CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Microsoft spotlights Apple bug patched in March as SharePoint exploits continue
Amidst its own failure to fix a couple of bugs now under mass exploitation and being abused for espionage, data theft, and ransomware infections, Microsoft said Monday that it spotted a macOS vulnerab ...
-
BleepingComputer
Microsoft: macOS Sploitlight flaw leaks Apple Intelligence data
Attackers could use a recently patched macOS vulnerability to bypass Transparency, Consent, and Control (TCC) security checks and steal sensitive user information, including Apple Intelligence cached ...
-
Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
macOS Sploitlight Flaw Exposes Apple Intelligence-Cached Data to Attackers
A newly disclosed macOS vulnerability is allowing attackers to bypass Apple’s privacy controls and access sensitive user data, including files cached by Apple Intelligence. Tracked as CVE-2025-31199, ...
-
BleepingComputer
Exploit available for critical Cisco ISE bug exploited in attacks
Security researcher Bobby Gould has published a blog post demonstrating a complete exploit chain for CVE-2025-20281, an unauthenticated remote code execution vulnerability in Cisco Identity Services E ...
-
BleepingComputer
CISA flags PaperCut RCE bug as exploited in attacks, patch now
CISA warns that threat actors are exploiting a high-severity vulnerability in PaperCut NG/MF print management software, which can allow them to gain remote code execution in cross-site request forgery ...
-
Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Post SMTP Plugin Flaw Allowed Subscribers to Take Over Admin Accounts
If you’re running a WordPress site and rely on the Post SMTP plugin for email delivery, there’s something important you should know. A critical vulnerability is affecting versions 3.2.0 and earlier al ...
-
CybersecurityNews
UNC3886 Hackers Exploiting 0-Days in VMware vCenter/ESXi, Fortinet FortiOS, and Junos OS
Singapore’s critical infrastructure is under siege from UNC3886, a sophisticated China-linked advanced persistent threat (APT) group. As of July 2025, the group has been actively targeting essential s ...
-
security.nl
Duizenden WordPress-sites kwetsbaar door kritiek RCE-lek in plug-in
Duizenden WordPress-sites maken gebruik van een plug-in met een kritieke kwetsbaarheid die remote code execution (RCE) door een ongeauthenticeerde aanvaller mogelijk maakt. Een beveiligingsupdate is b ...
-
Hot for Security
French submarine secrets surface after cyber attack
European defence giant Naval Group has confirmed that it is investigating an alleged cyber attack which has seen what purports to be sensitive internal data published on the internet by hackers.Naval ...
-
BleepingComputer
Free Tool Autoswagger Finds The API Flaws Attackers Hope You Miss
APIs: Still Easy Targets in 2025 APIs are the backbone of modern applications - and one of the most exposed parts of an organization’s infrastructure. This makes them a prime target for attackers. One ...