CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Graylog Flaw (CVE-2025-53106, CVSS 8.8): Privilege Escalation Via API Token Abuse
A vulnerability was found in Graylog—a popular Security Information and Event Management (SIEM) solution. Tracked as CVE-2025-53106 and scoring 8.8 on the CVSS v4 scale, this critical flaw allows priv ...
-
Daily CyberSecurity
Security Flaws in Frappe Framework Expose Self-Hosted ERPNext Users to Takeovers, XSS, and SQL Injection
The Frappe Framework, a widely used full-stack application platform that powers ERPNext, has been found vulnerable to three security issues, potentially affecting thousands of self-hosted deployments. ...
-
Daily CyberSecurity
Pilz IndustrialPI 4 Alert: Critical Flaws (CVE-2025-41656 CVSS 10.0 RCE, CVE-2025-41648 Auth Bypass) Expose Industrial PCs
Two critical vulnerabilities recently disclosed by CERT@VDE, in coordination with industrial automation company Pilz, highlight a sobering reality: even industry-grade systems meant to power factories ...
-
The Hacker News
Critical Vulnerability in Anthropic's MCP Exposes Developer Machines to Remote Exploits
Cybersecurity researchers have discovered a critical security vulnerability in artificial intelligence (AI) company Anthropic's Model Context Protocol (MCP) Inspector project that could result in remo ...
-
europa.eu
Cyber Brief 25-07 - June 2025
Cyber Brief (June 2025)July 1, 2025 - Version: 1TLP:CLEARExecutive summaryWe analysed 277 open source reports for this Cyber Brief1.Relating to cyber policy and law enforcement, the EU adopted a bluep ...
-
TheCyberThrone
CVE-2025-6554 Actively Exploited Google Chrome Zeroday
Skip to content🧾 OverviewCVE-2025-6554 is a high-severity zero-day vulnerability discovered in Google Chrome’s V8 JavaScript engine, which is responsible for processing JavaScript in the browser. The ...
-
Help Net Security
Sudo local privilege escalation vulnerabilities fixed (CVE-2025-32462, CVE-2025-32463)
If you haven’t recently updated the Sudo utility on your Linux box(es), you should do so now, to patch two local privilege escalation vulnerabilities (CVE-2025-32462, CVE-2025-32463) that have been di ...
-
BleepingComputer
Google fixes fourth actively exploited Chrome zero-day of 2025
Google has released emergency updates to patch another Chrome zero-day vulnerability exploited in attacks, marking the fourth such flaw fixed since the start of the year. "Google is aware that an expl ...
-
Help Net Security
Google patches actively exploited Chrome (CVE‑2025‑6554)
Google has released a security update for Chrome to address a zero‑day vulnerability (CVE-2025-6554) that its Threat Analysis Group (TAG) discovered and reported last week. “Google is aware that an ex ...
-
The Hacker News
Google Patches Critical Zero-Day Flaw in Chrome’s V8 Engine After Active Exploitation
Vulnerability / Browser Security Google has released security updates to address a vulnerability in its Chrome browser for which an exploit exists in the wild. The zero-day vulnerability, tracked as C ...