CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
CVE-2025-56752: Remote Attackers Can Gain Full Administrative Access to Affected Ruijie Networks Devices Without Authentication
Ruijie Networks has released a security advisory addressing a critical vulnerability in its Reyee RG-ES series switches that could allow attackers to modify device login credentials without authorizat ...
-
Daily CyberSecurity
CVE-2025-53187: Critical RCE in ABB ASPECT BMS with CVSS 9.8, No Prior Authentication
ABB has issued a cybersecurity advisory disclosing multiple vulnerabilities affecting its ASPECT Building Management System (BMS), including an authentication bypass rated CVSS 9.8. While patches exis ...
-
The Register
Attackers snooping around Sitecore, dropping malware via public sample keys
Unknown miscreants are exploiting a configuration vulnerability in multiple Sitecore products to achieve remote code execution via a publicly exposed key and deploy snooping malware on infected machin ...
-
BleepingComputer
Hackers exploited Sitecore zero-day flaw to deploy backdoors
Threat actors have been exploiting a zero-day vulnerability in legacy Sitecore deployments to deploy WeepSteel reconnaissance malware. The flaw, tracked under CVE-2025-53690, is a ViewState deserializ ...
-
BleepingComputer
New TP-Link zero-day surfaces as CISA warns other flaws are exploited
TP-Link has confirmed the existence of an unpatched zero-day vulnerability impacting multiple router models, as CISA warns that other router flaws have been exploited in attacks. The zero-day vulnerab ...
-
The Register
Windows starts asking for admin rights where it shouldn't after security fix
Microsoft's August 2025 Windows Security Update is causing pain for administrators after a fix for a vulnerability led to some unintended consequences. The fix was related to CVE-2025-50173, which add ...
-
TheCyberThrone
Critical Sitecore Zero-Day Flaw
September 4, 2025IntroductionOn September 3, 2025, a critical zero-day vulnerability (CVE-2025-53690) in the Sitecore Experience Platform sent shockwaves through the enterprise content management comm ...
-
cert.pl
Vulnerability in Concept Intermedia GOV CMS software
Vulnerability in Concept Intermedia GOV CMS software CVE ID CVE-2025-7385 Publication date 04 September 2025 Vendor Concept Intermedia Product GOV CMS Vulnerable versions All before 4.0 Vulnerability ...
-
Help Net Security
macOS vulnerability allowed Keychain and iOS app decryption without a password
Today at Nullcon Berlin, a researcher disclosed a macOS vulnerability (CVE-2025-24204) that allowed attackers to read the memory of any process, even with System Integrity Protection (SIP) enabled. Th ...
-
The Cyber Express
Django Web Vulnerability Exposes Applications to High-Risk SQL Injection – CVE-2025-57833
A serious Django web vulnerability has been identified, prompting immediate action from the Django web framework development team. The flaw, officially registered as CVE-2025-57833, affects the Filter ...