CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
seclists.org
[KIS-2025-09] Control Web Panel <= 0.9.8.1208 (admin/index.php) OS Command Injection Vulnerability
Full Disclosure mailing list archives From: Egidio Romano <n0b0d13s () gmail com> Date: Tue, 16 Dec 2025 11:36:47 +0100 -------------------------------------------------------------------------------- ...
-
The Hacker News
CISA Flags Critical ASUS Live Update Flaw After Evidence of Active Exploitation
Dec 18, 2025Ravie LakshmananVulnerability / Software Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical flaw impacting ASUS Live Update to its Kn ...
-
The Hacker News
Cisco Warns of Active Attacks Exploiting Unpatched 0-Day in AsyncOS Email Security Appliances
Dec 18, 2025Ravie LakshmananVulnerability / Network Security Cisco has alerted users of a maximum-severity zero-day flaw in Cisco AsyncOS software that has been actively exploited by a China-nexus a ...
-
Daily CyberSecurity
The Developer Win: GitHub Postpones Self-Hosted Runner Fee After Massive Community Outcry
Recently, the code hosting platform GitHub published a blog post announcing that, starting March 1, 2026, GitHub Actions would begin charging an additional platform fee. Under the proposed change, dev ...
-
Daily CyberSecurity
CVE-2025-37164 (CVSS 10.0): Unauthenticated HPE OneView RCE Grants Total Control Over Data Centers
Hewlett Packard Enterprise (HPE) has sounded the alarm on a catastrophic security vulnerability in its flagship infrastructure management software, OneView. The flaw, tracked as CVE-2025-37164, has be ...
-
Daily CyberSecurity
CISA Alert: Chinese Hackers Weaponize CVSS 10 Cisco Zero-Day & SonicWall Exploit Chains
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive adding three critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, signaling that ha ...
-
Daily CyberSecurity
Cisco Zero-Day Siege: Chinese Group UAT-9686 Deploys ‘Aqua’ Malware via CVSS 10 Root Exploit
A critical zero-day vulnerability in Cisco’s secure email appliances is under active siege by a sophisticated Chinese hacking group, granting them total control over sensitive network gateways. The ca ...
-
Daily CyberSecurity
Zero-Day Warning: Hackers Chain SonicWall SMA1000 Flaws for Unauthenticated Root RCE
SonicWall has issued an urgent security advisory for its high-end remote access appliances, patching a vulnerability that, while seemingly moderate on its own, serves as the final piece in a devastati ...
-
Daily CyberSecurity
Academic Ambush: How the Forum Troll APT Hijacks Scholars’ Systems via Fake Plagiarism Reports
A relentless Advanced Persistent Threat (APT) group known as “Forum Troll” has shifted its crosshairs from corporate networks to the academic elite, launching a precision phishing campaign against Rus ...
-
Daily CyberSecurity
Locked Out of the Cloud: Hackers Use AWS Termination Protection to Hijack ECS for Unstoppable Crypto Mining
In a striking display of cloud-native tradecraft, cybercriminals have been caught turning legitimate AWS environments into illicit cryptocurrency mining farms, utilizing a “novel persistence technique ...