CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
DNN Vulnerability Let Attackers Steal NTLM Credentials via Unicode Normalization Bypass
A critical vulnerability in DNN (formerly DotNetNuke) that allows attackers to steal NTLM credentials through a sophisticated Unicode normalization bypass technique. The vulnerability, tracked as CVE- ... Read more
-
Cyber Security News
CISA Warns of Rails Ruby on Rails Path Traversal Vulnerability Exploited in Attacks
CISA has issued a critical warning regarding a path traversal vulnerability in the Ruby on Rails framework that poses significant risks to web applications worldwide. The vulnerability, cataloged as C ... Read more
-
Cyber Security News
Ivanti Endpoint Manager Mobile Vulnerabilities Let Attackers Execute Remote Code
Ivanti disclosed two high-severity vulnerabilities in its Endpoint Manager Mobile (EPMM) product, which could allow remote attackers to execute code on affected systems. The company has released criti ... Read more
-
Cyber Security News
Ivanti Security Update: Patch for Multiple Vulnerabilities in Connect and Policy Secure
Ivanti, a leading provider of IT security and management solutions, has announced the release of critical updates for its Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) products. These upd ... Read more
-
Help Net Security
Check for CitrixBleed 2 exploitation even if you patched quickly! (CVE-2025-5777)
With PoC exploits for CVE-2025-5777 (aka CitrixBleed 2) now public and reports of active exploitation of the flaw since mid-June, you should check whether your Citrix NetScaler ADC and/or Gateway inst ... Read more
-
Cyber Security News
FortiOS Buffer Overflow Vulnerability Allows Attackers to Execute Arbitrary Code
Fortinet disclosed a significant security flaw in its FortiOS operating system, identified as CVE-2025-24477. This heap-based buffer overflow vulnerability, classified under CWE-122, affects the cw_st ... Read more
-
security.nl
'CitrixBleed2-lek sinds juni gebruikt om Netscaler-sessies te kapen'
Een kwetsbaarheid in NetScaler ADC en NetScaler Gateway, ook bekend als CitrixBleed2 en CVE-2025–5777, is sinds halverwege juni gebruikt om NetScaler-sessies te kapen en multifactorauthenticatie (MFA) ... Read more
-
security.nl
'CitrixBleed2-lek sinds juni gebruikt om NetScaler-sessies te kapen'
dinsdag 8 juli 2025, 17:28 door Redactie, 0 reactiesLaatst bijgewerkt: Vandaag, 09:07 Een kwetsbaarheid in NetScaler ADC en NetScaler Gateway, ook bekend als CitrixBleed2 en CVE-2025–5777, is sinds ha ... Read more
-
security.nl
'CitrixBleed2-lek sinds juni gebruikt om NetScaler-sessies te kapen'
dinsdag 8 juli 2025, 17:28 door Redactie, 0 reactiesLaatst bijgewerkt: 09-07-2025, 09:07 Een kwetsbaarheid in NetScaler ADC en NetScaler Gateway, ook bekend als CitrixBleed2 en CVE-2025–5777, is sinds ... Read more
-
DoublePulsar
CitrixBleed 2 exploitation started mid-June — how to spot it
CitrixBleed 2 — CVE-2025–5777 — has been under active exploitation to hijack Netscaler sessions, bypassing MFA, globally for a month.I wrote this about the vulnerability back on June 24th, encouraging ... Read more