CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
SharePoint Server Under Active Zero-Day Attack (CVE-2025-53770, CVSS 9.8), No Patch Yet!
Microsoft has issued an urgent security advisory for on-premises SharePoint Server customers in response to active exploitation of a critical remote code execution (RCE) vulnerability. The issue—now t ... Read more
-
CrowdStrike.com
July 2025 Patch Tuesday: One Publicly Disclosed Zero-Day and 14 Critical Vulnerabilities Among 137 CVEs
Microsoft has addressed 137 vulnerabilities in its July 2025 security update release, more than double the number of vulnerabilities in June. This month's patches include fixes for one publicly disclo ... Read more
-
TheCyberThrone
VMware Fixes Vulnerabilities Exploited at Pwn2Own Berlin
Following successful live exploit demonstrations at the Pwn2Own Berlin 2025 security competition held in May, VMware has patched four zero-day vulnerabilities affecting several of its virtualization p ... Read more
-
CybersecurityNews
New CrushFTP 0-Day Vulnerability Exploited in the Wild to Gain Access to Servers
A critical zero-day flaw in the CrushFTP managed file-transfer platform was confirmed after vendor and threat-intelligence sources confirmed active exploitation beginning on 18 July 2025 at 09:00 CST. ... Read more
-
CrowdStrike.com
July 2025 Patch Tuesday: One Publicly Disclosed Zero-Day and 14 Critical Vulnerabilities Among 137 CVEs
Microsoft has addressed 137 vulnerabilities in its July 2025 security update release, more than double the number of vulnerabilities in June. This month's patches include fixes for one publicly disclo ... Read more
-
CrowdStrike.com
July 2025 Patch Tuesday: One Publicly Disclosed Zero-Day and 14 Critical Vulnerabilities Among 137 CVEs
Microsoft has addressed 137 vulnerabilities in its July 2025 security update release, more than double the number of vulnerabilities in June. This month's patches include fixes for one publicly disclo ... Read more
-
CrowdStrike.com
July 2025 Patch Tuesday: One Publicly Disclosed Zero-Day and 14 Critical Vulnerabilities Among 137 CVEs
Microsoft has addressed 137 vulnerabilities in its July 2025 security update release, more than double the number of vulnerabilities in June. This month's patches include fixes for one publicly disclo ... Read more
-
CybersecurityNews
CISA Warns of Fortinet FortiWeb SQL Injection Vulnerability Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Fortinet FortiWeb vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitati ... Read more
-
Daily CyberSecurity
Major npm Supply Chain Attack: Phishing Campaign Steals Maintainer Credentials, Injects Malware into Popular Packages
Image: Socket A deceptive and highly targeted phishing campaign has successfully compromised several popular npm packages, including eslint-config-prettier, eslint-plugin-prettier, and synckit, after ... Read more
-
Daily CyberSecurity
FortiWeb SQL Injection (CVE-2025-25257) Added to CISA KEV After Active Exploitation, PoC Available!
A critical SQL injection vulnerability in Fortinet FortiWeb, tracked as CVE-2025-25257, has been added to the CISA Known Exploited Vulnerabilities (KEV) Catalog following confirmation of active exploi ... Read more