CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
CVE-2025-34158 (CVSS 10): Plex Media Server Users Warned to Patch Critical Vulnerability Now
Plex Media Server (PMS) users are being urged to update their systems immediately after the discovery of a critical security vulnerability, now tracked as CVE-2025-34158, which has been assigned the m ...
-
Daily CyberSecurity
CVE-2025-55746: Critical Directus Flaw Exposes Servers to Unauthenticated File Upload and RCE
The Directus project has disclosed a critical vulnerability tracked as CVE-2025-55746 (CVSS 9.3) that could allow unauthenticated attackers to upload or modify files on vulnerable servers. Directus, a ...
-
Daily CyberSecurity
CVE-2024-36401 Exploited in Stealthy Bandwidth-Monetization Campaign
A new report from Palo Alto Networks’ Unit 42 has shed light on an unusual and stealthy monetization campaign that exploits CVE-2024-36401, a critical remote code execution (RCE) vulnerability in GeoS ...
-
Daily CyberSecurity
CVE-2025-9288: Critical Flaw in Popular JavaScript Library Threatens Global Web Security
A critical security vulnerability has been disclosed in sha.js, a widely used JavaScript library that implements the Secure Hash Algorithm (SHA) family. With over 14 million weekly downloads, this lib ...
-
Daily CyberSecurity
DDoS Onslaught: Hacktivists and Botnets Drive Massive Surge in Cyber Attacks
The latest analysis from NETSCOUT highlights a dramatic escalation in botnet-driven distributed denial-of-service (DDoS) attacks during July 2025, with thousands of daily incidents and clear signs of ...
-
TheCyberThrone
CVE-2018-0171 Years old Cisco Bug exploited
August 21, 2025The CVE-2018-0171 vulnerability is a critical security flaw in Cisco IOS and IOS XE software, specifically affecting the Smart Install feature, which is designed for easy deployment of ...
-
The Hacker News
Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks
Aug 21, 2025Ravie LakshmananVulnerability / Software Security Commvault has released updates to address four security gaps that could be exploited to achieve remote code execution on susceptible ins ...
-
CybersecurityNews
Threat Actors Gaining Access to Victims’ Machines and Monetizing Access to Their Bandwidth
A stealthy campaign emerged in early March 2025 that capitalized on a critical remote code execution flaw in GeoServer (CVE-2024-36401) to compromise publicly exposed geospatial servers. Attackers exp ...
-
Help Net Security
Russian threat actors using old Cisco bug to target critical infrastructure orgs
A threat group linked to the Russian Federal Security Service’s (FSB) Center 16 unit has been compromising unpatched and end-of-life Cisco networking devices via an old vulnerability (CVE-2018-0171), ...
-
CybersecurityNews
Mozilla High Severity Vulnerabilities Enables Remote Code Execution
Mozilla has released Firefox 142 to address multiple high-severity security vulnerabilities that could allow attackers to execute arbitrary code remotely on affected systems. The security advisory, pu ...