CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Symfony Patches PATH_INFO Parsing Flaw Leading to Authorization Bypass (CVE-2025-64500)
The Symfony project has released security updates to address a newly disclosed vulnerability affecting its widely used HTTP Foundation component. Tracked as CVE-2025-64500 and rated CVSS 7.3, the flaw ...
-
Daily CyberSecurity
Cisco Warns of High-Severity Privilege Escalation Flaw (CVE-2025-20341) in Catalyst Center Virtual Appliance
A newly disclosed high-severity vulnerability in the Cisco Catalyst Center Virtual Appliance could allow attackers with low-level access to elevate their privileges to full administrative control, acc ...
-
BleepingComputer
Logitech confirms data breach after Clop extortion attack
Hardware accessory giant Logitech has confirmed it suffered a data breach in a cyberattack claimed by the Clop extortion gang, which conducted Oracle E-Business Suite data theft attacks in July. Logit ...
-
The Register
Fortinet finally cops to critical make-me-admin bug under active exploitation
Fortinet finally published a security advisory on Friday for a critical FortiWeb path traversal vulnerability under active exploitation – but it appears digital intruders got a month's head start. The ...
-
The Cyber Express
Washington Post Confirms Data Breach as CL0P Claims Over 40 Oracle Victims
The Washington Post has confirmed that it was breached by a threat campaign targeting Oracle E-Business Suite vulnerabilities. The Washington Post data breach is one of more than 40 victims claimed by ...
-
hackread.com
CISA Warns of Active Attacks on Cisco ASA and Firepower Flaws
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a strong warning regarding critical vulnerabilities in Cisco’s Adaptive Security Appliances (ASA) and Firepower devices, which ...
-
BleepingComputer
Fortinet confirms silent patch for FortiWeb zero-day exploited in attacks
Fortinet has confirmed that it has silently patched a critical zero-day vulnerability in its FortiWeb web application firewall, which is now "massively exploited in the wild." The announcement follows ...
-
BleepingComputer
Checkout.com snubs hackers after data breach, to donate ransom instead
UK financial technology company Checkout announced that the ShinyHunters threat group has breached one of its legacy cloud storage systems and is now extorting the company for a ransom. The company sa ...
-
The Hacker News
Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks
Cybersecurity researchers have uncovered critical remote code execution vulnerabilities impacting major artificial intelligence (AI) inference engines, including those from Meta, Nvidia, Microsoft, an ...
-
The Register
CISA flags imminent threat as Akira ransomware starts hitting Nutanix AHV
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued new guidance to organizations on the Akira ransomware operation, which poses an imminent threat to critical sectors. In an upd ...