CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CrowdStrike.com
June 2025 Patch Tuesday: One Zero-Day and Nine Critical Vulnerabilities Among 66 CVEs
Microsoft has addressed 66 vulnerabilities in its June 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and nine Critical vulnerabilit ... Read more
-
Cyber Security News
CISA Warns of TeleMessage TM SGNL Vulnerabilities Exploited in Attacks
CISA has issued an urgent warning regarding two critical vulnerabilities in TeleMessage TM SGNL that threat actors are currently exploiting in active attack campaigns. The vulnerabilities, tracked as ... Read more
-
security.nl
Franse overheid beschrijft aanvallen op organisaties via Ivanti-lekken
Franse organisaties, waaronder overheidsinstanties, defensiebedrijven en telecombedrijven, zijn eind vorig jaar aangevallen via kwetsbaarheden in Ivanti Cloud Service Appliance (CSA). Op het moment va ... Read more
-
Cyber Security News
Chinese Houken Hackers Exploiting Ivanti CSA Zero-Days to Deploy Linux Rootkits
A sophisticated Chinese threat group identified as Houken has been exploiting multiple zero-day vulnerabilities in Ivanti Cloud Service Appliance (CSA) devices to deploy advanced Linux rootkits and es ... Read more
-
Cyber Security News
YONO SBI Banking App Vulnerability Let Attackers Execute a Man-in-the-Middle Attack
A significant security flaw has been identified in the popular YONO SBI banking application that could potentially expose millions of users to cybersecurity threats. The vulnerability, designated as C ... Read more
-
TheCyberThrone
CISA Adds TelelMessage TM SGNL to KEV Catalog
Skip to contentCVE-2025-48927 — Insecure Spring Boot Heap Dump Exposure📌 Description:This vulnerability exists in TeleMessage TM SGNL due to an exposed Spring Boot Actuator /heapdump endpoint, accessi ... Read more
-
Cyber Security News
Critical WordPress Plugin Vulnerability Exposes 600,000+ Sites to Remote Takeover
A severe arbitrary file deletion vulnerability has been discovered in the popular Forminator WordPress plugin, affecting over 600,000 active installations worldwide. The vulnerability, assigned CVE-20 ... Read more
-
Cyber Security News
Critical Vulnerability in Anthropic MCP Inspector Let Attackers Execute Arbitrary Code
A critical Remote Code Execution (RCE) vulnerability in Anthropic’s MCP Inspector tool, designated as CVE-2025-49596, has a severe CVSS score of 9.4. This vulnerability represents one of the first cri ... Read more
-
The Register
Cl0p cybercrime gang's data exfiltration tool found vulnerable to RCE attacks
Security experts have uncovered a hole in Cl0p's data exfiltration tool that could potentially leave the cybercrime group vulnerable to attack. The vulnerability in the Python-based software, which wa ... Read more
-
security.nl
Honderdduizenden WordPress-sites via lek in Forminator over te nemen
Een kwetsbaarheid in een veelgebruikte plug-in voor WordPress maakt remote code execution op honderdduizenden websites mogelijk, die zo volledig zijn over te nemen. Een update die het probleem verhelp ... Read more