CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
New CrushFTP zero-day exploited in attacks to hijack servers
CrushFTP is warning that threat actors are actively exploiting a zero-day vulnerability tracked as CVE-2025-54309, which allows attackers to gain administrative access via the web interface on vulnera ... Read more
-
CrowdStrike.com
July 2025 Patch Tuesday: One Publicly Disclosed Zero-Day and 14 Critical Vulnerabilities Among 137 CVEs
Microsoft has addressed 137 vulnerabilities in its July 2025 security update release, more than double the number of vulnerabilities in June. This month's patches include fixes for one publicly disclo ... Read more
-
The Hacker News
Ivanti Zero-Days Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks
Jul 18, 2025Ravie LakshmananMalware / Vulnerability Cybersecurity researchers have disclosed details of a new malware called MDifyLoader that has been observed in conjunction with cyber attacks expl ... Read more
-
CrowdStrike.com
July 2025 Patch Tuesday: One Publicly Disclosed Zero-Day and 14 Critical Vulnerabilities Among 137 CVEs
Microsoft has addressed 137 vulnerabilities in its July 2025 security update release, more than double the number of vulnerabilities in June. This month's patches include fixes for one publicly disclo ... Read more
-
BleepingComputer
Hackers scanning for TeleMessage Signal clone flaw exposing passwords
Researchers are seeing exploitation attempts for the CVE-2025-48927 vulnerability in the TeleMessage SGNL app, which allows retrieving usernames, passwords, and other sensitive data. TeleMessage SGNL ... Read more
-
CybersecurityNews
Fancy Bear Hackers Attacking Governments, Military Entities With New Sophisticated Tools
The notorious Russian cyberespionage group Fancy Bear, also known as APT28, has intensified its operations against governments and military entities worldwide using an arsenal of sophisticated new too ... Read more
-
security.nl
Signal-kloon TeleMessage SGNL gebruikte kwetsbare Spring Boot Actuator
Bepaalde versies van TeleMessage SGNL, een versleutelde berichtenapp die specifiek is ontworpen voor overheidsorganisaties en grote bedrijven, zijn kwetsbaar voor cyberaanvallen. Een oude versie van S ... Read more
-
CrowdStrike.com
July 2025 Patch Tuesday: One Publicly Disclosed Zero-Day and 14 Critical Vulnerabilities Among 137 CVEs
Microsoft has addressed 137 vulnerabilities in its July 2025 security update release, more than double the number of vulnerabilities in June. This month's patches include fixes for one publicly disclo ... Read more
-
CybersecurityNews
Threat Actors Exploiting Ivanti Connect Secure Vulnerabilities to Deploy Cobalt Strike Beacon
A sophisticated malware campaign targeting Ivanti Connect Secure VPN devices has been actively exploiting critical vulnerabilities CVE-2025-0282 and CVE-2025-22457 since December 2024. The ongoing att ... Read more
-
CybersecurityNews
Sophos Intercept X for Windows Vulnerabilities Enable Arbitrary Code Execution
Three critical vulnerabilities in the Sophos Intercept X for Windows product family could allow local attackers to achieve arbitrary code execution with system-level privileges. Identified as CVE-2024 ... Read more