CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
seclists.org
Re: [FD] : "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Full Disclosure mailing list archives From: "Noor Christensen" <kchr+fd () fripost org> Date: Sun, 26 Oct 2025 16:35:45 +0100 On Thu Oct 2, 2025 at 11:45 PM CEST, josephgoyd via Fulldisclosure wrote: ... Read more
-
Daily CyberSecurity
Docker Compose Path Traversal (CVE-2025-62725) Allows Arbitrary File Overwrite via OCI Artifacts
The Docker Compose project has disclosed a high-severity path traversal vulnerability tracked as CVE-2025-62725 (CVSS v4 8.9), which affects users across Docker Desktop, standalone Compose binaries, C ... Read more
-
Daily CyberSecurity
Wear OS Messages Flaw (CVE-2025-12080) Allows Unprivileged Apps to Send SMS/RCS Without Permission, PoC Available
Security researcher Gabriele Digregorio has disclosed a newly identified vulnerability in Google Messages for Wear OS, designated CVE-2025-12080 (CVSS v4 6.9), that allows any installed app to send SM ... Read more
-
Daily CyberSecurity
Critical Magento Flaw (CVE-2025-54236) Actively Exploited for Session Hijacking and Unauthenticated RCE
The Akamai Security Intelligence Group has issued an urgent warning after observing active exploitation in the wild of a newly disclosed Magento vulnerability known as SessionReaper (CVE-2025-54236). ... Read more
-
Daily CyberSecurity
Critical MikroTik Flaw (CVE-2025-61481, CVSS 10.0) Exposes Router Admin Credentials Over Unencrypted HTTP WebFig
A newly disclosed vulnerability, CVE-2025-61481, rated a maximum CVSS score of 10.0, affects MikroTik RouterOS (v7.14.2) and SwitchOS (v2.18) and allows remote attackers to execute arbitrary code or i ... Read more
-
The Register
Firewalls and VPNs are so complex now, they can actually make you less secure
Organizations using Cisco and Citrix VPN devices were nearly seven times as likely to suffer a ransomware infection over a 15-month period, according to At-Bay, a provider of cyber insurance and a ven ... Read more
-
The Cyber Express
CISA Warns that DELMIA Apriso Vulnerabilities Are Under Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two DELMIA Apriso vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Today’s addition of CVE-2025-6204 and ... Read more
-
BleepingComputer
CISA warns of two more actively exploited Dassault vulnerabilities
The Cybersecurity & Infrastructure Security Agency (CISA) warned today that attackers are actively exploiting two vulnerabilities in Dassault Systèmes' DELMIA Apriso, a manufacturing operations manage ... Read more
-
CrowdStrike.com
Falcon Defends Against Git Vulnerability CVE-2025-48384
CrowdStrike has identified active exploitation of Git vulnerability CVE-2025-48384. In the observed activity, threat actors combined sophisticated social engineering tactics with malicious Git reposit ... Read more
-
CrowdStrike.com
How Falcon Exposure Management’s ExPRT.AI Predicts What Attackers Will Exploit
Nearly 40,000 vulnerabilities were disclosed in 2024.1 Security teams are overwhelmed, especially those relying on outdated tools. ExPRT.AI, the native intelligence engine embedded in CrowdStrike Falc ... Read more