CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
CVE-2025-7350: Critical RCE Flaw in Rockwell Stratix Switches Scores CVSS 9.6
Rockwell Automation has issued a security advisory for a critical vulnerability in its Stratix industrial Ethernet switches, tracked as CVE-2025-7350. The flaw, rated CVSS 9.6, could allow unauthentic ... Read more
-
CybersecurityNews
New Technique Uncovered To Exploit Linux Kernel Use-After-Free Vulnerability
A new technique to exploit a complex use-after-free (UAF) vulnerability in the Linux kernel successfully bypasses modern security mitigations to gain root privileges. The method targets CVE-2024-50264 ... Read more
-
CrowdStrike.com
MURKY PANDA: A Trusted-Relationship Threat in the Cloud
Since late 2024, CrowdStrike Counter Adversary Operations has observed significant activity conducted by MURKY PANDA, a China-nexus adversary that has targeted government, technology, academic, legal, ... Read more
-
Daily CyberSecurity
SAP Security Patch Day Fixes Four Critical Flaws, Including a CVSS 10.0 RCE (CVE-2025-42944)
Today, SAP released 21 new Security Notes and 4 updates as part of its monthly Security Patch Day. Among these updates, four vulnerabilities were rated critical, each posing significant risks to enter ... Read more
-
Daily CyberSecurity
Intel’s 14A Process Will Be Its Most Expensive and Advanced Yet
Intel is currently advancing its 14A process node (equivalent to 1.4 nanometers)—the company’s first manufacturing technology designed entirely from the ground up for both Intel’s own products and its ... Read more
-
Daily CyberSecurity
Plex Urges Password Reset After Data Breach
The popular streaming platform Plex was recently the target of a cyberattack that resulted in a database breach. An unidentified hacker managed to extract customer authentication data from one of Plex ... Read more
-
Daily CyberSecurity
CVE-2025-58450: Critical SQL Injection Flaw in pREST Puts PostgreSQL Databases at Risk
The pREST project has issued a security advisory for CVE-2025-58450, a systemic SQL injection flaw that threatens users of its PostgreSQL REST API framework. Rated CVSS 9.4 (Critical), the vulnerabili ... Read more
-
Daily CyberSecurity
Adobe Issues Emergency Patch for SessionReaper (CVE-2025-54236), One of Magento’s Most Critical Flaws
Adobe has broken from its regular patch schedule to release an emergency fix for CVE-2025-54236, a vulnerability Sansec has dubbed SessionReaper. The flaw, described as one of the most severe in Magen ... Read more
-
CrowdStrike.com
MURKY PANDA: A Trusted-Relationship Threat in the Cloud
Since late 2024, CrowdStrike Counter Adversary Operations has observed significant activity conducted by MURKY PANDA, a China-nexus adversary that has targeted government, technology, academic, legal, ... Read more
-
Daily CyberSecurity
CVE-2025-41243 (CVSS 10): Critical Spring Cloud Gateway Server WebFlux Flaw Exposes Property Modification Risk
Spring has disclosed a critical vulnerability in Spring Cloud Gateway Server WebFlux that allows attackers to modify Spring Environment properties under specific configurations. Tracked as CVE-2025-41 ... Read more