CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Critical Dell Storage Manager Flaw (CVE-2025-43995, CVSS 9.8) Allows Unauthenticated API Bypass
Dell Technologies has issued a critical security advisory addressing multiple high-severity vulnerabilities in its Storage Center and Storage Manager (DSM) software, which could allow remote attackers ... Read more
-
Daily CyberSecurity
OpenWrt Patches ubusd RCE Flaw (CVE-2025-62526) and Kernel Memory Leak (CVE-2025-62525) in DSL Driver
The OpenWrt Project has patched two high-severity vulnerabilities affecting its Linux-based firmware for embedded devices. The flaws, tracked as CVE-2025-62526 and CVE-2025-62525, could allow attacker ... Read more
-
Daily CyberSecurity
China-Aligned APTs Launch “Premier Pass-as-a-Service,” Sharing Access in Coordinated Global Espionage
A new Trend Research report has revealed an alarming shift in cyberespionage tactics among China-aligned APT groups, highlighting unprecedented levels of collaboration and resource sharing between thr ... Read more
-
Daily CyberSecurity
HashiCorp Patches Vault Flaws: AWS Auth Bypass and Unauthenticated JSON DoS
Two high-severity vulnerabilities disclosed by HashiCorp could expose Vault deployments to denial-of-service (DoS) attacks and cross-account authentication bypasses, prompting urgent patching recommen ... Read more
-
The Register
Shaq's new ride gets jaq'ed in haq attaq
Infosec In Brief Former basketball star Shaquille O'Neal is 7'1" (215 cm), and therefore uses car customization companies to modify vehicles to fit his frame. But it appears cybercriminals have target ... Read more
-
CrowdStrike.com
October 2025 Patch Tuesday: Two Publicly Disclosed, Three Zero-Days, and Eight Critical Vulnerabilities Among 172 CVEs
Microsoft has addressed 172 vulnerabilities in its October 2025 security update release, marking the highest number of vulnerabilities patched in a single month this year. This month's patches address ... Read more
-
CrowdStrike.com
Falcon Defends Against Git Vulnerability CVE-2025-48384
CrowdStrike has identified active exploitation of Git vulnerability CVE-2025-48384. In the observed activity, threat actors combined sophisticated social engineering tactics with malicious Git reposit ... Read more
-
CrowdStrike.com
How Falcon Exposure Management’s ExPRT.AI Predicts What Attackers Will Exploit
Nearly 40,000 vulnerabilities were disclosed in 2024.1 Security teams are overwhelmed, especially those relying on outdated tools. ExPRT.AI, the native intelligence engine embedded in CrowdStrike Falc ... Read more
-
CrowdStrike.com
From Domain User to SYSTEM: Analyzing the NTLM LDAP Authentication Bypass Vulnerability (CVE-2025-54918)
In September 2025, a critical vulnerability (CVE-2025-54918) was discovered affecting domain controllers running LDAP or LDAPS services. This vulnerability allows attackers to elevate privileges from ... Read more
-
CrowdStrike.com
October 2025 Patch Tuesday: Two Publicly Disclosed, Three Zero-Days, and Eight Critical Vulnerabilities Among 172 CVEs
Microsoft has addressed 172 vulnerabilities in its October 2025 security update release, marking the highest number of vulnerabilities patched in a single month this year. This month's patches address ... Read more