CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Help Net Security
SolarWinds fixes critical Web Help Desk RCE vulnerability (CVE-2025-26399)
SolarWinds has fixed yet another unauthenticated remote code execution vulnerability (CVE-2025-26399) in Web Help Desk (WHD), its popular web-based IT ticketing and asset management solution. While th ...
-
Help Net Security
Libraesva ESG zero-day vulnerability exploited by attackers (CVE-2025-59689)
Suspected state-sponsored attackers have exploited a zero-day vulnerability (CVE-2025-59689) in the Libraesva Email Security Gateway (ESG), the Italian email security company has confirmed. About CVE- ...
-
The Cyber Express
CISA Says Failure to Patch, Untested IRP, Silent EDR Alerts, Led to a Federal Agency Breach
CISA this week offered a rare window into a real-world breach at a U.S. federal civilian agency. Delays in patching, unexercised incident response plans, and inadequate monitoring of EDR alerts were t ...
-
Ars Technica
Supermicro server motherboards can be infected with unremovable malware
Servers running on motherboards sold by Supermicro contain high-severity vulnerabilities that can allow hackers to remotely install malicious firmware that runs even before the operating system, makin ...
-
CybersecurityNews
OnePlus OxygenOS Vulnerability Allows Any App to Read SMS Data Without Permission
A severe security vulnerability in OnePlus OxygenOS has been discovered that allows any installed application to read SMS and MMS messages without requesting permission or notifying users. The flaw, d ...
-
CybersecurityNews
Salesforce CLI Installer Vulnerability Let Attackers Execute Code and Gain SYSTEM-Level Access
A critical vulnerability in the Salesforce CLI installer (sf-x64.exe) enables attackers to achieve arbitrary code execution, privilege escalation, and SYSTEM-level access on Windows systems. Tracked a ...
-
CybersecurityNews
Hackers Exploiting Libraesva Email Security Gateway Vulnerability to Inject Malicious Commands
Libraesva has issued an emergency patch for a significant command injection vulnerability in its Email Security Gateway (ESG) after confirming state-sponsored hackers exploited it. The flaw, identifie ...
-
Daily CyberSecurity
Intel Shifts Gears: What a New Driver Policy Means for Gamers
Not every user’s PC comes equipped with a dedicated graphics card, which is why many still rely on Intel’s integrated GPUs for gaming or handling image and video workloads. Under normal circumstances, ...
-
CybersecurityNews
CISA Warns of Google Chrome 0-Day Vulnerability Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a high-severity zero-day vulnerability in Google Chrome that is being actively exploited in attacks. The vul ...
-
security.nl
Amerikaanse overheidsinstantie gehackt na niet installeren GeoServer-update
Een federale Amerikaanse overheidsinstantie is vorig jaar gehackt omdat het had nagelaten een beveiligingsupdate voor een kritieke kwetsbaarheid in GeoServer te installeren. De patch was drie weken ee ...