malware loader dubbed CountLoader, which they assess to be linked with multiple ransomware groups—primarily Russian-speaking cybercriminals. ...