CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
High-Severity Bug: AMD Zen 5 RDSEED Flaw Risks Randomness Integrity; Microcode Fix Coming
In mid-October 2025, engineers discovered an architectural flaw in the AMD Zen 5 series processors related to the RDSEED instruction. Shortly thereafter, a corresponding Linux kernel patch was submitt ... Read more
-
Daily CyberSecurity
The 2026 Surge: Apple’s 15-Product Roadmap Includes Foldable iPhone & AI Smart Home
According to Bloomberg journalist Mark Gurman in his latest Power On newsletter, Apple retail employees have been instructed to prepare for an “overnight refresh” on the evening of November 11 —a move ... Read more
-
Daily CyberSecurity
Kinsing Cryptominer Exploits Apache ActiveMQ RCE (CVE-2023-46604), Adds Sharpire Backdoor for Multi-Stage Intrusion
The AhnLab Security Intelligence Center (ASEC) has confirmed that the Kinsing threat actor — also known as H2Miner — continues to actively exploit known vulnerabilities, particularly CVE-2023-46604 in ... Read more
-
Daily CyberSecurity
Copyright Pivot: Getty Images Partners with Perplexity AI to Tackle Content Attribution
Perplexity AI, the AI-powered search engine, recently announced a multi-year licensing partnership with the world-renowned image provider Getty Images. Through this collaboration, Perplexity will gain ... Read more
-
Daily CyberSecurity
Elastic Patches High-Severity Privilege Escalation Flaw in Elastic Cloud Enterprise (CVE-2025-37736)
Elastic has issued a security advisory addressing a high-severity vulnerability (CVE-2025-37736, CVSS 8.8) in Elastic Cloud Enterprise (ECE) that could allow a readonly user to perform unauthorized op ... Read more
-
The Register
Attackers targeting unpatched Cisco kit notice malware implant removal, install it again
Infosec in brief Australia’s Signals Directorate (ASD) last Friday warned that attackers are installing an implant named “BADCANDY” on unpatched Cisco IOS XE devices and can detect deletion of their w ... Read more
-
CrowdStrike.com
Falcon Defends Against Git Vulnerability CVE-2025-48384
CrowdStrike has identified active exploitation of Git vulnerability CVE-2025-48384. In the observed activity, threat actors combined sophisticated social engineering tactics with malicious Git reposit ... Read more
-
CrowdStrike.com
How Falcon Exposure Management’s ExPRT.AI Predicts What Attackers Will Exploit
Nearly 40,000 vulnerabilities were disclosed in 2024.1 Security teams are overwhelmed, especially those relying on outdated tools. ExPRT.AI, the native intelligence engine embedded in CrowdStrike Falc ... Read more
-
CrowdStrike.com
From Domain User to SYSTEM: Analyzing the NTLM LDAP Authentication Bypass Vulnerability (CVE-2025-54918)
In September 2025, a critical vulnerability (CVE-2025-54918) was discovered affecting domain controllers running LDAP or LDAPS services. This vulnerability allows attackers to elevate privileges from ... Read more
-
CybersecurityNews
Cybersecurity News Weekly Newsletter – EY Data Leak, Bind 9, Chrome Vulnerability, and Aardvar ChatGPT Agent
This week’s cybersecurity roundup highlights escalating threats from misconfigurations, software flaws, and advanced malware. Key incidents demand immediate attention from IT teams and executives. ISC ... Read more