CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Zero-Click Samsung Zero-Day (CVE-2025-21042) Delivered LANDFALL Spyware Via Malicious DNG Images
Researchers from Unit 42, the threat intelligence team at Palo Alto Networks, have discovered a previously unknown Android spyware family dubbed LANDFALL, which leveraged a zero-day vulnerability (CVE ... Read more
-
Daily CyberSecurity
CVE-2025-64439: RCE Flaw Detected in LangGraph: Agent Orchestration Framework at Risk
The LangGraph project, a powerful, low-level orchestration framework trusted by major tech companies for building stateful AI agents, has issued a high-severity security advisory for a Remote Code Exe ... Read more
-
Daily CyberSecurity
High-Severity Elastic Defend Flaw (CVE-2025-37735) Allows Local Attackers to Delete Arbitrary Files as SYSTEM
Elastic has released security updates to address a serious flaw in Elastic Defend, its endpoint protection component within the Elastic Security suite. Tracked as CVE-2025-37735, the vulnerability is ... Read more
-
Daily CyberSecurity
China APT Infiltrates US Policy Nonprofit in Months-Long Espionage Campaign Using DLL Sideloading
A new investigation by the Broadcom Threat Hunter Team has uncovered a China-linked cyber espionage campaign that infiltrated a U.S.-based nonprofit organization involved in influencing U.S. governmen ... Read more
-
Daily CyberSecurity
MSP Nightmare: Medusa & DragonForce Exploit SimpleHelp RMM Flaws for SYSTEM Access
Image: Zensec A new report from Zensec has exposed a critical vulnerability in the IT supply chain, detailing how two major Ransomware-as-a-Service (RaaS) groups, Medusa and DragonForce, are actively ... Read more
-
Daily CyberSecurity
PoC Exploit Released for CVE-2025-55680 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Flaw
Security researchers from TyphoonPWN, the Windows PE Winner team, in collaboration with SSD Secure Disclosure, have uncovered a time-of-check to time-of-use (TOCTOU) race condition affecting the Windo ... Read more
-
CrowdStrike.com
From Domain User to SYSTEM: Analyzing the NTLM LDAP Authentication Bypass Vulnerability (CVE-2025-54918)
In September 2025, a critical vulnerability (CVE-2025-54918) was discovered affecting domain controllers running LDAP or LDAPS services. This vulnerability allows attackers to elevate privileges from ... Read more
-
CybersecurityNews
Cybersecurity News Weekly Newsletter – Android and Cisco 0-Day, Teams Flaws, HackedGPT, and Whisper Leak
Welcome to this week’s edition of the Cybersecurity News Weekly Newsletter, where we dissect the latest threats shaking the digital landscape. As cyber risks evolve faster than ever, staying ahead mea ... Read more
-
CrowdStrike.com
From Domain User to SYSTEM: Analyzing the NTLM LDAP Authentication Bypass Vulnerability (CVE-2025-54918)
In September 2025, a critical vulnerability (CVE-2025-54918) was discovered affecting domain controllers running LDAP or LDAPS services. This vulnerability allows attackers to elevate privileges from ... Read more
-
BleepingComputer
Dangerous runC flaws could allow hackers to escape Docker containers
Three newly disclosed vulnerabilities in the runC container runtime used in Docker and Kubernetes could be exploited to bypass isolation restrictions and get access to the host system. The security is ... Read more