CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Zero Day Initiative
CVE-2025-20281: Cisco ISE API Unauthenticated Remote Code Execution Vulnerability
On January 25th, 2025, the Trend Zero Day Initiative (ZDI) received a report from Kentaro Kawane of GMO Cybersecurity by Ierae regarding a deserialization of untrusted data vulnerability in Cisco Iden ...
-
nextron-systems.com
ToolShell Aftermath: What Defenders Should Do After Patching CVE-2025-53770
The recently exploited SharePoint vulnerability chain known as ToolShell (CVE-2025-53770) has shown once again that patching alone isn’t enough. Attackers gained unauthenticated remote access to vulne ...
-
CybersecurityNews
Multiple Vulnerabilities in Tridium Niagara Framework Let Attacker to Collect Sensitive Data from the Network
Researchers identified 13 critical vulnerabilities in Tridium’s widely-deployed Niagara Framework that could allow attackers to compromise building automation systems and collect sensitive network dat ...
-
security.nl
Shadowserver: kritiek Cisco ISE-lek sinds 5 juli misbruik bij aanvallen
Een kritieke kwetsbaarheid in Cisco Identity Services Engine (ISE) en Cisco ISE Passive Identity Connector (ISE-PIC) is sinds 5 juli misbruikt bij aanvallen, zo stelt The Shadowserver Foundation, een ...
-
CybersecurityNews
Critical VMware Tools VGAuth Vulnerabilities Enable Full System Access for Attackers
Two critical vulnerabilities in the VMware Guest Authentication Service (VGAuth) component of VMware Tools allow local attackers to escalate privileges from any user account to SYSTEM-level access on ...
-
SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 30
The Good | Authorities Dismantle XSS.is Cybercrime Forum & Release Free Phobos/8Base Decryptor After a 12-year long run, XSS[.]is (formerly DaMaGeLaB) faced major disruptions this week with the arrest ...
-
security.nl
Kritiek lek in wifi-thermostaat kan aanvaller op afstand toegang geven
Wifi-thermostaten van fabrikant Network Thermostat bevatten een kritieke kwetsbaarheid waardoor een aanvaller op afstand volledige administrator-toegang kan krijgen. Er zijn updates uitgebracht om het ...
-
security.nl
LG-beveiligingscamera's via kwetsbaarheid op afstand over te nemen
Dertienhonderd beveiligingscamera's van fabrikant LG Innotek zijn via een kwetsbaarheid op afstand over te nemen. De apparaten zijn end-of-life en LG zal geen beveiligingsupdate uitbrengen om het prob ...
-
CybersecurityNews
Fire Ant Hackers Exploiting Vulnerabilities in VMware ESXi and vCenter to Infiltrate Organizations
A sophisticated espionage campaign dubbed “Fire Ant” demonstrates previously unknown capabilities in compromising VMware virtualization infrastructure. Since early 2025, this threat actor has systemat ...
-
CybersecurityNews
Hackers Exploiting Sharepoint 0-day Vulnerability to Deploy Warlock Ransomware
Microsoft has issued urgent warnings about active exploitation of critical SharePoint vulnerabilities CVE-2025-53770 and CVE-2025-53771 by multiple threat actors, including the China-based group Storm ...