CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Critical Flaws Found in Partner Software: Default Admin Passwords & XSS Allow RCE on Government Systems
A recent vulnerability note issued by CERT/CC disclosured three critical security flaws in Partner Software’s flagship platforms—Partner Software and Partner Web. These applications are widely used by ...
-
Daily CyberSecurity
Critical RCE Flaw (CVE-2025-54782) in NestJS DevTools Allows Remote Code Execution
A critical vulnerability has been uncovered in the @nestjs/devtools-integration package—a component of the popular NestJS framework for building scalable Node.js applications. This flaw, tracked as CV ...
-
Daily CyberSecurity
The Telecom Threat: Liminal Panda’s Covert Campaign Targets Southwest Asian Critical Infrastructure
High-level chain of events in the attack investigated by Unit 42 In a revealing report by Palo Alto Networks’ Unit 42, a high-level cyberespionage campaign targeting critical telecommunications infras ...
-
Daily CyberSecurity
Prompt Injection to Code Execution: Cursor Code Editor Hit by Critical MCP Vulnerabilities (CVE-2025-54135 & CVE-2025-54136)
Cursor, an AI-powered code editor that promises to “understand your codebase and help you code faster,” has issued patches for two severe vulnerabilities that could enable remote code execution (RCE) ...
-
Daily CyberSecurity
Storm-2603: Chinese APT Deploys Warlock & LockBit with AK47C2 Framework
Antivirus Terminator supported arguments when run without parameters | Image: Check Point Check Point Research (CPR) has detailed a previously undocumented Chinese-affiliated threat actor—Storm-2603—l ...
-
Daily CyberSecurity
Critical Squid Vulnerability (CVE-2025-54574) Allows Remote Code Execution & Data Leakage
The Squid Project has issued an urgent advisory for CVE-2025-54574 (CVSS 9.3), a heap buffer overflow bug affecting Squid’s handling of URN (Uniform Resource Name) responses. “Due to incorrect buffer ...
-
Daily CyberSecurity
Critical HashiCorp Vault Flaw (CVE-2025-6000) Allows Code Execution for Privileged Users
In a recently disclosed advisory, HashiCorp has patched a critical vulnerability—CVE-2025-6000—in Vault, its industry-standard secrets management solution. With a CVSS score of 9.1, this flaw could al ...
-
CybersecurityNews
Cybersecurity News Recap – Chrome, Gemini Vulnerabilities, Linux Malware, and Man-in-the-Prompt Attack
Welcome to this week’s edition of Cybersecurity News Recap! In this issue, we bring you the latest updates and critical developments across the threat landscape. Stay ahead of risks with key insights ...
-
seclists.org
Rtpengine: RTP Inject and RTP Bleed vulnerabilities despite proper configuration (CVSS v4.0 Score: 9.3 / Critical)
Full Disclosure mailing list archives From: Sandro Gauci via Fulldisclosure <fulldisclosure () seclists org> Date: Thu, 31 Jul 2025 07:02:38 +0200 Rtpengine: RTP Inject and RTP Bleed vulnerabilities d ...
-
seclists.org
APPLE-SA-07-30-2025-1 Safari 18.6
Full Disclosure mailing list archives From: Apple Product Security via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 30 Jul 2025 12:51:16 -0700 -----BEGIN PGP SIGNED MESSAGE----- Hash: SH ...