CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
security.nl
Amerikaanse overheidsinstantie gehackt na niet installeren GeoServer-update
Een federale Amerikaanse overheidsinstantie is vorig jaar gehackt omdat het had nagelaten een beveiligingsupdate voor een kritieke kwetsbaarheid in GeoServer te installeren. De patch was drie weken ee ...
-
security.nl
Libraesva dicht actief aangevallen kwetsbaarheid in Email Security Gateway
Aanbieder van e-mailoplossingen Libraesva heeft een beveiligingsupdate uitgebracht voor een actief aangevallen kwetsbaarheid in de Email Security Gateway (ESG) die het biedt. Volgens het bedrijf is he ...
-
The Hacker News
Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials
Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services (AW ...
-
The Hacker News
State-Sponsored Hackers Exploiting Libraesva Email Security Gateway Vulnerability
Sep 24, 2025Ravie LakshmananVulnerability / Email Security Libraesva has released a security update to address a vulnerability in its Email Security Gateway (ESG) solution that it said has been expl ...
-
CybersecurityNews
CISA Details That Hackers Gained Access to a U.S. Federal Agency Network Via GeoServer RCE Vulnerability
CISA has released a comprehensive cybersecurity advisory detailing how threat actors successfully compromised a U.S. federal civilian executive branch agency’s network by exploiting CVE-2024-36401, a ...
-
Daily CyberSecurity
CISA adds Chrome zero-day CVE-2025-10585 to KEV after public exploit appears
CISA this week added CVE-2025-10585, a high-severity type-confusion flaw in Google’s V8 JavaScript engine, to its Known Exploited Vulnerabilities catalog after evidence of active exploitation was obse ...
-
Daily CyberSecurity
OpenSSF Warns: Open Source Software Is Not a Free Service
The Open Source Security Foundation (OpenSSF), together with several prominent open-source and software foundations, has issued a joint statement declaring that it can no longer serve as the unpaid ga ...
-
Daily CyberSecurity
CVE-2025-9844: Salesforce CLI Installer Vulnerability Could Lead to SYSTEM-Level Compromise
Salesforce has published a security advisory detailing a high-severity flaw in its Salesforce-CLI installer (sf-x64.exe). The vulnerability, tracked as CVE-2025-9844 with a CVSS score of 8.8, could al ...
-
Daily CyberSecurity
CVE-2025-10184: Unpatched OnePlus Flaw Exposes SMS Data & Breaks MFA, PoC Available
Researchers at Rapid7 have disclosed a critical permission bypass vulnerability in OnePlus OxygenOS, tracked as CVE-2025-10184. The flaw allows any installed application on affected devices to read SM ...
-
CybersecurityNews
Chrome High-severity Vulnerabilities Let Attackers Access Sensitive Data and Crash System
Google has issued an urgent security update for its Chrome web browser to address three high-severity vulnerabilities that could allow attackers to access sensitive information or cause the system to ...