CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
New Konfety Malware Variant Evades Detection by Manipulating APKs and Dynamic Code
Cybersecurity researchers have discovered a new, sophisticated variant of a known Android malware referred to as Konfety that leverages the evil twin technique to enable ad fraud. The sneaky approach ... Read more
-
CybersecurityNews
Node.js Vulnerabilities Exposes Windows App to Path Traversal and HashDoS Attacks
The Node.js project has released critical security updates across multiple release lines to address two high-severity vulnerabilities affecting Windows applications and V8 engine implementations. Secu ... Read more
-
The Hacker News
Google AI "Big Sleep" Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act
Jul 16, 2025Ravie LakshmananAI Security / Vulnerability Google on Tuesday revealed that its large language model (LLM)-assisted vulnerability discovery framework discovered a security flaw in the SQ ... Read more
-
CybersecurityNews
VMware ESXi and Workstation Vulnerabilities Let Attackers Execute Malicious Code on Host
Multiple severe vulnerabilities have been addressed affecting VMware ESXi, Workstation, Fusion, and Tools that could allow attackers to execute malicious code on host systems. The vulnerabilities, ide ... Read more
-
CybersecurityNews
Google Chrome 0-day Vulnerability Actively Exploited in the Wild
Google has released an emergency security update for Chrome, addressing a critical zero-day vulnerability that attackers are actively exploiting in real-world attacks. The tech giant confirmed that CV ... Read more
-
Daily CyberSecurity
AI Spam Threatens cURL’s Bug Bounty Program: Developer Considers Shutting It Down
Daniel, the developer behind the widely used open-source utility cURL, recently revealed in a blog post that he is contemplating the discontinuation of the project’s vulnerability bounty program. This ... Read more
-
Daily CyberSecurity
High-Severity Node.js Flaws Expose Windows Apps to Path Traversal (CVE-2025-27210) & HashDoS (CVE-2025-27209) Attacks
The OpenJS Foundation has released important updates to Node.js 24.x, 22.x, and 20.x release lines, addressing two high-severity vulnerabilities—CVE-2025-27210 and CVE-2025-27209—that pose risks to Wi ... Read more
-
CrowdStrike.com
July 2025 Patch Tuesday: One Publicly Disclosed Zero-Day and 14 Critical Vulnerabilities Among 137 CVEs
Microsoft has addressed 137 vulnerabilities in its July 2025 security update release, more than double the number of vulnerabilities in June. This month's patches include fixes for one publicly disclo ... Read more
-
Daily CyberSecurity
Apache CXF Vulnerability: DoS and Data Leak Risks Exposed (CVE-2025-48795)
The Apache Software Foundation has disclosed a vulnerability—CVE-2025-48795—affecting multiple versions of Apache CXF, an open-source web services framework relied upon by developers for building SOAP ... Read more
-
Daily CyberSecurity
Broadcom Addresses Critical Vulnerabilities in VMware ESXi, Workstation, and Fusion
Broadcom has issued an urgent advisory addressing four critical vulnerabilities affecting VMware ESXi, Workstation, Fusion, and Tools, with CVSS scores reaching as high as 9.3. These flaws, reported t ... Read more