CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
InfoSec Write-ups
From Behaviors to Shells: Yii2 PHP Framework RCE | CVE-2024–58136 — Exploit and Mitigation!
3 min readMay 28, 2025CVE-2024–58136 is a critical remote code execution (RCE) vulnerability in the Yii2 PHP framework. It affects applications that allow behaviors to be attached to components using ...
-
InfoSec Write-ups
CVE-2025–49706 — SharePoint Spoofing Vulnerability Under Active Exploitation
A deep dive into CVE-2025–49706 — the SharePoint spoofing flaw now exploited in the wild for stealthy web shell deployment and privilege escalation.4 min read16 hours agoBy Aditya Bhatt — VAPT Special ...
-
BleepingComputer
Microsoft releases emergency patches for SharePoint RCE flaws exploited in attacks
Microsoft has released emergency SharePoint security updates for two zero-day vulnerabilities tracked as CVE-2025-53770 and CVE-2025-53771 that have compromised services worldwide in "ToolShell" attac ...
-
CybersecurityNews
New 7-Zip Vulnerability Enables Malicious RAR5 File to Crash Your System
A critical memory corruption vulnerability in the popular file archiver 7-Zip has been discovered that allows attackers to trigger denial of service conditions by crafting malicious RAR5 archive files ...
-
The Hacker News
Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks
Microsoft on Sunday released security patches for an actively exploited security flaw in SharePoint and also released details of another vulnerability that it said has been addressed with "more robust ...
-
The Hacker News
Hard-Coded Credentials Found in HPE Instant On Devices Allow Admin Access
Jul 21, 2025Ravie LakshmananNetwork Security / Vulnerability Hewlett-Packard Enterprise (HPE) has released security updates to address a critical security flaw affecting Instant On Access Points tha ...
-
TheCyberThrone
CISA adds CVE-2025-53770 SharePoint Vulnerability to KEV
July 21, 2025SummaryA critical remote code execution (RCE) vulnerability has been discovered in Microsoft SharePoint Server (on-premises versions only). The vulnerability, tracked as CVE-2025-53770, a ...
-
Daily CyberSecurity
Three High-Severity Privilege Escalation Flaws Patched in Sophos Intercept X for Windows
Sophos has patched three separate high-severity local privilege escalation (LPE) vulnerabilities in its widely used Intercept X for Windows product and its installer. These flaws, identified as CVE-20 ...
-
Daily CyberSecurity
Critical Livewire RCE (CVE-2025-54068) Threatens Millions of Laravel Apps – Patch Immediately!
A critical remote command execution (RCE) vulnerability has been discovered in Livewire, the popular full-stack framework for Laravel. Tracked as CVE-2025-54068, this flaw affects Livewire version 3.6 ...
-
Daily CyberSecurity
Two Vulnerabilities in 7-Zip Could Trigger Denial of Service
Researchers have disclosed two newly identified vulnerabilities in 7-Zip, one of the world’s most widely used open-source file archivers. Both issues—CVE-2025-53816 and CVE-2025-53817—affect versions ...