CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Hackers Started Exploiting CitrixBleed 2 Vulnerability Before Public PoC Disclosure
Researchers detected an active exploitation of CVE-2025-5777, dubbed CitrixBleed 2, nearly two weeks before a public proof-of-concept surfaced. This memory overread vulnerability in Citrix NetScaler a ...
-
CybersecurityNews
Cisco Unified Intelligence Center Vulnerability Allows Remote Attackers to Upload Arbitrary Files
A critical vulnerability in Cisco’s Unified Intelligence Center (CUIC) web-based management interface has been classified with high severity, allowing authenticated remote attackers with Report Design ...
-
Kaspersky
GhostContainer backdoor: malware compromising Exchange servers of high-value organizations in Asia
In a recent incident response (IR) case, we discovered highly customized malware targeting Exchange infrastructure within government environments. Analysis of detection logs and clues within the sampl ...
-
The Hacker News
Chinese Hackers Target Taiwan's Semiconductor Sector with Cobalt Strike, Custom Backdoors
The Taiwanese semiconductor industry has become the target of spear-phishing campaigns undertaken by three Chinese state-sponsored threat actors. "Targets of these campaigns ranged from organizations ...
-
CybersecurityNews
Lenovo Vantage Vulnerabilities Allow Attackers to Escalate Privileges as SYSTEM User
A trio of newly disclosed CVE-2025-6230, CVE-2025-6231 and CVE-2025-6232 underscores how a single trusted OEM utility can become a springboard for full machine compromise. Lenovo Vantage, shipped by d ...
-
InfoSec Write-ups
CVE‑2025‑27210 & CVE‑2025‑27209: Two high‑severity vulnerabilities in Node.js
What is this vulnerability?Two high‑severity flaws: CVE‑2025‑27210 and CVE‑2025‑27209 were found in Node.js. The first is a path traversal bypass exploiting Windows device names (CON, PRN, AUX). The s ...
-
InfoSec Write-ups
TryHackMe Room Walkthrough: Billing
🧠 TryHackMe Room Walkthrough: BillingA detailed walkthrough of TryHackMe’s Billing room exploiting CVE-2023–30258 and escalating via fail2ban misconfig4 min read11 hours agoRoom Link: https://tryhackm ...
-
The Hacker News
Cisco Warns of Critical ISE Flaw Allowing Unauthenticated Attackers to Execute Root Code
Jul 17, 2025Ravie LakshmananVulnerability / Network Security Cisco has disclosed a new maximum-severity security vulnerability impacting Identity Services Engine (ISE) and Cisco ISE Passive Identity ...
-
TheCyberThrone
CVE-2025-6558 – Chrome Zero-Day Sandbox Escape via GPU Rendering Flaw
Skip to content July 17, 2025Threat OverviewCVE-2025-6558 is a high-risk zero-day vulnerability (CVSS score: 8.8) impacting Google Chrome’s graphics rendering pipeline, specifically within the ANGLE ( ...
-
Daily CyberSecurity
Cloudflare’s 1.1.1.1 DNS Suffers Global Outage Due to Internal Configuration Error
Image: CloudFlare The 1.1.1.1 public DNS service operated by Cloudflare—second in global usage only to Google’s 8.8.8.8—experienced a large-scale worldwide outage on July 14, 2025. The disruption left ...