CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Apple’s “Liquid Glass” Vision: iPhone 2027 & Unified OS 26
As Apple is expected to unveil its next-generation operating systems at WWDC 2025—with speculation suggesting a unified version number “26” symbolizing the year 2026—Bloomberg journalist Mark Gurman h ... Read more
-
Cyber Security News
Hackers Actively Exploiting Fortigate Vulnerabilities to Deploy Qilin Ransomware
A new wave of cyberattacks has emerged targeting critical infrastructure through the exploitation of Fortigate security appliance vulnerabilities, with threat actors successfully deploying the notorio ... Read more
-
Help Net Security
Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113)
With an exploit for a critical Roundcube vulnerability (CVE-2025-49113) being offered for sale on underground forums and a PoC exploit having been made public, attacks exploiting the flaw are incoming ... Read more
-
Cyber Security News
Multiple QNAP Vulnerabilities Let Remote Attacker Gains Access to a User Account
Two significant QNAP security vulnerabilities affecting Qsync Central 4.5.x that could allow remote attackers to exploit user accounts and gain unauthorized access to sensitive data. The vulnerabiliti ... Read more
-
Dark Reading
China-Backed Hackers Target SentinelOne in 'PurpleHaze' Attack Spree
Source: Shane Stickley via Alamy Stock PhotoThreat actors from China targeted a security vendor as part of a spree of attacks against various organizations that occurred in an eight-month period start ... Read more
-
Cyber Security News
Jenkins Gatling Plugin Vulnerability Let Attackers Bypass Content-Security-Policy Protection
A critical cross-site scripting (XSS) vulnerability in the popular Jenkins Gatling Plugin allows attackers to bypass Content-Security-Policy (CSP) protections. The vulnerability, tracked as CVE-2025-5 ... Read more
-
The Hacker News
⚡ Weekly Recap: Chrome 0-Day, Data Wipers, Misused Tools and Zero-Click iPhone Attacks
Cybersecurity / Hacking News Behind every security alert is a bigger story. Sometimes it's a system being tested. Sometimes it's trust being lost in quiet ways—through delays, odd behavior, or subtle ... Read more
-
Daily CyberSecurity
Critical 9.8 CVSS Flaw: Unpatched PayU CommercePro Plugin Allows Admin Account Takeover!
A severe vulnerability in the PayU CommercePro plugin for WordPress, which has over 5,000 active installations, allows unauthenticated attackers to take over any user account, including admins. Tracke ... Read more
-
security.nl
Digitale videorecorders TBK aangevallen door Mirai-botnet
Digitale videorecorders van fabrikant TBK zijn het doelwit van een variant van de Mirai-malware, die besmette apparaten onderdeel maakt van een botnet. Dat laat antivirusbedrijf Kaspersky in een analy ... Read more
-
The Register
Chinese spy crew appears to be preparing for conflict by backdooring 75+ critical orgs
An IT services company, a European media group, and a South Asian government entity are among the more than 75 companies where China-linked groups have planted malware to access strategic networks sho ... Read more