CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
CVE-2025-58754: Axios Vulnerability Puts Node.js Processes at Risk of DoS Attacks
The Axios project has released a security advisory for a newly discovered vulnerability affecting its popular promise-based HTTP client for Node.js and browsers. Tracked as CVE-2025-58754 with a CVSS ...
-
Daily CyberSecurity
CISA Urges Immediate Patching: Critical Dassault Systèmes Flaw (CVE-2025-5086) Actively Exploited
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical flaw in Dassault Systèmes DELMIA Apriso to its Known Exploited Vulnerabilities (KEV) Catalog, following confirmed evide ...
-
Daily CyberSecurity
Unveiling VoidProxy: The Phishing-as-a-Service That Bypasses MFA
Domain pattern for Google phishing pages | Image: Okta Okta Threat Intelligence has published a detailed analysis of VoidProxy, a previously unreported Phishing-as-a-Service (PhaaS) platform that repr ...
-
Daily CyberSecurity
PyInstaller Flaw : Are Your Python Apps Vulnerable to Hijacking?
The PyInstaller project has released fixes for a local privilege escalation vulnerability that affected applications packaged with versions prior to 6.0.0. Tracked as CVE-2025-59042 with a CVSS score ...
-
BleepingComputer
Apple warns customers targeted in recent spyware attacks
Apple warned customers last week that their devices were targeted in a new series of spyware attacks, according to the French national Computer Emergency Response Team (CERT-FR). CERT-FR is operated b ...
-
BleepingComputer
Akira ransomware exploiting critical SonicWall SSLVPN bug again
The Akira ransomware gang is actively exploiting CVE-2024-40766, a year-old critical-severity access control vulnerability, to gain unauthorized access to SonicWall devices. The hackers are leverging ...
-
CybersecurityNews
New VMScape Spectre-BTI Attack Exploits Isolation Gaps in AMD and Intel CPUs
A novel speculative execution attack named VMSCAPE allows a malicious virtual machine (VM) to breach its security boundaries and steal sensitive data, like cryptographic keys, directly from its host s ...
-
BleepingComputer
New VMScape attack breaks guest-host isolation on AMD, Intel CPUs
A new Spectre-like attack dubbed VMScape allows a malicious virtual machine (VM) to leak cryptographic keys from an unmodified QEMU hypervisor process running on modern AMD or Intel CPUs. The attack b ...
-
The Register
Spectre haunts CPUs again: VMSCAPE vulnerability leaks cloud secrets
If you thought the world was done with side-channel CPU attacks, think again. ETH Zurich has identified yet another Spectre-based transient execution vulnerability that affects AMD Zen CPUs and Intel ...
-
Help Net Security
Akira ransomware affiliates continue breaching organizations via SonicWall firewalls
Over a year after SonicWall patched CVE-2024-40766, a critical flaw in its next-gen firewalls, ransomware attackers are still gaining a foothold in organizations by exploiting it. Like last September ...