CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
IBM Cloud login breaks for second time this week and Big Blue isn't saying why
IBM isn’t having its best week after the company experienced another cloudy outage and a critical-rated vulnerability. The outage repeated the Tuesday incident that saw users unable to access the cons ... Read more
-
Daily CyberSecurity
CVE-2025-48951: Critical Deserialization Flaw in Auth0 PHP SDK Threatens Millions of Applications
A newly disclosed vulnerability in the Auth0 PHP SDK—a widely-used authentication toolkit with over 16 million downloads—poses a critical threat to web applications that rely on social and enterprise ... Read more
-
Daily CyberSecurity
Cisco Warns of High-Severity SSH Security Flaws in UCS IMC and NDFC Systems
Cisco has issued security advisories for two high-severity vulnerabilities—one in the Cisco Integrated Management Controller (IMC) and the other in the Nexus Dashboard Fabric Controller (NDFC)—both po ... Read more
-
Daily CyberSecurity
Sophos Unmasks Sakura RAT: Hackers Hacking Hackers with Backdoored Malware!
In a recent deep dive, Sophos X-Ops uncovered a sophisticated campaign that’s not targeting enterprises or governments, but instead other hackers and game cheaters. And it all starts with a backdoored ... Read more
-
Daily CyberSecurity
CVE-2025-48947: Session Cookies at Risk in Auth0 Next.js SDK
A serious vulnerability has been uncovered in the widely-used Auth0 Next.js SDK—a library that helps developers implement authentication in their Next.js apps. Tracked as CVE-2025-48947 and rated CVSS ... Read more
-
Daily CyberSecurity
Critical Cisco ISE Cloud Vulnerability (CVSS 9.9) with PoC Exploit Threatens AWS, Azure, OCI
Cisco has patched a critical vulnerability (CVE-2025-20286, CVSS 9.9) that affects cloud-based deployments of its Identity Services Engine (ISE) across AWS, Microsoft Azure, and Oracle Cloud Infrastru ... Read more
-
Daily CyberSecurity
Critical ABB EIBPORT Flaw: Update Now to Prevent Building Automation Hijacks!
ABB has issued a Cyber Security Advisory addressing a critical session management vulnerability affecting its EIBPORT V3 products used in building automation systems. The flaw, tracked as CVE-2024-139 ... Read more
-
Daily CyberSecurity
Multiple Stored XSS Vulnerabilities Discovered in VMware NSX — Patch Now
Broadcom has released important updates addressing three newly disclosed vulnerabilities in VMware NSX, all of which expose users to Stored Cross-Site Scripting (XSS) attacks. These flaws—tracked as C ... Read more
-
The Register
Play ransomware crims exploit SimpleHelp flaw in double-extortion schemes
Groups linked with the Play ransomware have exploited more than 900 organizations, the FBI said Wednesday, and have developed a number of new techniques in their double-extortion campaigns - including ... Read more
-
BleepingComputer
FBI: Play ransomware breached 900 victims, including critical orgs
In an update to a joint advisory with CISA and the Australian Cyber Security Centre, the FBI said that the Play ransomware gang had breached roughly 900 organizations as of May 2025, three times the n ... Read more