CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
GeoServer CVE-2025-58360 added to CISA KEV
Why this vulnerability mattersCVE-2025-58360 is a recently disclosed XML External Entity (XXE) vulnerability in OSGeo GeoServer that has now been added to the CISA Known Exploited Vulnerabilities (KEV ...
-
Daily CyberSecurity
Core Banking System Flaw: Apache Fineract IDOR Risks Authorization Bypass & Customer Data Access
A trio of security vulnerabilities has been disclosed in Apache Fineract, the open-source core banking system that powers digital financial services for the unbanked and underbanked worldwide. The fla ...
-
Daily CyberSecurity
New 01flip Ransomware Hits APAC Critical Infra: Cross-Platform Rust Weapon Uses Sliver C2
A ransom note | Image: Unit 42 A new and sophisticated ransomware player has entered the cybercrime arena, targeting critical infrastructure in the Asia-Pacific region with a custom-built, cross-platf ...
-
Daily CyberSecurity
CISA KEV Alert: GeoServer XXE Flaw Under Active Attack Risks Data Theft & Internal Network Scanning
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting the widely used OSGeo GeoServer software to its Known Exploited Vulnerabilities (KEV) Catalog. ...
-
CybersecurityNews
New Vulnerabilities in React Server Components Allow DoS Attacks and Source Code Leaks
Less than a week after addressing a critical Remote Code Execution (RCE) vulnerability, the React team has disclosed three additional security flaws affecting React Server Components (RSC). Security r ...
-
Daily CyberSecurity
CVE-2025-64188 (CVSS 9.8): Critical “Soledad” Theme Flaw Lets Subscribers Take Over WordPress Sites
A critical security vulnerability has been discovered in Soledad, one of the most popular general-purpose WordPress themes on the market with over 57,000 active sales. The flaw, which carries a near-m ...
-
BleepingComputer
Hackers exploit Gladinet CentreStack cryptographic flaw in RCE attacks
Hackers are exploiting a new, undocumented vulnerability in the implementation of the cryptographic algorithm present in Gladinet's CentreStack and Triofox products for secure remote file access and s ...
-
AttackIQ
Ransom Tales: Volume VI — Throwback Edition! Emulating Ryuk, Conti, and BlackCat Ransomware
On July 22, 2025, AttackIQ introduced Ransom Tales, an initiative focused on routinely emulating the Tactics, Techniques, and Procedures (TTPs) associated with the prolific ransomware families current ...
-
The Register
Google fixes super-secret 8th Chrome 0-day
Google issued an emergency fix for a Chrome vulnerability already under exploitation, which marks the world's most popular browser's eighth zero-day bug of 2025. We have even fewer than usual details ...
-
The Register
LastPass hammered with £1.2M fine for 2022 breach fiasco
The UK's Information Commissioner's Office (ICO) says LastPass must cough up £1.2 million ($1.6 million) after its two-part 2022 data breach compromised information from up to 1.6 million UK users. In ...