CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
CVE-2025-27007: Critical OttoKit WordPress Plugin Flaw Exploited After Disclosure, 100K+ Sites at Risk
A newly disclosed critical vulnerability in the popular OttoKit WordPress plugin—with over 100,000 active installations—has placed countless websites at risk of full compromise. Discovered by Denver J ... Read more
-
Daily CyberSecurity
Apple Appeals App Store Ruling in Epic Games Case
Following a court ruling that found Apple had willfully violated market competition laws and granted Epic Games’ recent motion to enforce an injunction, Apple has been compelled to revise its App Stor ... Read more
-
Daily CyberSecurity
CVE-2025-2905 (CVSS 9.1): Critical XXE Vulnerability Found in WSO2 API Manager
A critical security vulnerability has been identified in WSO2 API Manager 2.0.0 and earlier, posing a significant risk to affected deployments. The vulnerability, tracked as CVE-2025-2905 (CVSS 9.1), ... Read more
-
Daily CyberSecurity
CVE-2025-2605 (CVSS 9.9): Critical Vulnerability Found in Honeywell MB-Secure Alarm Panels
Honeywell has issued an urgent security notice (SN 2025-05-01-01) disclosing a critical vulnerability in its MB-Secure and MB-Secure PRO alarm control panels, used in physical security infrastructure ... Read more
-
Daily CyberSecurity
Digigram PYKO-OUT AoIP Devices Exposed to Attacks Due to Missing Default Password
A security vulnerability has been identified in Digigram’s PYKO-OUT audio-over-IP (AoIP) product, raising concerns about its use in applications such as paging, background music, and live announcement ... Read more
-
Daily CyberSecurity
DragonForce Ransomware Cartel Hits UK Retailers with Custom Payloads and Global Extortion Campaign
DragonForce affiliate panel | Image: SentinelOne A disturbing evolution in the ransomware ecosystem has been exposed by cybersecurity firm SentinelOne, which has published an in-depth analysis of the ... Read more
-
Daily CyberSecurity
Critical IBM Cognos Analytics Vulnerabilities Demand Urgent Patching
IBM has released security updates to address two critical vulnerabilities affecting its flagship business intelligence platform, IBM Cognos Analytics, warning that attackers could exploit these flaws ... Read more
-
Daily CyberSecurity
Android Security Bulletin May 2025: Multi Vulnerabilities Including Actively Exploited CVE-2025-27363
Google has released its Android Security Bulletin for May 2025, highlighting a range of high-severity vulnerabilities affecting Android OS components, third-party chipsets, and the popular FreeType li ... Read more
-
Daily CyberSecurity
Langflow Under Attack: CISA Warns of Active Exploitation of CVE-2025-3248
Image: Horizon3.ai The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has officially added CVE-2025-3248 to its Known Exploited Vulnerabilities (KEV) Catalog, citing evidence of active e ... Read more
-
Daily CyberSecurity
CVE-2024-7399: Samsung MagicINFO Vulnerability Now Actively Exploited in the Wild
A critical security vulnerability, CVE-2024-7399, is being actively exploited in the wild in Samsung MagicINFO 9 Server, a content management system (CMS) widely used for managing digital signage disp ... Read more