CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
CVE-2025-49113: Roundcube RCE Exploit Unveiled—The Swiss Army Knife of Webmail Just Got a Weaponized Blade
In a stunningly fast-moving sequence of events, a serious vulnerability in the widely-used Roundcube webmail client—CVE-2025-49113—has been disclosed early by security researcher Kirill Firsov, founde ... Read more
-
CrowdStrike.com
May 2025 Patch Tuesday: Five Zero-Days and Five Critical Vulnerabilities Among 72 CVEs
Microsoft has addressed 72 vulnerabilities in its May 2025 security update release. This month's patches include fixes for five actively exploited zero-day vulnerabilities, including a zero-day vulner ... Read more
-
Daily CyberSecurity
Cisco Patches Two Vulnerabilities in CCP and ISE: Proof-of-Concept Exploits Publicly Available
Cisco has issued advisories for two newly disclosed vulnerabilities affecting widely used enterprise software: Cisco Customer Collaboration Platform (CCP) and Cisco Identity Services Engine (ISE). The ... Read more
-
Daily CyberSecurity
12.2TB of User Data Exposed in Passion.io Breach: Over 3.6 Million Records Left Unprotected
In a recent disclosure by cybersecurity researcher Jeremiah Fowler, vpnMentor uncovered a massive unprotected database allegedly tied to Passion.io, a no-code app-building platform used by influencers ... Read more
-
The Register
IBM Cloud login breaks for second time this week and Big Blue isn't saying why
IBM isn’t having its best week after the company experienced another cloudy outage and a critical-rated vulnerability. The outage repeated the Tuesday incident that saw users unable to access the cons ... Read more
-
Daily CyberSecurity
CVE-2025-48951: Critical Deserialization Flaw in Auth0 PHP SDK Threatens Millions of Applications
A newly disclosed vulnerability in the Auth0 PHP SDK—a widely-used authentication toolkit with over 16 million downloads—poses a critical threat to web applications that rely on social and enterprise ... Read more
-
Daily CyberSecurity
Cisco Warns of High-Severity SSH Security Flaws in UCS IMC and NDFC Systems
Cisco has issued security advisories for two high-severity vulnerabilities—one in the Cisco Integrated Management Controller (IMC) and the other in the Nexus Dashboard Fabric Controller (NDFC)—both po ... Read more
-
Daily CyberSecurity
Sophos Unmasks Sakura RAT: Hackers Hacking Hackers with Backdoored Malware!
In a recent deep dive, Sophos X-Ops uncovered a sophisticated campaign that’s not targeting enterprises or governments, but instead other hackers and game cheaters. And it all starts with a backdoored ... Read more
-
Daily CyberSecurity
CVE-2025-48947: Session Cookies at Risk in Auth0 Next.js SDK
A serious vulnerability has been uncovered in the widely-used Auth0 Next.js SDK—a library that helps developers implement authentication in their Next.js apps. Tracked as CVE-2025-48947 and rated CVSS ... Read more
-
Daily CyberSecurity
Critical Cisco ISE Cloud Vulnerability (CVSS 9.9) with PoC Exploit Threatens AWS, Azure, OCI
Cisco has patched a critical vulnerability (CVE-2025-20286, CVSS 9.9) that affects cloud-based deployments of its Identity Services Engine (ISE) across AWS, Microsoft Azure, and Oracle Cloud Infrastru ... Read more