CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
High-Severity Flaw Exposes ASUS Armoury Crate to Authentication Bypass
Gamers and PC enthusiasts relying on ASUS Armoury Crate to manage their high-performance systems are urged to update immediately following the discovery of a serious security vulnerability. Tracked as ... Read more
-
Daily CyberSecurity
Team46 (TaxOff) Exploits Google Chrome Zero-Day (CVE-2025-2783) in Sophisticated Phishing Campaign
In a major revelation, the Threat Intelligence Department of the Positive Technologies Expert Security Center (PT ESC) has attributed a sophisticated phishing and malware campaign to the APT group Tea ... Read more
-
Daily CyberSecurity
CVE-2025-49596: Critical RCE Vulnerability in MCP Inspector Exposes AI Developer Environments
A newly disclosed security flaw in the MCP Inspector, a tool designed to test and debug Machine Context Protocol (MCP) servers, could allow unauthenticated remote code execution (RCE) — potentially pu ... Read more
-
Daily CyberSecurity
Two sslh Flaws Disclosed: Remote DoS Attacks Possible via Protocol Multiplexer
In June 2025, the SUSE Security Team disclosed critical vulnerabilities in sslh, a lightweight protocol multiplexer used to serve multiple services—such as SSH and HTTPS—on the same port. Though desig ... Read more
-
Daily CyberSecurity
Apache Tomcat Patches 4 Flaws: DoS, Privilege Bypass, & Installer Risks Addressed
The Apache Software Foundation has disclosed four security vulnerabilities affecting multiple versions of Apache Tomcat, the widely used open-source Java servlet container. These flaws—ranging from de ... Read more
-
Daily CyberSecurity
Zero-Click to Root: CISA Flags Active Exploits in Apple iOS and TP-Link Routers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two high-risk vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, citing confirmed in-the-wild exploitation ... Read more
-
Daily CyberSecurity
OneLogin AD Connector Flaw Exposes Credentials & Allows Account Impersonation
Image: SpecterOps A recent investigation by SpecterOps has uncovered a chain of critical vulnerabilities in OneLogin’s Active Directory (AD) Connector service that enabled attackers to impersonate use ... Read more
-
Daily CyberSecurity
PoCGen: AI Tool Automates Exploit Generation for npm Vulnerabilities with LLMs
A tool named PoCGen is revolutionizing how the security community generates Proof-of-Concept (PoC) exploits for vulnerabilities in the npm ecosystem. Developed by researchers Deniz Simsek, Aryaz Eghba ... Read more
-
Daily CyberSecurity
Zyxel Firewalls Under Attack via Critical CVE-2023-28771
A sudden and coordinated wave of exploit attempts targeting a critical vulnerability in Zyxel firewalls has been detected. The attack centers around CVE-2023-28771, a high-severity remote code executi ... Read more
-
Trend Micro
Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet
Summary: Trend™ Research has identified an active campaign exploiting CVE-2025-3248 to deliver the Flodrix botnet. Attackers use the vulnerability to execute downloader scripts on compromised Langflow ... Read more