CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Three High-Severity Privilege Escalation Flaws Patched in Sophos Intercept X for Windows
Sophos has patched three separate high-severity local privilege escalation (LPE) vulnerabilities in its widely used Intercept X for Windows product and its installer. These flaws, identified as CVE-20 ...
-
Daily CyberSecurity
Critical Livewire RCE (CVE-2025-54068) Threatens Millions of Laravel Apps – Patch Immediately!
A critical remote command execution (RCE) vulnerability has been discovered in Livewire, the popular full-stack framework for Laravel. Tracked as CVE-2025-54068, this flaw affects Livewire version 3.6 ...
-
Daily CyberSecurity
Two Vulnerabilities in 7-Zip Could Trigger Denial of Service
Researchers have disclosed two newly identified vulnerabilities in 7-Zip, one of the world’s most widely used open-source file archivers. Both issues—CVE-2025-53816 and CVE-2025-53817—affect versions ...
-
Daily CyberSecurity
ToolShell: New SharePoint RCE Zero-Day Chain Under Active Global Exploitation
Image: CODE WHITE GmbH On the evening of July 18, 2025, Eye Security identified an active, large-scale exploitation of a newly discovered Microsoft SharePoint remote code execution (RCE) vulnerability ...
-
Daily CyberSecurity
DuckDuckGo Battles AI Slop: New Filter Lets Users Hide AI-Generated Images from Search Results
DuckDuckGo, the search engine renowned for its emphasis on privacy protection and user experience, has recently introduced a new image filtering feature aimed at addressing the proliferation of AI-gen ...
-
The Register
Microsoft patches failed to fix on-prem SharePoint, which is now under zero-day attack
Infosec In Brief Microsoft has warned users of SharePoint Server that three on-prem versions of the product include a zero-day flaw that is under attack – and that its own failure to completely fix pa ...
-
Help Net Security
Microsoft SharePoint servers under attack via zero-day vulnerability with no patch (CVE-2025-53770)
Attackers are exploiting a zero-day variant (CVE-2025-53770) of a SharePoint remote code execution vulnerability (CVE-2025-49706) that Microsoft patched earlier this month, the company has confirmed o ...
-
CybersecurityNews
Weekly Cybersecurity Newsletter: Chrome 0-Day, VMware Flaws Patched, Fortiweb Hack, Teams Abuse, and More
It’s been a busy seven days for security alerts. Google is addressing another actively exploited zero-day in Chrome, and VMware has rolled out key patches for its own set of vulnerabilities. We’ll als ...
-
The Hacker News
EncryptHub Targets Web3 Developers Using Fake AI Platforms to Deploy Fickle Stealer Malware
The financially motivated threat actor known as EncryptHub (aka LARVA-208 and Water Gamayun) has been attributed to a new campaign that's targeting Web3 developers to infect them with information stea ...
-
BleepingComputer
Microsoft SharePoint zero-day exploited in RCE attacks, no patch available
A critical zero-day vulnerability in Microsoft SharePoint, tracked as CVE-2025-53770, has been actively exploited since at least July 18th, with no patch available and at least 85 servers already comp ...