CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
security.nl
Beveiligingsonderzoek: CitrixBleed 2 grootschalig misbruikt
Cybercriminelen maken op grote schaal misbruik van de kwetsbaarheid CitrixBleed 2 (CVE-2025-5777), zo waarschuwt de Britse beveiligingsonderzoeker Kevin Beaumont. Sinds juni voeren aanvallers uit zowe ...
-
CybersecurityNews
PoC Exploit Released for High-Severity Git CLI Arbitrary File Write Vulnerability
A critical vulnerability in Git CLI enables arbitrary file writes on Linux and macOS systems, with working proof-of-concept exploits now publicly available. CVE-2025-48384, assigned a CVSS severity sc ...
-
CybersecurityNews
CISA Warns of Wing FTP Server Vulnerability Actively Exploited in Attacks
CISA has issued an urgent warning about a critical vulnerability in Wing FTP Server that is being actively exploited by cybercriminals. The vulnerability, tracked as CVE-2025-47812, poses significant ...
-
CybersecurityNews
20-Year-Old Vulnerability Allows Hackers to Control Train Brakes
CISA has issued a critical advisory warning about a severe vulnerability in railway communication systems that could allow attackers to control train brakes remotely. The vulnerability, assigned CVE-2 ...
-
Daily CyberSecurity
CVE-2025-53833 (CVSS 10): Critical SSTI Flaw in LaRecipe Threatens Millions of Laravel Apps
A newly discovered Server-Side Template Injection (SSTI) vulnerability in the widely-used LaRecipe documentation tool has been assigned CVE-2025-53833 and scored a perfect 10.0 CVSS, indicating critic ...
-
Daily CyberSecurity
ImageMagick Flaw (CVE-2025-53101): Stack Buffer Overflow Allows Potential Remote Code Execution
A flaw has been discovered in ImageMagick, the widely used open-source image manipulation suite, that could lead to stack buffer overflows under specific conditions involving image filename templates. ...
-
Daily CyberSecurity
HazyBeacon: Novel Backdoor Uses AWS Lambda for Stealthy C2, Targets Govts
Researchers from Unit 42 at Palo Alto Networks have uncovered a novel backdoor—HazyBeacon—used by a threat cluster identified as CL-STA-1020. The campaign, which began in late 2024, has targeted gover ...
-
Daily CyberSecurity
CVE-2025-43856: OAuth2 Account Hijacking Flaw Found in Immich, a Popular Self-Hosted Photo Platform
A critical vulnerability has been disclosed in Immich, a rapidly growing open-source project for self-hosted photo and video management, with over 70,000 stars on GitHub. Tracked as CVE-2025-43856 and ...
-
Trend Micro
Preventing Zero-Click AI Threats: Insights from EchoLeak
Key Takeaways EchoLeak is a zero-click AI vulnerability that exploits Copilot’s use of historical contextual data to silently execute hidden prompts without user interaction. The attack method relies ...
-
DoublePulsar
CitrixBleed 2 situation update — everybody already got owned
5 min read11 hours ago--Update time on CVE-2025–5777, after my prior two blogs.The tl;dr version is basically:The ‘good news’, I suspect, is that most orgs will be too lacking in logs to have evidence ...