CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Help Net Security
Commvault plugs holes in backup suite that allow remote code execution
Commvault has fixed four security vulnerabilities that may allow unauthenticated attackers to compromise on-premises deployments of its flagship backup and replication suite. Technical details about t ...
-
Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
New DripDropper Malware Exploits Linux Flaw Then Patches It Lock Rivals Out
A new report from Red Canary reveals a clever Linux malware called DripDropper that exploits a flaw and then patches it to prevent other hackers from getting in. Learn how this tactic works. A new rep ...
-
security.nl
Cisco en FBI waarschuwen voor actief misbruik van 7 jaar oud Smart Install-lek
Cisco en de FBI waarschuwen organisaties vandaag voor actief misbruik van een 7 jaar oud beveiligingslek waarmee aanvallers netwerkapparaten op afstand kunnen overnemen. Updates voor de kwetsbaarheid, ...
-
The Cyber Express
Critical Chrome Flaw CVE‑2025‑9132 Exposes Browsers to Remote Code Execution
The Hong Kong Computer Emergency Response Team Coordination Center issued an alert regarding a remote code execution flaw in Google Chrome. The Chrome team reported the same vulnerability. The Chrome ...
-
cert.pl
Vulnerabilities in OpenSolution Quick.CMS and Quick.CMS.Ext software
Vulnerabilities in OpenSolution Quick.CMS and Quick.CMS.Ext software CVE ID CVE-2025-54172 Publication date 20 August 2025 Vendor OpenSolution Product Quick.CMS Vulnerable versions 6.8 Vulnerability t ...
-
Help Net Security
Exploit for critical SAP Netweaver flaws released (CVE-2025-31324, CVE-2025-42999)
A working exploit concatenating two critical SAP Netweaver vulnerabilities (CVE-2025-31324, CVE-2025-42999) that have been previously exploited in the wild has been made public by VX Underground, Onap ...
-
CybersecurityNews
Critical Namespace Injection Vulnerability in Kubernetes Capsule Let Attackers Inject Arbitrary Labels
A critical security vulnerability has been identified in Kubernetes Capsule v0.10.3 and earlier versions, allowing authenticated tenant users to inject arbitrary labels into system namespaces and bypa ...
-
CybersecurityNews
Hackers Exploiting Apache ActiveMQ Vulnerability to Gain Access to Cloud Linux Systems
A sophisticated campaign uncovered where adversaries are exploiting CVE-2023-46604, a critical remote code execution vulnerability in Apache ActiveMQ, to compromise cloud-based Linux systems. In this ...
-
CybersecurityNews
Paper Werewolf Exploiting WinRAR Zero‑Day Vulnerability to Deliver Malware
Cybersecurity researchers have uncovered a sophisticated campaign by the Paper Werewolf threat actor group, also known as GOFFEE, targeting Russian organizations through the exploitation of critical v ...
-
security.nl
Aanvallers patchen Apache ActiveMQ-lek na compromitteren van server
Aanvallers maken misbruik van een kritieke kwetsbaarheid in Apache ActiveMQ om Linux-servers te compromitteren en patchen het lek zodra ze binnen zijn. Dat stelt securitybedrijf Red Canary in een anal ...