CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
The AMX Lockdown: Critical KVM Bug Allows Guest VMs to Crash Linux Hosts
An unpleasant flaw surfaced in Linux—one capable of causing serious headaches for server administrators, particularly in public cloud environments. The issue arises when a KVM guest virtual machine us ...
-
Daily CyberSecurity
Hackers Revive 2020 FortiGate Flaw to Bypass 2FA
Fortinet has issued a warning regarding the active exploitation of a three-year-old vulnerability that allows attackers to bypass two-factor authentication (2FA) on FortiGate firewalls simply by chang ...
-
Daily CyberSecurity
High-Severity Flaws in TeamViewer DEX Allow Attackers to Hijack Nomad Services
TeamViewer has issued important security bulletins addressing multiple vulnerabilities across its Digital Employee Experience (DEX) product line (formerly 1E). The updates patch high-severity flaws in ...
-
Daily CyberSecurity
ChatGPT Atlas Under Guard: OpenAI Fortifies Browser Agent Against “Prompt Injection” Attacks
As artificial intelligence begins to browse the web on our behalf, the battleground for security is shifting from servers to our own browser tabs. OpenAI has deployed a critical security update for it ...
-
Daily CyberSecurity
The “lc” Leak: Critical 9.3 Severity LangChain Flaw Turns Prompt Injections into Secret Theft
A critical vulnerability was found in LangChain, the popular open-source framework used to power Large Language Model (LLM) agents. The flaw, tracked as CVE-2025-68664, carries a severe CVSS score of ...
-
Daily CyberSecurity
Zimbra Under Siege: High-Severity LFI Vulnerability Exposes Internal Files to Unauthenticated Attackers
Administrators of the popular Zimbra Collaboration Suite (ZCS) are being urged to patch immediately after the discovery of two distinct security vulnerabilities. The most severe of the pair allows una ...
-
Daily CyberSecurity
The Ghost in the Market: Unmasking “Fly,” the Secret Architect of the Infamous Russian Market
For over a decade, Russian Market has stood as a pillar of the cybercrime underground, a sprawling bazaar where stolen digital identities, browser cookies, and remote access credentials are sold by th ...
-
BleepingComputer
MongoDB warns admins to patch severe RCE flaw immediately
MongoDB has warned IT admins to immediately patch a high-severity vulnerability that can be exploited in remote code execution (RCE) attacks targeting vulnerable servers. Tracked as CVE-2025-14847, th ...
-
The Cyber Express
59,000 Servers Breached: Operation PCPcat Targets React and Next.js at Internet Scale
A large-scale cyber espionage operation known as Operation PCPcat has shaken the modern web infrastructure, compromising more than 59,000 servers in just 48 hours. The campaign targets systems built o ...
-
CybersecurityNews
Critical MongoDB Vulnerability Exposes Sensitive Data via Zlib Compression
A critical security vulnerability, tracked as CVE-2025-14847, that could allow attackers to extract uninitialized heap memory from database servers without authentication. The flaw resides in MongoDB’ ...