CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
CoGUI Phishing Kit: Advanced Evasion Tactics Target Japan
Threat actors using a sophisticated phishing kit called CoGUI have launched a torrent of Japanese-language credential theft campaigns, flooding inboxes with millions of phishing emails each month, acc ... Read more
-
Daily CyberSecurity
CVE-2025-24977: Critical RCE Flaw in OpenCTI Platform Exposes Infrastructure to Root-Level Attacks
A critical security vulnerability has been identified in the OpenCTI Platform, an open-source solution used by organizations to manage cyber threat intelligence. The vulnerability, tracked as CVE-2025 ... Read more
-
Daily CyberSecurity
Critical AWS Amplify Studio Flaw Allows Code Execution – Update Now!
A critical-severity security flaw has been identified in AWS Amplify Studio, specifically within the amplify-codegen-ui package. This vulnerability, tracked as CVE-2025-4318 and with a critical CVSSv4 ... Read more
-
seclists.org
BeyondTrust PRA connection takeover - CVE-2025-0217
Full Disclosure mailing list archives BeyondTrust PRA connection takeover - CVE-2025-0217 From: Paul Szabo via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 7 May 2025 07:01:12 +1000 === ... Read more
-
Dark Reading
Researcher Says Patched Commvault Bug Still Exploitable
Source: T.Schneider via ShutterstockCertain versions of Commvault Command Center remain open to attack via a recently disclosed maximum severity vulnerability, even in supposedly patched builds of the ... Read more
-
Dark Reading
'Easily Exploitable' Langflow Vulnerability Requires Immediate Patching
Source: Alexey Kotelnikov via Alamy Stock PhotoNEWS BRIEFA critical flaw found in the open source Langflow platform was added to the US Cybersecurity and Infrastructure Security Agency’s (CISA's) Know ... Read more
-
BleepingComputer
Apache Parquet exploit tool detect servers vulnerable to critical flaw
A proof-of-concept exploit has been publicly released for a maximum severity Apache Parquet vulnerability, tracked as CVE-2025-30065, making it easy to find vulnerable servers. The tool was released b ... Read more
-
BleepingComputer
Samsung MagicINFO 9 Server RCE flaw now exploited in attacks
Hackers are exploiting an unauthenticated remote code execution (RCE) vulnerability in the Samsung MagicINFO 9 Server to hijack devices and deploy malware. Samsung MagicINFO Server is a centralized co ... Read more
-
BleepingComputer
Critical Langflow RCE flaw exploited to hack AI app servers
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has tagged a Langflow remote code execution vulnerability as actively exploited, urging organizations to apply security updates and mitig ... Read more
-
The Hacker News
Hackers Exploit Samsung MagicINFO, GeoVision IoT Flaws to Deploy Mirai Botnet
Internet of Thing / Vulnerability Threat actors have been observed actively exploiting security flaws in GeoVision end-of-life (EoL) Internet of Things (IoT) devices to corral them into a Mirai botnet ... Read more