CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Storm-2603: Chinese APT Deploys Warlock & LockBit with AK47C2 Framework
Antivirus Terminator supported arguments when run without parameters | Image: Check Point Check Point Research (CPR) has detailed a previously undocumented Chinese-affiliated threat actor—Storm-2603—l ...
-
Daily CyberSecurity
Critical Squid Vulnerability (CVE-2025-54574) Allows Remote Code Execution & Data Leakage
The Squid Project has issued an urgent advisory for CVE-2025-54574 (CVSS 9.3), a heap buffer overflow bug affecting Squid’s handling of URN (Uniform Resource Name) responses. “Due to incorrect buffer ...
-
Daily CyberSecurity
Critical HashiCorp Vault Flaw (CVE-2025-6000) Allows Code Execution for Privileged Users
In a recently disclosed advisory, HashiCorp has patched a critical vulnerability—CVE-2025-6000—in Vault, its industry-standard secrets management solution. With a CVSS score of 9.1, this flaw could al ...
-
CybersecurityNews
Cybersecurity News Recap – Chrome, Gemini Vulnerabilities, Linux Malware, and Man-in-the-Prompt Attack
Welcome to this week’s edition of Cybersecurity News Recap! In this issue, we bring you the latest updates and critical developments across the threat landscape. Stay ahead of risks with key insights ...
-
seclists.org
Rtpengine: RTP Inject and RTP Bleed vulnerabilities despite proper configuration (CVSS v4.0 Score: 9.3 / Critical)
Full Disclosure mailing list archives From: Sandro Gauci via Fulldisclosure <fulldisclosure () seclists org> Date: Thu, 31 Jul 2025 07:02:38 +0200 Rtpengine: RTP Inject and RTP Bleed vulnerabilities d ...
-
seclists.org
APPLE-SA-07-30-2025-1 Safari 18.6
Full Disclosure mailing list archives From: Apple Product Security via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 30 Jul 2025 12:51:16 -0700 -----BEGIN PGP SIGNED MESSAGE----- Hash: SH ...
-
The Hacker News
CL-STA-0969 Installs Covert Malware in Telecom Networks During 10-Month Espionage Campaign
Telecommunications organizations in Southeast Asia have been targeted by a state-sponsored threat actor known as CL-STA-0969 to facilitate remote control over compromised networks. Palo Alto Networks ...
-
The Register
CISA roasts unnamed critical national infrastructure body for shoddy security hygiene
CISA is using the findings from a recent probe of an unidentified critical infrastructure organization to warn about the dangers of getting cybersecurity seriously wrong. The US cybersecurity agency, ...
-
Daily CyberSecurity
Microsoft Retires Windows 11 SE: End of Support Set for October 2026, Ceding Education Market to Chrome OS
Launched in November 2021 alongside the student-oriented Surface Laptop SE, Windows 11 SE was Microsoft’s strategic response to expand into the education sector and compete with Google’s Chrome OS. Ho ...
-
CybersecurityNews
Storm-2603 Using Custom Malware That Leverages BYOVD to Tamper with Endpoint Protections
A newly identified threat actor designated Storm-2603 has emerged as a sophisticated adversary in the ransomware landscape, leveraging advanced custom malware to circumvent endpoint security protectio ...