CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
Windows 0-Day Vulnerability Exploited in the Wild to Deploy Play Ransomware
Threat actors linked to the Play ransomware operation exploited a zero-day vulnerability in Microsoft Windows prior to its patching on April 8, 2025. The vulnerability, tracked as CVE-2025-29824, affe ... Read more
-
The Hacker News
SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version
Vulnerability / IT Service Cybersecurity researchers have disclosed multiple security flaw in the on-premise version of SysAid IT support software that could be exploited to achieve pre-authenticated ... Read more
-
Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited, Warns CISA
CISA warns of active exploitation of critical Langflow vulnerability (CVE-2025-3248). Critical RCE flaw allows full server takeover. Patch to version 1.3.0 now! In April 2025, cybersecurity researcher ... Read more
-
Daily CyberSecurity
Zero-Day CLFS Vulnerability (CVE-2025-29824) Exploited in Ransomware Attacks
Symantec’s Threat Hunter Team has uncovered a sophisticated attack involving a zero-day privilege escalation vulnerability in Microsoft’s Common Log File System (CLFS) driver — CVE-2025-29824 — active ... Read more
-
The Hacker News
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day to Breach U.S. Organization
Threat actors with links to the Play ransomware family exploited a recently patched security flaw in Microsoft Windows as a zero-day as part of an attack targeting an unnamed organization in the Unite ... Read more
-
BleepingComputer
Microsoft: April updates cause Windows Server auth issues
Microsoft says the April 2025 security updates are causing authentication issues on some Windows Server 2025 domain controllers. The list of impacted platforms includes Windows Server 2016, Windows Se ... Read more
-
Help Net Security
Actively exploited FreeType flaw fixed in Android (CVE-2025-27363)
Google has released fixes for a bucketload of Android security vulnerabilities, including a FreeType flaw (CVE-2025-27363) that “may be under limited, targeted exploitation.” About CVE-2025-27363 CVE- ... Read more
-
Cyber Security News
Critical Kibana Vulnerability Let Attackers Execute Arbitrary Code
Elastic has disclosed a critical security vulnerability in Kibana, its popular data visualization platform, that could allow attackers to execute arbitrary code. The vulnerability, identified as CVE-2 ... Read more
-
security.nl
Ubiquiti UniFi Protect-camera's via kritiek lek op afstand over te nemen
Een kritieke kwetsbaarheid maakt het mogelijk voor ongeauthenticeerde aanvallers om Ubiquiti UniFi Protect-camera's op afstand over te nemen. De impact van het beveiligingslek (CVE-2025-23123) is op e ... Read more
-
Cyber Security News
Mirai Botnet Actively Exploiting GeoVision IoT Devices Command Injection Vulnerabilities
The cybersecurity landscape has once again been disrupted by the resurgence of the notorious Mirai botnet, which has been actively exploiting command injection vulnerabilities in discontinued GeoVisio ... Read more