CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
seclists.org
Exploit CVE-2019-9978: Remote Code Execution in Social Warfare WordPress Plugin (<= 3.5.2)
Full Disclosure mailing list archives Exploit CVE-2019-9978: Remote Code Execution in Social Warfare WordPress Plugin (<= 3.5.2) From: Housma mardini <housma () gmail com> Date: Fri, 30 May 2025 13:31 ... Read more
-
security.nl
Androidlekken kunnen malafide apps ongemerkt meer permissies geven
Verschillende kwetsbaarheden in Android maken het mogelijk voor malafide apps om ongemerkt meer permissies te krijgen. Google heeft updates uitgebracht om de problemen te verhelpen. Tijdens de patchro ... Read more
-
security.nl
VS meldt actief misbruik van kwetsbaarheden in Craft CMS
Aanvallers maken actief misbruik van twee kwetsbaarheden in Craft CMS, een contentmanagementsysteem voor het opzetten van websites, vergelijkbaar met WordPress. Dat meldt het Cybersecurity and Infrast ... Read more
-
Cyber Security News
Splunk Universal Forwarder on Windows Lets Non-Admin Users Access All Contents
A high-severity vulnerability was uncovered in Splunk Universal Forwarder for Windows that compromises directory access controls. The flaw, designated CVE-2025-20298 with a CVSSv3.1 score of 8.0, affe ... Read more
-
CrowdStrike.com
May 2025 Patch Tuesday: Five Zero-Days and Five Critical Vulnerabilities Among 72 CVEs
Microsoft has addressed 72 vulnerabilities in its May 2025 security update release. This month's patches include fixes for five actively exploited zero-day vulnerabilities, including a zero-day vulner ... Read more
-
The Register
Illicit crypto-miners pouncing on lazy DevOps configs that leave clouds vulnerable
Up to a quarter of all cloud users are at risk of having their computing resources stolen and used to illicitly mine for cryptocurrency, after crims cooked up a campaign that targets publicly accessib ... Read more
-
Schneier on Security
New Linux Vulnerabilities
They’re interesting: Tracked as CVE-2025-5054 and CVE-2025-4598, both vulnerabilities are race condition bugs that could enable a local attacker to obtain access to access sensitive information. Tools ... Read more
-
BleepingComputer
Google patches new Chrome zero-day bug exploited in attacks
Google has released an emergency security update to fix the third Chrome zero-day vulnerability exploited in attacks since the start of the year. "Google is aware that an exploit for CVE-2025-5419 exi ... Read more
-
Cyber Security News
SolarWinds Dameware Remote Control Service Vulnerability Allows Privilege Escalation
A significant vulnerability, CVE-2025-26396, affects the SolarWinds Dameware Mini Remote Control Service could allow attackers to escalate privileges on affected systems. Security researcher Alexander ... Read more
-
Daily CyberSecurity
BitoPro Silent on $11.5M Hack: Investigator Uncovers Massive Crypto Theft
Cryptocurrency investigator @zachxbt, while analyzing on-chain transactions, uncovered a suspicious movement of funds linked to the Taiwanese cryptocurrency exchange BitoPro. Approximately $11.5 milli ... Read more