CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Critical VMware Tools VGAuth Vulnerabilities Enable Full System Access for Attackers
Two critical vulnerabilities in the VMware Guest Authentication Service (VGAuth) component of VMware Tools allow local attackers to escalate privileges from any user account to SYSTEM-level access on ...
-
SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 30
The Good | Authorities Dismantle XSS.is Cybercrime Forum & Release Free Phobos/8Base Decryptor After a 12-year long run, XSS[.]is (formerly DaMaGeLaB) faced major disruptions this week with the arrest ...
-
security.nl
Kritiek lek in wifi-thermostaat kan aanvaller op afstand toegang geven
Wifi-thermostaten van fabrikant Network Thermostat bevatten een kritieke kwetsbaarheid waardoor een aanvaller op afstand volledige administrator-toegang kan krijgen. Er zijn updates uitgebracht om het ...
-
security.nl
LG-beveiligingscamera's via kwetsbaarheid op afstand over te nemen
Dertienhonderd beveiligingscamera's van fabrikant LG Innotek zijn via een kwetsbaarheid op afstand over te nemen. De apparaten zijn end-of-life en LG zal geen beveiligingsupdate uitbrengen om het prob ...
-
CybersecurityNews
Fire Ant Hackers Exploiting Vulnerabilities in VMware ESXi and vCenter to Infiltrate Organizations
A sophisticated espionage campaign dubbed “Fire Ant” demonstrates previously unknown capabilities in compromising VMware virtualization infrastructure. Since early 2025, this threat actor has systemat ...
-
CybersecurityNews
Hackers Exploiting Sharepoint 0-day Vulnerability to Deploy Warlock Ransomware
Microsoft has issued urgent warnings about active exploitation of critical SharePoint vulnerabilities CVE-2025-53770 and CVE-2025-53771 by multiple threat actors, including the China-based group Storm ...
-
Kaspersky
ToolShell: a story of five vulnerabilities in Microsoft SharePoint
On July 19–20, 2025, various security companies and national CERTs published alerts about active exploitation of on-premise SharePoint servers. According to the reports, observed attacks did not requi ...
-
The Cyber Express
Starlink Outage Sparks Cyberattack Speculation—But SpaceX Says Software to Blame
SpaceX’s Starlink internet service suffered a major international outage, disconnecting tens of thousands of users for over two hours. The Starlink outage began around 3 p.m. Eastern Time (19:00 GMT), ...
-
Daily CyberSecurity
Critical Axios Flaw (CVE-2025-54371) in Form-Data Dependency Exposes Millions to HTTP Manipulation
Axios, the popular promise-based HTTP client for Node.js and browsers, has been found vulnerable through a critical flaw in a transitive dependency, putting millions of applications at risk of multipa ...
-
Daily CyberSecurity
Dropping Elephant Targets Türkiye’s Missile Industry with Stealthy Conference Lures & VLC DLL Sideloading
Arctic Wolf Labs has uncovered a new cyber-espionage campaign orchestrated by the threat actor Dropping Elephant, targeting Türkiye’s defense industrial base—specifically a manufacturer of precision-g ...