CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Microsoft, CISA warn yet another Exchange server bug can lead to 'total domain compromise'
Microsoft and the feds late Wednesday sounded the alarm on another high-severity bug in Exchange Server hybrid deployments that could allow attackers to escalate privileges from on-premises Exchange t ... Read more
-
CybersecurityNews
SonicWall Confirms No New SSLVPN 0-Day – Ransomware Attack Linked to Old Vulnerability
Cybersecurity firm SonicWall has officially addressed recent concerns about a potential new zero-day vulnerability in its Secure Sockets Layer Virtual Private Network (SSLVPN) products. In a statement ... Read more
-
TheCyberThrone
CVE-2025-53786 affects Microsoft Exchange
August 7, 2025CVE-2025-53786 is a high-severity elevation of privilege vulnerability found in Microsoft Exchange Server hybrid deployments. The flaw allows an attacker with administrative access to an ... Read more
-
BleepingComputer
SonicWall finds no SSLVPN zero-day, links ransomware attacks to 2024 flaw
SonicWall says that recent Akira ransomware attacks exploiting Gen 7 firewalls with SSLVPN enabled are exploiting an older vulnerability rather than a zero-day flaw. The company says that the attacker ... Read more
-
The Register
CISA releases malware analysis for Sharepoint Server attack
CISA has published a malware analysis report with compromise indicators and Sigma rules for "ToolShell" attacks targeting specific Microsoft SharePoint Server versions. "Cyber threat actors have chain ... Read more
-
Help Net Security
Microsoft urges admins to plug severe Exchange security hole (CVE-2025-53786)
“In an Exchange hybrid deployment, an attacker who first gains administrative access to an on-premises Exchange server could potentially escalate privileges within the organization’s connected cloud e ... Read more
-
CybersecurityNews
CISA Warns of ‘ToolShell’ Exploits Chain Attacks SharePoint Servers – Discloses IOCs and detection signatures
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released an urgent analysis in early July 2025, detailing a sophisticated exploit chain targeting on-premises Microsoft SharePoint serv ... Read more
-
CrowdStrike.com
CrowdStrike Falcon Prevents Supply Chain Attack Involving Compromised NPM Packages
Recently, five popular NPM (Node Package Manager) packages were compromised and modified to deliver a malicious DLL, dubbed “Scavenger”. The malware pushed via these compromised NPM packages executes ... Read more
-
Help Net Security
SonicWall: Attackers did not exploit zero-day vulnerability to compromise Gen 7 firewalls
Akira ransomware affiliates are not leveraging an unknown, zero-day vulnerability in SonicWall Gen 7 firewalls to breach corporate networks, the security vendor shared today. “Instead, there is a sign ... Read more
-
cert.pl
Vulnerability in Flexibits Fantastical software
Vulnerability in Flexibits Fantastical software CVE ID CVE-2025-8533 Publication date 07 August 2025 Vendor Flexibits Product Fantastical Vulnerable versions All before 4.0.16 Vulnerability type (CWE) ... Read more