CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
AISURU Botnet: From Record-Breaking DDoS to Residential Proxy Empire
The AISURU botnet, first disclosed by XLab in 2024, has rapidly become one of the most dangerous forces in the DDoS landscape. In 2025 alone, it was linked to multiple record-breaking attacks, includi ...
-
The Register
Apple 0-day likely used in spy attacks affected devices as old as iPhone 8
Apple backported a fix to older iPhones and iPads for a serious bug it patched last month – but only after it may have been exploited in what the company calls "extremely sophisticated" attacks. The l ...
-
The Hacker News
Chaos Mesh Critical GraphQL Flaws Enable RCE and Full Kubernetes Cluster Takeover
Sep 16, 2025Ravie LakshmananVulnerability / Cloud Security Cybersecurity researchers have disclosed multiple critical security vulnerabilities in Chaos Mesh that, if successfully exploited, could le ...
-
CrowdStrike.com
MURKY PANDA: A Trusted-Relationship Threat in the Cloud
Since late 2024, CrowdStrike Counter Adversary Operations has observed significant activity conducted by MURKY PANDA, a China-nexus adversary that has targeted government, technology, academic, legal, ...
-
Help Net Security
Ransomware attackers used incorrectly stored recovery codes to disable EDR agents
All target organizations are different, but ransomware attackers are highly adaptive and appreciate – and will exploit – any mistake you make. The latest Akira ransomware attacks Managed security serv ...
-
BleepingComputer
Apple backports zero-day patches to older iPhones and iPads
Apple has released security updates to backport patches released last month to older iPhones and iPads, addressing a zero-day bug that was exploited in "extremely sophisticated" attacks. This securit ...
-
CybersecurityNews
WordPress Plugin Vulnerability Let Attackers Bypass Authentication via Social Login
A critical authentication bypass vulnerability in the Case Theme User WordPress plugin has emerged as a significant security threat, allowing unauthenticated attackers to gain administrative access to ...
-
The Hacker News
Apple Backports Fix for CVE-2025-43300 Exploited in Sophisticated Spyware Attack
Sep 16, 2025Ravie LakshmananVulnerability / Spyware Apple on Monday backported fixes for a recently patched security flaw that has been actively exploited in the wild. The vulnerability in question ...
-
cert.pl
Vulnerabilities in Sparkle software
Vulnerabilities in Sparkle software CVE ID CVE-2025-10015 Publication date 16 September 2025 Vendor Sparkle Project Product Sparkle Vulnerable versions All before 2.7.2 Vulnerability type (CWE) Incorr ...
-
Daily CyberSecurity
Chrome’s New Preloading is a Game-Changer
Google has long experimented with prerendering technology in Chrome to accelerate page loading by rendering content in advance so that pages would open instantly upon a click. However, this approach o ...