CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
PhpSpreadsheet Library Vulnerability Enables Attackers to Feed Malicious HTML Input
A high-severity Server-Side Request Forgery (SSRF) vulnerability has been identified in the widely used PhpSpreadsheet library, potentially allowing attackers to exploit internal network resources and ...
-
Daily CyberSecurity
NVIDIA Refuses to Pay 15% China Revenue Share Without a Law
Earlier reports suggested that the U.S. government had reached an agreement with NVIDIA and AMD, requiring the two semiconductor giants to surrender 15% of revenue from certain AI chip exports to Chin ...
-
Daily CyberSecurity
CRITICAL Zero-Day CVE-2025-57819 in FreePBX Is Under Active Attack (CVSS 10.0)
The Sangoma FreePBX Security Team has issued a critical advisory for a newly discovered vulnerability in its popular open-source telephony platform. Tracked as CVE-2025-57819 with a maximum CVSSv4 sco ...
-
Daily CyberSecurity
CVE-2025-50979: SQL Injection Flaw in NodeBB Forum Software, PoC Available
The developers of NodeBB, a popular open-source forum platform, have disclosed a critical vulnerability affecting version v4.3.0. Tracked as CVE-2025-50979 with a CVSS score of 8.6, the flaw could all ...
-
Daily CyberSecurity
Kaspersky Report: Vulnerabilities Are Exploding, and Attackers Are Adapting
Kaspersky Labs has published its Q2 2025 vulnerability analysis, revealing an alarming rise in both the number of vulnerabilities registered and their exploitation in the wild. The findings show that ...
-
Daily CyberSecurity
ShadowSilk Unmasked: The Hybrid Espionage Group Targeting Central Asian Governments
Group-IB analysts, in cooperation with CERT-KG, have published new research exposing the activities of a threat cluster tracked as ShadowSilk, a campaign overlapping with the actor known publicly as Y ...
-
Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
CISA Adds Citrix and Git Flaws to KEV Catalogue Amid Active Exploitation
CISA has added three actively exploited vulnerabilities in Citrix and Git to its KEV Catalogue. Federal agencies must patch the flaws by September 15, 2025. The US government’s Cybersecurity and Infra ...
-
CybersecurityNews
BadSuccessor Post-Patch: Leveraging dMSAs for Credential Acquisition and Lateral Movement in Active Directory
Microsoft’s recent patch for the BadSuccessor vulnerability (CVE-2025-53779) has successfully closed the direct privilege escalation path, but security researchers warn that the underlying technique r ...
-
TheCyberThrone
Urgent CISA Alert on Citrix NetScaler
August 28, 2025In August 2025, the Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent alert regarding multiple critical security vulnerabilities actively exploited in Citrix NetS ...
-
CybersecurityNews
Cisco Nexus 3000 and 9000 Series Vulnerability Let Attackers Trigger DoS Attack
Cisco has issued a High-severity security advisory alerting customers to a critical vulnerability in the Intermediate System-to-Intermediate System (IS-IS) feature of NX-OS Software for Cisco Nexus 30 ...