CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Curly COMrades APT Bypasses EDR by Hiding Linux Backdoor Inside Covert Hyper-V VM
In collaboration with the Georgian CERT, researchers from Bitdefender have uncovered a new wave of cyber-espionage activity conducted by a Russian-aligned threat group known as Curly COMrades, which l ... Read more
-
Daily CyberSecurity
High-Severity NVIDIA App Flaw (CVE-2025-23358) Allows Local Privilege Escalation on Windows
NVIDIA has released an important software security update for the NVIDIA App on Windows systems, addressing a high-severity local privilege escalation vulnerability (CVE-2025-23358) that could allow a ... Read more
-
Daily CyberSecurity
CISA Warns: Critical Survision LPR Camera Flaw (CVE-2025-12108, CVSS 9.8) Allows Unauthenticated Takeover
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory warning about a critical vulnerability affecting all versions of Survision License Plate Recognition (LPR) cameras, w ... Read more
-
CrowdStrike.com
From Domain User to SYSTEM: Analyzing the NTLM LDAP Authentication Bypass Vulnerability (CVE-2025-54918)
In September 2025, a critical vulnerability (CVE-2025-54918) was discovered affecting domain controllers running LDAP or LDAPS services. This vulnerability allows attackers to elevate privileges from ... Read more
-
CrowdStrike.com
From Domain User to SYSTEM: Analyzing the NTLM LDAP Authentication Bypass Vulnerability (CVE-2025-54918)
In September 2025, a critical vulnerability (CVE-2025-54918) was discovered affecting domain controllers running LDAP or LDAPS services. This vulnerability allows attackers to elevate privileges from ... Read more
-
CrowdStrike.com
From Domain User to SYSTEM: Analyzing the NTLM LDAP Authentication Bypass Vulnerability (CVE-2025-54918)
In September 2025, a critical vulnerability (CVE-2025-54918) was discovered affecting domain controllers running LDAP or LDAPS services. This vulnerability allows attackers to elevate privileges from ... Read more
-
BleepingComputer
CISA warns of critical CentOS Web Panel bug exploited in attacks
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning that threat actors are exploiting a critical remote command execution flaw in CentOS Web Panel (CWP). The agency has added the ... Read more
-
CrowdStrike.com
From Domain User to SYSTEM: Analyzing the NTLM LDAP Authentication Bypass Vulnerability (CVE-2025-54918)
In September 2025, a critical vulnerability (CVE-2025-54918) was discovered affecting domain controllers running LDAP or LDAPS services. This vulnerability allows attackers to elevate privileges from ... Read more
-
CybersecurityNews
Windows Cloud Files Mini Filter Driver Vulnerability Exploited to Escalate Privileges
A privilege escalation flaw in Windows Cloud Files Mini Filter Driver has been discovered, allowing local attackers to bypass file write protections and inject malicious code into system processes. Se ... Read more
-
CybersecurityNews
AI Engine WordPress Plugin Exposes 100,000 WordPress Sites to Privilege Escalation Attacks
A critical security vulnerability in the AI Engine WordPress plugin has put more than 100,000 active installations at risk of privilege escalation attacks. The flaw, tracked as CVE-2025-11749 with a C ... Read more