CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Windows SMB Flaw (CVE-2025-33073): SYSTEM Privilege Escalation via Kerberos, PoC Available
Image: mverschu A newly disclosed security vulnerability in the Windows SMB client, tracked as CVE-2025-33073, has raised significant concerns due to its potential to allow elevation of privilege to S ... Read more
-
Daily CyberSecurity
Grafana Alert: Medium-Severity Flaw (CVE-2025-3415) Exposes DingDing API Keys
Grafana Labs has released a round of security patches to address CVE-2025-3415, a medium-severity vulnerability (CVSS 4.3) that could expose sensitive configuration data in Grafana Alerting, specifica ... Read more
-
Daily CyberSecurity
Ransomware or Espionage? Fog Ransomware Attack in Asia Raises Suspicion with Rare Toolset
In May 2025, a financial institution in Asia was targeted in a highly anomalous ransomware attack that may blur the lines between conventional cybercrime and espionage. According to a new report from ... Read more
-
Daily CyberSecurity
Mitel OpenScape Flaw (CVE-2025-23092): High-Severity Path Traversal Allows Admin RCE
A newly disclosed vulnerability in Mitel’s OpenScape Accounting Management platform has been assigned CVE-2025-23092 and rated High severity (CVSS 7.2). This path traversal vulnerability allows attack ... Read more
-
Dark Reading
CISA Reveals 'Pattern' of Ransomware Attacks Against SimpleHelp RMM
Source: Andreas Prott via Alamy Stock PhotoThe Cybersecurity and Infrastructure Security Agency (CISA) is urging SimpleHelp customers to patch a known vulnerability following a wave of ransomware atta ... Read more
-
The Cyber Express
Apple Patches Flaw Exploited in Zero-click Paragon Spyware Attacks
Apple has fixed a vulnerability that was used in zero-click attacks that installed Paragon Graphite spyware on the iPhones of two European journalists. Apple patched the vulnerability – CVE-2025-43200 ... Read more
-
Google Online Security Blog
Mitigating prompt injection attacks with a layered defense strategy
With the rapid adoption of generative AI, a new wave of threats is emerging across the industry with the aim of manipulating the AI systems themselves. One such emerging attack vector is indirect prom ... Read more
-
Google Online Security Blog
Mitigating prompt injection attacks with a layered defense strategy
With the rapid adoption of generative AI, a new wave of threats is emerging across the industry with the aim of manipulating the AI systems themselves. One such emerging attack vector is indirect prom ... Read more
-
The Register
Apple fixes zero-click exploit underpinning Paragon spyware attacks
Apple has updated its iOS/iPadOS 18.3.1 documentation, confirming it introduced fixes for the zero-click vulnerability used to infect journalists with Paragon's Graphite spyware. The infections were c ... Read more
-
CrowdStrike.com
How Falcon Next-Gen SIEM Protects Enterprises from VMware vCenter Attacks
Internet-facing assets are targeted for many reasons, such as to establish persistence, evade defensive capabilities, and access sensitive networks. According to the search engine Shodan, approximatel ... Read more