CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
Mirai Botnet Actively Exploiting GeoVision IoT Devices Command Injection Vulnerabilities
The cybersecurity landscape has once again been disrupted by the resurgence of the notorious Mirai botnet, which has been actively exploiting command injection vulnerabilities in discontinued GeoVisio ... Read more
-
The Cyber Express
Google Rolls Out May 2025 Android Security Bulletin, Fixes 46 Vulnerabilities Including CVE-2025-27363
Google has published its Android Security Bulletin for May 2025, delivering critical updates to the Android ecosystem. This monthly update resolves 46 vulnerabilities, one of which—CVE-2025-27363—has ... Read more
-
security.nl
WordPress-sites aangevallen via kritiek lek in OttoKit-plug-in
WordPress-sites worden aangevallen via een kritieke kwetsbaarheid in de plug-in OttoKit, die eerder nog bekend stond als SureTriggers. Via het beveiligingslek kan een ongeauthenticeerde aanvaller admi ... Read more
-
Cyber Security News
Chrome Security Patch Addresses WebAudio Vulnerability Allowing Code Execution
Google has released a critical security update for Chrome, addressing a vulnerability that could allow attackers to execute malicious code through the browser’s WebAudio component. According to an ann ... Read more
-
The Hacker News
NSO Group Fined $168M for Targeting 1,400 WhatsApp Users With Pegasus Spyware
A federal jury on Tuesday decided that NSO Group must pay Meta-owned WhatsApp WhatsApp approximately $168 million in monetary damages, more than four months after a federal judge ruled that the Israel ... Read more
-
huntress.com
Rapid Response: Samsung MagicINFO 9 Server Flaw
TL;DR: While reports have indicated the latest version of Samsung MagicINFO 9 Server fixes a high-severity flaw (CVE-2024-7399), Huntress has independently verified that the latest version (21.1050.0) ... Read more
-
TheCyberThrone
CISA Adds CVE-2025-27363 to KEV Catalog
The Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2025-27363, a critical out-of-bounds write vulnerability in FreeType, to its Known Exploited Vulnerabilities (KEV) Catalog due ... Read more
-
Daily CyberSecurity
CVE-2025-25014 (CVSS 9.1): Prototype Pollution in Kibana Opens Door to Code Execution
Elastic has issued a critical security advisory for Kibana, warning users of a vulnerability tracked as CVE-2025-25014. Scoring a CVSS of 9.1, this flaw stems from a prototype pollution vulnerability ... Read more
-
Daily CyberSecurity
Botnet Exploits Old GeoVision IoT Devices via CVE-2024-6047 & CVE-2024-11120
The Akamai Security Intelligence and Response Team (SIRT) has identified active exploitation of two command injection vulnerabilities — CVE-2024-6047 and CVE-2024-11120 — in discontinued GeoVision IoT ... Read more
-
Daily CyberSecurity
CVE-2025-46728: cpp-httplib Vulnerability Exposes Servers to Denial of Service
The cpp-httplib, a C++11 single-file header-only cross-platform HTTP/HTTPS library known for its ease of setup, is facing a serious security vulnerability. A recently identified flaw, tracked as CVE-2 ... Read more