CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
security.nl
VS meldt actief misbruik van beveiligingslek in wifi-routers TP-Link
Aanvallers maken actief misbruik van een kwetsbaarheid in wifi-routers van fabrikant TP-Link, zo waarschuwt het Amerikaanse cyberagentschap CISA. Het beveiligingslek laat een aanvaller op afstand syst ...
-
Cyber Security News
Apache Tomcat Vulnerabilities Allow Authentication Bypass and DoS Attacks
Multiple critical security vulnerabilities affecting Apache Tomcat web servers, including two high-severity flaws enabling denial-of-service (DoS) attacks and one moderate-severity vulnerability allow ...
-
TheCyberThrone
CISA Adds Apple and TP-Link Vulnerabilities to KEV Catalog
On June 16, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) expanded its Known Exploited Vulnerabilities (KEV) Catalog by adding two high-risk vulnerabilities — one affecting Apple d ...
-
Daily CyberSecurity
Windows Hello Update: Microsoft Disables Facial Recognition in the Dark Due to Security Flaw
Facial recognition technology is increasingly prevalent across a variety of scenarios; however, cases of identity fraud continue to surface, highlighting that even facial recognition is not infallible ...
-
Cyber Security News
Hackers Actively Exploiting Langflow RCE Vulnerability to Deploy Flodrix Botnet
Security researchers have uncovered an active cyberattack campaign targeting Langflow servers through CVE-2025-3248, a critical remote code execution vulnerability that allows threat actors to deploy ...
-
Daily CyberSecurity
High-Severity Flaw Exposes ASUS Armoury Crate to Authentication Bypass
Gamers and PC enthusiasts relying on ASUS Armoury Crate to manage their high-performance systems are urged to update immediately following the discovery of a serious security vulnerability. Tracked as ...
-
Daily CyberSecurity
Team46 (TaxOff) Exploits Google Chrome Zero-Day (CVE-2025-2783) in Sophisticated Phishing Campaign
In a major revelation, the Threat Intelligence Department of the Positive Technologies Expert Security Center (PT ESC) has attributed a sophisticated phishing and malware campaign to the APT group Tea ...
-
Daily CyberSecurity
CVE-2025-49596: Critical RCE Vulnerability in MCP Inspector Exposes AI Developer Environments
A newly disclosed security flaw in the MCP Inspector, a tool designed to test and debug Machine Context Protocol (MCP) servers, could allow unauthenticated remote code execution (RCE) — potentially pu ...
-
Daily CyberSecurity
Two sslh Flaws Disclosed: Remote DoS Attacks Possible via Protocol Multiplexer
In June 2025, the SUSE Security Team disclosed critical vulnerabilities in sslh, a lightweight protocol multiplexer used to serve multiple services—such as SSH and HTTPS—on the same port. Though desig ...
-
Daily CyberSecurity
Apache Tomcat Patches 4 Flaws: DoS, Privilege Bypass, & Installer Risks Addressed
The Apache Software Foundation has disclosed four security vulnerabilities affecting multiple versions of Apache Tomcat, the widely used open-source Java servlet container. These flaws—ranging from de ...