CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Critical Frauscher Flaws (CVE-2025-3626 CVSS 9.1, CVE-2025-3705 CVSS 6.8): OS Command Injection Threatens Railway Systems
A newly published security advisory coordinated by CERT@VDE and Frauscher Sensortechnik GmbH reveals two severe OS command injection vulnerabilities affecting Frauscher’s FDS101, FDS102, and FDS-SNMP1 ... Read more
-
Daily CyberSecurity
Critical Vulnerabilities Found in Nimesa Backup and Recovery Software
JPCERT/CC has issued a warning about two serious vulnerabilities in the Nimesa Backup and Recovery solution, a widely used disaster recovery and backup platform for enterprise applications on AWS. The ... Read more
-
Daily CyberSecurity
CVE-2025-41672 (CVSS 10): Critical JWT Certificate Flaw in WAGO Device Sphere Allows Full Remote Takeover
A coordinated disclosure by CERT@VDE and WAGO has unveiled a devastating vulnerability—CVE-2025-41672—impacting WAGO’s industrial automation platform Device Sphere. Rated CVSS 10.0, the flaw enables r ... Read more
-
BleepingComputer
Public exploits released for CitrixBleed 2 NetScaler flaw, patch now
Researchers have released proof-of-concept (PoC) exploits for a critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed CitrixBleed2, warning that the flaw is easily exploitable a ... Read more
-
The Register
CitrixBleed 2 exploits are on the loose as security researchers yell and wave their hands
Multiple exploits are circulating for CVE-2025-5777, a critical bug in Citrix NetScaler ADC and NetScaler Gateway dubbed CitrixBleed 2, and security analysts are warning a "significant portion" of use ... Read more
-
InfoSec Write-ups
VAPT Report on HTTPAPI Services in Windows 10 Healthcare Endpoint
This report documents a targeted VAPT simulation that exploited Microsoft HTTPAPI via port 5357 to assess system misconfigurations and apply mitigation through service hardening and firewall enforceme ... Read more
-
Cyber Security News
Comodo Internet Security 2025 Vulnerabilities Execute Remote Code With SYSTEM Privilege
Multiple critical vulnerabilities in Comodo Internet Security Premium 2025 allow attackers to execute remote code with SYSTEM privileges, completely compromising victim systems through malicious updat ... Read more
-
The Hacker News
⚡ Weekly Recap: Chrome 0-Day, Ivanti Exploits, MacOS Stealers, Crypto Heists and More
Everything feels secure—until one small thing slips through. Even strong systems can break if a simple check is missed or a trusted tool is misused. Most threats don't start with alarms—they sneak in ... Read more
-
cert.pl
Vulnerability in SUR-FBD CMMS software
CVE ID CVE-2025-3920 Publication date 07 July 2025 Vendor SUR-FBD CMMS Product SUR-FBD CMMS Vulnerable versions All through 2025.03.27 Vulnerability type (CWE) Use of Hard-coded Password (CWE-259) Rep ... Read more
-
Cyber Security News
ScriptCase Vulnerabilities Let Attackers Execute Remote Code and Gain Server Access
Two critical vulnerabilities in ScriptCase’s Production Environment module can be chained together to achieve pre-authenticated remote command execution on affected servers. The vulnerabilities, track ... Read more