CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Cyber Express
Cisco Issues Urgent Patch for Critical Unified CM Vulnerability (CVE-2025-20309)
Cisco has issued a new security advisory addressing a severe vulnerability in its Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM ... Read more
-
InfoSec Write-ups
Burn It With Fire: How to Eliminate an Industry-Wide Supply Chain Vulnerability
🔥 The supply chain bug that couldn’t be ignored — so I torched itIntroduction: A Typo That Could Compromise the JVMIn 2019, while debugging one of my own builds, I noticed something odd. The build was ... Read more
-
The Hacker News
Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials
Vulnerability / Network Security Cisco has released security updates to address a maximum-severity security flaw in Unified Communications Manager (Unified CM) and Unified Communications Manager Sessi ... Read more
-
TheCyberThrone
CVE-2025-20309 affects Cisco Unified CM
Skip to content🔎 Vulnerability OverviewCVE ID: CVE-2025-20309Severity: Critical (CVSS v3.1 Score: 10.0)Discovered in: Cisco Unified Communications Manager (Unified CM) and Session Management Edition ( ... Read more
-
Daily CyberSecurity
Actively Exploited Google Chrome Zero-Day (CVE-2025-6554) Added to CISA’s KEV Catalog, PoC Available
🔐 Access to This Vulnerability Report Requires Support This article is available to verified supporters only - contribute to read the full report Contribute with Google Or choose another support optio ... Read more
-
Daily CyberSecurity
Four Critical RCE Flaws Found in Grafana Plugins via Chromium: Patch Now!
Grafana Labs has issued an urgent security advisory addressing four critical vulnerabilities affecting two of its key components: the Grafana Image Renderer plugin and the Synthetic Monitoring Agent. ... Read more
-
Daily CyberSecurity
CVE-2025-20309 (CVSS 10): Cisco Patches Critical Static SSH Root Credential Flaw in Unified CM
Cisco has disclosed a critical vulnerability in its Unified Communications Manager (Unified CM) and Session Management Edition (SME) platforms. Tracked as CVE-2025-20309 and rated CVSS 10, the flaw ex ... Read more
-
Daily CyberSecurity
Linux Servers Hijacked: Attackers Install Legitimate Proxy Software for Covert Operations
The AhnLab SEcurity intelligence Center (ASEC) has uncovered a series of attacks on poorly secured Linux servers, where instead of deploying classic malware, attackers quietly install legitimate proxy ... Read more
-
The Register
Cisco scores a perfect 10 - sadly for a critical flaw in its comms platform
If you're running the Engineering-Special (ES) builds of Cisco Unified Communications Manager or its Session Management Edition, you need to apply Cisco's urgent patch after someone at Switchzilla mad ... Read more
-
The Register
CISA warns the Signal clone used by natsec staffers is being attacked, so patch now
The US security watchdog CISA has warned that malicious actors are actively exploiting two flaws in the Signal clone TeleMessage TM SGNL, and has directed federal agencies to patch the flaws or discon ... Read more