CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Microsoft Exchange Server Vulnerabilities Let Attackers Spoof and Tamper Over Network
Critical security vulnerabilities in Microsoft Exchange Server enable attackers to perform spoofing and tampering attacks over network connections. The vulnerabilities include two Exchange Server flaw ...
-
TheCyberThrone
CISA adds WinRAR and Microsoft vulnerabilities to KEV catalog
August 14, 2025The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently added new Microsoft and WinRAR vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog due to ...
-
CybersecurityNews
GitHub Copilot RCE Vulnerability via Prompt Injection Leads to Full System Compromise
A critical security vulnerability in GitHub Copilot and Visual Studio Code has been discovered that allows attackers to achieve remote code execution through prompt injection attacks, potentially lead ...
-
CybersecurityNews
Multiple GitLab Vulnerabilities Enables Account Takeover and Stored XSS Exploitation
GitLab has released emergency security patches addressing multiple critical vulnerabilities that could enable attackers to perform account takeovers and execute stored cross-site scripting (XSS) attac ...
-
TheCyberThrone
CVE-2025-25256 affects FortiSIEM
August 14, 20251. Vulnerability OverviewCVE-2025-25256 is a critical command injection bug in Fortinet FortiSIEM’s phMonitor service, exposed on TCP port 7900. It enables unauthenticated remote attack ...
-
Daily CyberSecurity
Critical WordPress Plugin Flaw (CVE-2025-7384, CVSS 9.8) Exposes 70,000+ Sites to RCE and Data Loss
A critical security vulnerability has been disclosed in the widely used Database for Contact Form 7, WPforms, Elementor Forms plugin for WordPress. Tracked as CVE-2025-7384 and carrying a CVSS score o ...
-
Daily CyberSecurity
CVE-2025-40746: Critical Vulnerability Found in Siemens SIMATIC RTLS Locating Manager
Siemens ProductCERT has issued a high-severity security advisory (SSA-493787) warning of a critical vulnerability in its SIMATIC RTLS Locating Manager prior to version 3.2. The flaw, tracked as CVE-20 ...
-
CybersecurityNews
CISA Added WinRaR Zero-Day (CVE-2025-8088) Vulnerability That is Actively Exploited In the Wild
The U.S. Cybersecurity and Infrastructure Security Agency has added this vulnerability to its Known Exploited Vulnerabilities catalog, with a due date of September 2, 2025, for federal agencies to app ...
-
BleepingComputer
Fortinet warns of FortiSIEM pre-auth RCE flaw with exploit in the wild
Fortinet is warning about a remote unauthenticated command injection flaw in FortiSIEM that has in-the-wild exploit code, making it critical for admins to apply the latest security updates. FortiSIEM ...
-
The Register
Fortinet discloses critical bug with working exploit code amid surge in brute-force attempts
Fortinet warned customers about a critical FortiSIEM bug that could allow an unauthenticated attacker to execute unauthorized commands, and said working exploit code for the flaw has been found in the ...