CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
CVE-2025-58158 Flaw in Harness Gitness Allows Arbitrary File Write
The open-source DevOps ecosystem has been hit with another critical security issue—this time in Harness Open Source, a platform that combines code hosting, automated pipelines, Gitspaces, and artifact ...
-
CybersecurityNews
Critical Next.js Framework Vulnerability Let Attackers Bypass Authorization
A newly discovered critical security vulnerability in the Next.js framework, designated CVE-2025-29927, poses a significant threat to web applications by allowing malicious actors to completely bypass ...
-
CybersecurityNews
MediaTek Security Update – Patch for Multiple Vulnerabilities Across Chipsets
MediaTek today published a critical security bulletin addressing several vulnerabilities across its latest modem chipsets, urging device OEMs to deploy updates immediately. The bulletin, issued two mo ...
-
The Hacker News
⚡ Weekly Recap: WhatsApp 0-Day, Docker Bug, Salesforce Breach, Fake CAPTCHAs, Spyware App & More
Cybersecurity today is less about single attacks and more about chains of small weaknesses that connect into big risks. One overlooked update, one misused account, or one hidden tool in the wrong hand ...
-
The Cyber Express
Authenticated Attackers Could Exploit IBM Watsonx Vulnerability to Access Sensitive Data
A newly disclosed security vulnerability, tracked as CVE-2025-0165, has been reported, specifically concerning the users of the IBM Watsonx Orchestrate Cartridge within the IBM Cloud Pak for Data plat ...
-
CybersecurityNews
IBM Watsonx Vulnerability Let Attackers Inject Malicious SQl Queries
IBM published a security bulletin disclosing a serious Blind SQL injection vulnerability in its IBM Watsonx Orchestrate Cartridge for IBM Cloud Pak for Data, assigned CVE-2025-0165. With a CVSS 3.1 ba ...
-
CybersecurityNews
Sitecore CMS Platform Vulnerabilities Enables Remote Code Execution
Critical vulnerabilities in Sitecore Experience Platform allow attackers to achieve complete system compromise through a sophisticated attack chain combining HTML cache poisoning with remote code exec ...
-
security.nl
'Honderden FreePBX-telefooncentrales gehackt, duizenden nog kwetsbaar'
Aanvallers hebben wereldwijd honderden FreePBX-telefooncentrales gehackt, waaronder achttien in Nederland. Daarnaast missen nog duizenden servers de beveiligingsupdate voor een kritieke kwetsbaarheid ...
-
Daily CyberSecurity
CVE-2025-54857 (CVSS 9.8): Critical Flaw in Seiko Solutions Device Allows Remote Takeover
A critical security flaw has been discovered in SkyBridge BASIC MB-A130, a networking device developed by Seiko Solutions Inc. The vulnerability, tracked as CVE-2025-54857, carries the highest possibl ...
-
Daily CyberSecurity
MediaTek September 2025 Security Bulletin: High-Severity Modem Flaws Could Enable Remote Attacks
MediaTek has published its September 2025 Product Security Bulletin, disclosing several high- and medium-severity vulnerabilities affecting a wide range of its chipsets. While there is “no evidence th ...