CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Citrix warns of login issues after NetScaler auth bypass patch
Citrix warns that patching recently disclosed vulnerabilities that can be exploited to bypass authentication and launch denial-of-service attacks may also break login pages on NetScaler ADC and Gatewa ... Read more
-
Cyber Security News
Critical ModSecurity WAF Vulnerability Allows Denial of Service via Empty XML Tags
A newly discovered denial-of-service vulnerability in the ModSecurity Web Application Firewall (WAF) engine has security experts on high alert. The flaw, designated CVE-2025-52891, affects specific ve ... Read more
-
BleepingComputer
Forminator plugin flaw exposes WordPress sites to takeover attacks
The Forminator plugin for WordPress is vulnerable to an unauthenticated arbitrary file deletion flaw that could enable full site takeover attacks. The security issue is tracked as CVE-2025-6463 and ha ... Read more
-
CrowdStrike.com
How Falcon Next-Gen SIEM Protects Enterprises from VMware vCenter Attacks
Internet-facing assets are targeted for many reasons, such as to establish persistence, evade defensive capabilities, and access sensitive networks. According to the search engine Shodan, approximatel ... Read more
-
CrowdStrike.com
June 2025 Patch Tuesday: One Zero-Day and Nine Critical Vulnerabilities Among 66 CVEs
Microsoft has addressed 66 vulnerabilities in its June 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and nine Critical vulnerabilit ... Read more
-
Cyber Security News
CISA Warns of TeleMessage TM SGNL Vulnerabilities Exploited in Attacks
CISA has issued an urgent warning regarding two critical vulnerabilities in TeleMessage TM SGNL that threat actors are currently exploiting in active attack campaigns. The vulnerabilities, tracked as ... Read more
-
security.nl
Franse overheid beschrijft aanvallen op organisaties via Ivanti-lekken
Franse organisaties, waaronder overheidsinstanties, defensiebedrijven en telecombedrijven, zijn eind vorig jaar aangevallen via kwetsbaarheden in Ivanti Cloud Service Appliance (CSA). Op het moment va ... Read more
-
Cyber Security News
Chinese Houken Hackers Exploiting Ivanti CSA Zero-Days to Deploy Linux Rootkits
A sophisticated Chinese threat group identified as Houken has been exploiting multiple zero-day vulnerabilities in Ivanti Cloud Service Appliance (CSA) devices to deploy advanced Linux rootkits and es ... Read more
-
Cyber Security News
YONO SBI Banking App Vulnerability Let Attackers Execute a Man-in-the-Middle Attack
A significant security flaw has been identified in the popular YONO SBI banking application that could potentially expose millions of users to cybersecurity threats. The vulnerability, designated as C ... Read more
-
TheCyberThrone
CISA Adds TelelMessage TM SGNL to KEV Catalog
Skip to contentCVE-2025-48927 — Insecure Spring Boot Heap Dump Exposure📌 Description:This vulnerability exists in TeleMessage TM SGNL due to an exposed Spring Boot Actuator /heapdump endpoint, accessi ... Read more