CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
iOS 26 Beta Hints at HomePod with Display: Apple Preps Visual Smart Speaker for Launch
With the release of the fourth developer beta of iOS 26, developers have unearthed a curious phrase within the settings menu, subtly hinting that Apple may be preparing to unveil the long-rumored Home ...
-
Daily CyberSecurity
Critical Flaw (CVE-2025-7783, CVSS 9.4) in Form-Data Library Exposes Millions of Apps to Multipart Injection & RCE
A critical vulnerability has been uncovered in the widely used JavaScript library Form-Data, impacting millions of applications that rely on it to submit form data and file uploads. Tracked as CVE-202 ...
-
Daily CyberSecurity
Microsoft: China-Backed APTs Actively Exploiting SharePoint Flaws (CVE-2025-49704 & CVE-2025-49706)
Last week, the Microsoft Security Response Center (MSRC) issued an urgent advisory regarding active exploitation of critical vulnerabilities in on-premises SharePoint Server installations. The alert, ...
-
CybersecurityNews
Chrome High-Severity Vulnerabilities Allow Attackers to Execute Arbitrary Code
Google has released an urgent security update for its Chrome browser, addressing three critical vulnerabilities that could enable attackers to execute arbitrary code on users’ systems. The Stable chan ...
-
Daily CyberSecurity
Google Patches Two High-Severity V8 Vulnerabilities (CVE-2025-8010, CVE-2025-8011) in Chrome
Google has released a new Stable Channel Update for Chrome Desktop, bringing the browser to version 138.0.7204.168/.169 for Windows and macOS, and 138.0.7204.168 for Linux. The update is rolling out g ...
-
Daily CyberSecurity
Critical Manager.io Flaw (CVE-2025-54122, CVSS 10.0) Allows Unauthenticated SSRF & Cloud Takeover
A newly disclosed critical vulnerability in Manager.io, a free accounting software used by businesses across Australia and New Zealand, poses a severe threat to network security and cloud environments ...
-
Daily CyberSecurity
Mimo Strikes Magento: New Campaign Shifts to Cryptojacking, Proxyjacking, & Stealthy Persistence
The once Craft CMS-focused threat actor known as Mimo—or Mimo’lette—has resurfaced with new vigor, broadening its scope and evolving into a persistent adversary. In its latest campaign, detailed by th ...
-
SentinelOne
More From Our Main Blog: Defending Against ToolShell: SharePoint’s Latest Critical Vulnerability
A new, critical zero-day vulnerability dubbed “ToolShell” (CVE-2025-53770) poses a significant threat to on-premises SharePoint Server deployments. This vulnerability enables unauthenticated remote co ...
-
Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Microsoft Reveals Chinese State Hackers Exploiting SharePoint Flaws
Microsoft’s critical new update reveals that specific Chinese nation-state threat groups are actively exploiting vulnerabilities in its on-premises SharePoint servers. Following an earlier report from ...
-
The Register
Surprise, surprise: Chinese spies, IP stealers, other miscreants attacking Microsoft SharePoint servers
At least three Chinese groups are attacking on-premises SharePoint servers via a couple of recently disclosed Microsoft bugs, according to Redmond. Two of the crews behind the zero-day attacks are gov ...