CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Unveiling VoidProxy: The Phishing-as-a-Service That Bypasses MFA
Domain pattern for Google phishing pages | Image: Okta Okta Threat Intelligence has published a detailed analysis of VoidProxy, a previously unreported Phishing-as-a-Service (PhaaS) platform that repr ...
-
Daily CyberSecurity
PyInstaller Flaw : Are Your Python Apps Vulnerable to Hijacking?
The PyInstaller project has released fixes for a local privilege escalation vulnerability that affected applications packaged with versions prior to 6.0.0. Tracked as CVE-2025-59042 with a CVSS score ...
-
BleepingComputer
Apple warns customers targeted in recent spyware attacks
Apple warned customers last week that their devices were targeted in a new series of spyware attacks, according to the French national Computer Emergency Response Team (CERT-FR). CERT-FR is operated b ...
-
BleepingComputer
Akira ransomware exploiting critical SonicWall SSLVPN bug again
The Akira ransomware gang is actively exploiting CVE-2024-40766, a year-old critical-severity access control vulnerability, to gain unauthorized access to SonicWall devices. The hackers are leverging ...
-
CybersecurityNews
New VMScape Spectre-BTI Attack Exploits Isolation Gaps in AMD and Intel CPUs
A novel speculative execution attack named VMSCAPE allows a malicious virtual machine (VM) to breach its security boundaries and steal sensitive data, like cryptographic keys, directly from its host s ...
-
BleepingComputer
New VMScape attack breaks guest-host isolation on AMD, Intel CPUs
A new Spectre-like attack dubbed VMScape allows a malicious virtual machine (VM) to leak cryptographic keys from an unmodified QEMU hypervisor process running on modern AMD or Intel CPUs. The attack b ...
-
The Register
Spectre haunts CPUs again: VMSCAPE vulnerability leaks cloud secrets
If you thought the world was done with side-channel CPU attacks, think again. ETH Zurich has identified yet another Spectre-based transient execution vulnerability that affects AMD Zen CPUs and Intel ...
-
Help Net Security
Akira ransomware affiliates continue breaching organizations via SonicWall firewalls
Over a year after SonicWall patched CVE-2024-40766, a critical flaw in its next-gen firewalls, ransomware attackers are still gaining a foothold in organizations by exploiting it. Like last September ...
-
CybersecurityNews
Palo Alto Networks User-ID Credential Agent Vulnerability Exposes password In Cleartext
A newly disclosed vulnerability in Palo Alto Networks’ User-ID Credential Agent for Windows, identified as CVE-2025-4235, could expose a service account’s password in cleartext under certain non-stand ...
-
The Cyber Express
SAP Issues Critical Security Patch for NetWeaver and Other Products, Warns of CVE-2025-42944
SAP has released a new security update addressing a broad range of vulnerabilities across its product ecosystem. Among the most alarming is a critical vulnerability identified in SAP NetWeaver, tracke ...