CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
K7 Antivirus Vulnerability Allows Attackers Gain SYSTEM-level Privileges
A serious privilege escalation vulnerability in K7 Ultimate Security, an antivirus product from K7 Computing, was found by abusing named pipes with overly permissive access control lists. This flaw en ...
-
CybersecurityNews
Microsoft Patched Windows LNK Vulnerability Abused by Hackers to Hide Malicious Code
Microsoft has silently patched a Windows shortcut vulnerability that threat actors have been exploiting since 2017 to hide malicious commands from users inspecting file properties. The flaw, tracked a ...
-
Google Cloud
Sanctioned but Still Spying: Intellexa’s Prolific Zero-Day Exploits Continue
Introduction Despite extensive scrutiny and public reporting, commercial surveillance vendors continue to operate unimpeded. A prominent name continues to surface in the world of mercenary spyware, In ...
-
BleepingComputer
University of Phoenix discloses data breach after Oracle hack
The University of Phoenix (UoPX) has joined a growing list of U.S. universities breached in a Clop data theft campaign targeting vulnerable Oracle E-Business Suite instances in August 2025. Founded in ...
-
CybersecurityNews
CISA Warns of Android 0-Day Vulnerability Exploited in Attacks
CISA has added two critical Android Framework vulnerabilities to its Known Exploited Vulnerabilities catalog, signaling active exploitation in the wild. The vulnerabilities affect the Android OS and p ...
-
security.nl
'Microsoft heeft LNK-kwetsbaarheid in Windows stilletjes gepatcht'
Microsoft heeft stilletjes een LNK-kwetsbaarheid in Windows gepatcht waar aanvallers actief misbruik van maken, zo stelt securitybedrijf Acros Security. In eerste instantie had Microsoft nog aangegeve ...
-
CybersecurityNews
Critical Elementor Plugin Vulnerability Let Attackers Takeover WordPress Site Admin Control
A critical security flaw in the popular “King Addons for Elementor” WordPress plugin has left thousands of websites at risk of complete takeover, security researchers have warned. The vulnerability, t ...
-
Kaspersky
Exploits and vulnerabilities in Q3 2025
In the third quarter, attackers continued to exploit security flaws in WinRAR, while the total number of registered vulnerabilities grew again. In this report, we examine statistics on published vulne ...
-
CybersecurityNews
Angular Platform Vulnerability Allows Malicious Code Execution Via Weaponized SVG Animation Files
A critical Stored XSS vulnerability in Angular’s template compiler (CVE-2025-66412) allows attackers to execute arbitrary code by weaponizing SVG animation attributes. Bypassing Angular’s built-in sec ...
-
CybersecurityNews
Critical Elementor Plugin Vulnerability Let Attackers Takeover WordPress Site Admin Control
A serious vulnerability has been discovered in the King Addons for Elementor WordPress plugin, affecting more than 10,000 active installations worldwide. The flaw allows unauthenticated attackers to g ...