CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Firefox Releases Security Update to Fix Multiple Vulnerabilities Allowing Arbitrary Code Execution
Mozilla has rolled out Firefox 145, addressing a series of high-severity vulnerabilities that could allow attackers to execute arbitrary code on users’ systems. Announced on November 11, 2025, the rel ...
-
BleepingComputer
SAP fixes hardcoded credentials flaw in SQL Anywhere Monitor
SAP has released its November security updates that address multiple security vulnerabilities, including a maximum severity flaw in the non-GUI variant of the SQL Anywhere Monitor and a critical code ...
-
CybersecurityNews
Ivanti Endpoint Manager Vulnerabilities Let Attackers Write Arbitrary Files to Disk
Ivanti has rolled out security updates for its Endpoint Manager product, addressing three high-severity vulnerabilities that could let authenticated local attackers write arbitrary files anywhere on t ...
-
Help Net Security
CISA: Patch Samsung flaw exploited to deliver spyware (CVE-2025-21042)
CISA has added CVE-2025-21042, a vulnerability affecting Samsung mobile devices, to its Known Exploited Vulnerabilities (KEV) catalog, and has ordered US federal civilian agencies to address it by the ...
-
BleepingComputer
GlobalLogic warns 10,000 employees of data theft after Oracle breach
GlobalLogic, a provider of digital engineering services part of the Hitachi group, is notifying over 10,000 current and former employees that their data was stolen in an Oracle E-Business Suite (EBS) ...
-
CybersecurityNews
Synology BeeStation 0-Day Vulnerability Let Remote Attackers Execute Arbitrary Code
Synology has released an urgent security update addressing a critical remote code execution vulnerability in BeeStation OS that allows unauthenticated attackers to execute arbitrary code on affected d ...
-
CybersecurityNews
Hackers Weaponizing Calendar Files as New Attack Vector Bypassing Traditional Email Defenses
A surge in attacks exploiting iCalendar (.ics) files as a sophisticated threat vector that bypasses traditional email security defenses. These attacks leverage the trusted, plain-text nature of calend ...
-
security.nl
Antivirusfunctionaliteit in Gladinet Triofox uitgebuit voor installeren van malware
Google's Mandiant Threat Defense waarschuwt voor een actief uitgebuit lek (CVE-2025-12480) in Gladinet’s Triofox-platform voor bestandsdeling en toegang op afstand. Het gaat om een kritieke kwetsbaa ...
-
CybersecurityNews
Zoom Workplace for Windows Vulnerability Allow Users to Escalate Privilege
A security vulnerability has been discovered in Zoom Workplace VDI Client for Windows that could allow attackers to gain elevated privileges on affected systems. The flaw, tracked as CVE-2025-64740, h ...
-
CybersecurityNews
Devolutions Server Vulnerability Let Attackers Impersonate Users Using Pre-MFA Cookie
A critical vulnerability in Devolutions Server could allow attackers with low-level access to impersonate other user accounts by exploiting how the application handles authentication cookies before mu ...