CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
CVE-2025-38989 affects Apache Tomcat
August 19, 2025CVE-2025-48989 is a Denial-of-Service (DoS) vulnerability in Apache Tomcat, specifically affecting its HTTP/2 implementation. It is classified as an “Improper Resource Shutdown or Relea ...
-
Red Canary
Patching for persistence: How DripDropper Linux malware moves through the cloud
It may seem counterintuitive for an adversary to “fix” a compromised system after gaining remote access but in many scenarios the motivation can be twofold. It’s a great way to potentially lock out ot ...
-
The Hacker News
Public Exploit for Chained SAP Flaws Exposes Unpatched Systems to Remote Code Execution
Aug 19, 2025Ravie LakshmananVulnerability / Cyber Espionage A new exploit combining two critical, now-patched security flaws in SAP NetWeaver has emerged in the wild, putting organizations at risk o ...
-
Kaspersky
Protecting your car against the PerfektBlue vulnerability in Bluetooth | Kaspersky official blog
Cars these days are effectively computers on wheels — making them targets for cybercriminals: theft, unauthorized activation of on-board equipment, remote braking and steering, and spying on drivers a ...
-
CybersecurityNews
PipeMagic Malware Mimic as ChatGPT App Exploits Windows Vulnerability to Deploy Ransomware
A sophisticated malware campaign has been identified, utilizing PipeMagic, a highly modular backdoor deployed by the financially motivated threat actor Storm-2460. This advanced malware masquerades as ...
-
CybersecurityNews
SSH Keys Are Crucial for Secure Remote Access but Often Remain a Blind Spot in Enterprise Security
Enterprise security strategies have evolved dramatically to address modern threats, yet SSH keys—critical cryptographic credentials that provide direct access to mission-critical systems—remain largel ...
-
CybersecurityNews
CISA Warns of Trend Micro Apex One OS Command Injection Vulnerability Exploited in Attacks
CISA has issued a critical warning regarding a high-severity OS command injection vulnerability in Trend Micro Apex One Management Console that threat actors are actively exploiting in the wild. The v ...
-
CybersecurityNews
Threat Actors Abuse Microsoft Help Index File to Execute PipeMagic Malware
Cybersecurity researchers have uncovered a sophisticated malware campaign exploiting Microsoft Help Index Files (.mshi) to deliver the notorious PipeMagic backdoor, marking a significant evolution in ...
-
Daily CyberSecurity
Apple’s New iOS 26 Feature Extends Battery Life, But at a Cost
In iOS 26, Apple has introduced a new power mode called Adaptive Power, designed to apply different energy-saving strategies depending on usage scenarios, with the ultimate goal of extending the iPhon ...
-
Daily CyberSecurity
CVE-2025-55205: Critical Flaw in Capsule Kubernetes Exposes Clusters to Cross-Tenant Attacks
A newly disclosed vulnerability in the Capsule Kubernetes multi-tenancy framework exposes organizations to privilege escalation and cross-tenant attacks. Tracked as CVE-2025-55205 with a CVSS score of ...