CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
Critical Convoy Vulnerability Let Attackers Execute Remote Code on Affected Servers
A critical security vulnerability has been discovered in Performave Convoy that allows unauthenticated remote attackers to execute arbitrary code on affected servers. The vulnerability, identified as ... Read more
-
Cyber Security News
OPPO Clone Phone Weak WiFi Hotspot Exposes Sensitive Data
A critical security vulnerability has been discovered in OPPO’s Clone Phone feature that could expose sensitive user data through inadequately secured WiFi hotspots. The vulnerability, designated CVE- ... Read more
-
Dark Reading
Oh! Canada Added to List of Nations Targeted in Salt Typhoon Telecom Spree
Source: Mattia Dantonio via Alamy Stock PhotoCanada has confirmed that Salt Typhoon targeted one of its telecommunications companies in February via a Cisco flaw, adding it to the growing list of org ... Read more
-
Cyber Security News
Xiaomi’s Interoperability App Vulnerability Let Hackers Gain Unauthorized Access to the Victim’s Device
A severe security vulnerability has been discovered in Xiaomi’s interoperability application, potentially exposing millions of users to unauthorized device access. The vulnerability, assigned CVE-2024 ... Read more
-
Cyber Security News
Aviatrix Cloud Controller Authentication Vulnerability Let Attackers Execute Remote Code
Two critical vulnerabilities in Aviatrix Controller, a Software-Defined Networking (SDN) utility that enables cloud connectivity across different vendors and regions. The vulnerabilities allowed attac ... Read more
-
Daily CyberSecurity
Critical Linksys Router Flaw (CVE-2025-34037, CVSS 10.0) Actively Exploited by TheMoon Worm
A critical vulnerability in multiple Linksys E-Series routers is being actively exploited in the wild by a self-propagating malware campaign known as TheMoon worm, according to new research from the S ... Read more
-
Help Net Security
High-risk WinRAR RCE vulnerability patched, update quickly! (CVE-2025-6218)
A recently patched directory traversal vulnerability (CVE-2025-6218) in WinRAR could be leveraged by remote attackers to execute arbitrary code on affected installations. The vulnerability has been pa ... Read more
-
The Hacker News
APT28 Uses Signal Chat to Deploy BEARDSHELL Malware and COVENANT in Ukraine
Malware / Threat Intelligence The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new cyber attack campaign by the Russia-linked APT28 (aka UAC-0001) threat actors using Signal c ... Read more
-
Cyber Security News
WinRAR Vulnerability Let Execute Arbitrary Code Using a Malicious File
Summary 1. A high-severity flaw (CVE-2025-6218) in WinRAR allows attackers to execute arbitrary code by exploiting how the software handles file paths within archives. 2. The vulnerability enables att ... Read more
-
InfoSec Write-ups
Inside the MSHTML Exploit: A SOC Analyst’s Walkthrough of CVE-2021–40444
June 2025 • by a SOC Analyst | Threat Hunting | Malware Analysis⚠️ IntroductionIn this post, we take you through a real-world malware investigation where four suspicious documents were suspected of le ... Read more