CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
SAP Patch Fixes Critical CVSS 9.6 Flaw in NetWeaver: Privilege Escalation and System Integrity at Risk
SAP’s June 2025 Security Patch Day addressed a total of 14 new vulnerabilities, including a critical issue and several high-severity flaws that demand immediate attention from enterprises relying on S ... Read more
-
Daily CyberSecurity
Microsoft Edge Rolls Out AI-Powered History Search with Privacy Focus
Microsoft is currently rolling out an AI-powered history search feature to users of the Microsoft Edge browser. This functionality enables fuzzy search capabilities, allowing users to locate previousl ... Read more
-
seclists.org
Full Disclosure: CVE-2025-31200 & CVE-2025-31201 – 0-Click iMessage Chain → Secure Enclave Key Theft, Wormable RCE, Crypto Theft
Full Disclosure mailing list archives From: josephgoyd via Fulldisclosure <fulldisclosure () seclists org> Date: Mon, 09 Jun 2025 05:22:35 +0000 Hello Full Disclosure, This is a strategic public discl ... Read more
-
Daily CyberSecurity
CVE-2025-4601: Flaw Exposes 33,000+ RealHomes WordPress Sites to Admin Takeover
A critical Privilege Escalation vulnerability has been disclosed in the RealHomes WordPress theme, a popular real estate template with over 33,000 sales on ThemeForest. Tracked as CVE-2025-4601 and ca ... Read more
-
Daily CyberSecurity
CISA Flags Active Exploits in Erlang/OTP SSH and Roundcube Webmail: Critical RCE and XSS Flaws Under Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, citing confirmed evidence of in-the-wild exploi ... Read more
-
Daily CyberSecurity
Chinese Cyberespionage Groups Probe SentinelOne in Sophisticated ShadowPad and PurpleHaze Campaigns
SentinelLABS has unveiled an extensive report detailing a wave of cyber-espionage activity that directly targeted SentinelOne and over 70 other organizations worldwide. Tracked as part of two intercon ... Read more
-
Daily CyberSecurity
CVE-2025-48757: Lovable’s Row-Level Security Breakdown Exposes Sensitive Data Across Hundreds of Projects
Security researcher Matt Palmer has uncovered a critical vulnerability in the Lovable low-code platform, now tracked as CVE-2025-48757, that allows unauthenticated access and data modification due to ... Read more
-
Daily CyberSecurity
Operation DRAGONCLONE: China Mobile Tietong Hit by Advanced APT Attack
Seqrite Labs APT-Team has uncovered a targeted campaign against China Mobile Tietong Co., Ltd., a prominent subsidiary of China Mobile, using a combination of DLL sideloading, anti-sandbox techniques, ... Read more
-
Daily CyberSecurity
CVE-2025-41646: Critical Authentication Bypass in RevPi Webstatus Threatens Industrial Systems
KUNBUS has issued a critical security advisory for its RevPi Webstatus application following the discovery of an authentication bypass vulnerability identified as CVE-2025-41646. With a CVSS base scor ... Read more
-
Daily CyberSecurity
BladedFeline: Iran-Aligned APT Group Expands Arsenal With Whisper and PrimeCache
In a detailed expose released by ESET, researchers unveiled a sophisticated and persistent cyberespionage campaign by an Iran-aligned APT group dubbed BladedFeline, a suspected subgroup of the notorio ... Read more