CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Hacker selling critical Roundcube webmail exploit as tech info disclosed
Hackers are likely starting to exploit CVE-2025-49113, a critical vulnerability in the widely used Roundcube open-source webmail application that allows remote execution. The security issue has been p ... Read more
-
TheCyberThrone
CVE-2025-20286 Credential Reuse Vulnerability in Cisco ISE
CVE-2025-20286 is a critical security vulnerability identified in Cisco Identity Services Engine (ISE) when deployed on certain cloud platforms, including:Amazon Web Services (AWS)Microsoft AzureOracl ... Read more
-
InfoSec Write-ups
️ Inside the 160-Comment Fight to Fix SnakeYAML’s RCE Default
How a 5-year-old deserialization flaw, a vacation phone call, and some persistence led to a safer Java ecosystem“I’ve Seen This Before”: Rediscovering an Old Vulnerability in New CodeThis whole story ... Read more
-
cert.pl
UNC1151 exploiting Roundcube to steal user credentials in a spearphishing campaign
CERT Polska has observed a spear phishing campaign targeting Polish entities this week. The threat actor attempted to exploit the CVE-2024-42009 vulnerability, which allows JavaScript code to be execu ... Read more
-
cert.pl
Vulnerability in 2ClickPortal software
CVE ID CVE-2025-4568 Publication date 05 June 2025 Vendor Trol InterMedia Product 2ClickPortal Vulnerable versions All before 7.14.3 Vulnerability type (CWE) Improper Neutralization of Special Element ... Read more
-
Cyber Security News
Play Ransomware Hacked 900 Organizations, CISA Released TTPs & IOCs
Federal authorities have revealed that the notorious Play ransomware group has successfully breached approximately 900 organizations worldwide as of May 2025, marking a dramatic escalation in cybercri ... Read more
-
Kaspersky
IT threat evolution in Q1 2025. Non-mobile statistics
IT threat evolution in Q1 2025. Non-mobile statistics IT threat evolution in Q1 2025. Mobile statistics The statistics in this report are based on detection verdicts returned by Kaspersky products unl ... Read more
-
Cyber Security News
Cisco ISE Vulnerability Allows Remote to Access Sensitive Data – PoC Exploit Available
A critical vulnerability affecting its Identity Services Engine (ISE) when deployed on major cloud platforms, warning that proof-of-concept exploit code is now publicly available. The flaw, tracked as ... Read more
-
Cyber Security News
Wireshark Vulnerability Enables DoS Attack Through Malicious Packet Injection
A critical vulnerability in the popular network protocol analyzer Wireshark has been discovered, allowing attackers to trigger denial-of-service (DoS) attacks through packet injection or the use of ma ... Read more
-
security.nl
Cisco waarschuwt voor kritiek ISE-beveiligingslek door statisch wachtwoord
Cisco waarschuwt organisaties voor een kritieke kwetsbaarheid in de Identity Services Engine (ISE) die wordt veroorzaakt door een statisch wachtwoord. Een ongeauthenticeerde aanvaller kan met dit wach ... Read more