CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Gigabyte UEFI Firmware Vulnerability Let Attackers Execute Arbitrary Code in the SMM Environment
Critical security vulnerabilities have been discovered in Gigabyte UEFI firmware that could allow attackers to execute arbitrary code in System Management Mode (SMM), one of the most privileged execut ... Read more
-
BleepingComputer
Gigabyte motherboards vulnerable to UEFI malware bypassing Secure Boot
Dozens of Gigabyte motherboard models run on UEFI firmware vulnerable to security issues that allow planting bootkit malware that is invisible to the operating system and can survive reinstalls. The v ... Read more
-
Help Net Security
Exploits for unauthenticated FortiWeb RCE are public, so patch quickly! (CVE-2025-25257)
With two proof-of-concept (PoC) exploits made public late last week, CVE-2025-25257 – a critical SQL command injection vulnerability in Fortinet’s FortiWeb web application firewall – is expected to b ... Read more
-
The Cyber Express
Cloned Phones, Stolen Identities: The eSIM Hack No One Saw Coming
Embedded SIMs (eSIMs), officially known as Kigen eUICC, are transforming connectivity by allowing users to switch operators without physically swapping cards. These chips store digital profiles and su ... Read more
-
TheCyberThrone
CVE-2025-25257 Critical FortiWeb SQL Injection Leading to RCE
Skip to content July 14, 2025🔐 Vulnerability SummaryCVE ID: CVE-2025-25257Product Affected: Fortinet FortiWeb – A Web Application Firewall (WAF)Vulnerability Type: Unauthenticated SQL Injection (CWE-8 ... Read more
-
Daily CyberSecurity
Critical Apache Jackrabbit Flaw (CVE-2025-53689): XXE Attacks Allow Data Exfiltration & DoS
A critical XML External Entity (XXE) vulnerability has been identified in multiple versions of Apache Jackrabbit, a popular open-source implementation of the Java Content Repository (JCR) specificatio ... Read more
-
Daily CyberSecurity
Apple Leadership Shake-Up: Tim Cook Expected to Stay 5 More Years as Generational Transition & AI Challenges Loom
Despite ongoing public scrutiny over Apple’s future strategic direction and CEO succession plans, a recent report by Bloomberg suggests that current CEO Tim Cook is expected to remain at the helm for ... Read more
-
Daily CyberSecurity
MoonPay CEO Falls Victim to Crypto Scam: Imposter Steve Witkoff Dupes Executive for $250K
The cryptocurrency industry is no stranger to scams, yet it’s rare to see senior executives of crypto wallet firms fall victim to such schemes. That changed recently when Ivan Soto-Wright, CEO of the ... Read more
-
Daily CyberSecurity
Zoom Unveils Custom AI Companion: Agent-Like AI Boosts Productivity Across 16 Business Apps
As AI technology increasingly permeates diverse professional environments, Zoom has announced an expansion of its AI Companion capabilities with the introduction of a new add-on service—Custom AI Comp ... Read more
-
Daily CyberSecurity
GPUHammer: First Rowhammer Attack on GDDR6 GPU Memory Induces Bit Flips, Degrades AI Models
For nearly a decade, Rowhammer has haunted DRAM technology, and now it has entered a new field: GPU memory. In a recent security note, NVIDIA confirmed that a proof-of-concept Rowhammer-style attack—d ... Read more