CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
SureForms WordPress Plugin Flaw (CVE-2025-6691): Unauthenticated Arbitrary File Deletion Leads to Site Takeover, 200K Sites at Risks
A critical vulnerability in the SureForms WordPress plugin—which has over 200,000 active installations—has exposed websites to a serious threat of arbitrary file deletion, including the potential remo ...
-
Daily CyberSecurity
GitLab Releases Security Updates: XSS and Authorization Bypass Flaws Patched
GitLab has released security updates for its Community Edition (CE) and Enterprise Edition (EE), addressing multiple vulnerabilities that could allow attackers to perform cross-site scripting (XSS) at ...
-
The Hacker News
ServiceNow Flaw CVE-2025-3648 Could Lead to Data Exposure via Misconfigured ACLs
A high-severity security flaw has been disclosed in ServiceNow's platform that, if successfully exploited, could result in data exposure and exfiltration. The vulnerability, tracked as CVE-2025-3648 ( ...
-
huntress.com
Wing FTP Server Remote Code Execution (CVE-2025-47812) Exploited in the Wild
Summary TL;DR: Huntress saw active exploitation of Wing FTP Server remote code execution (CVE-2025-47812) on a customer on July 1, 2025. Organizations running Wing FTP Server should update to the fixe ...
-
seclists.org
Tiki Wiki CMS Groupware <= 28.3 Two Server-Side Template Injection Vulnerabilities
Full Disclosure mailing list archives From: Egidio Romano <n0b0d13s () gmail com> Date: Tue, 8 Jul 2025 12:02:03 +0200 --------------------------------------------------------------------------------- ...
-
Daily CyberSecurity
Critical D-Link DIR-825 Router Flaw (CVE-2025-7206, CVSS 9.8): Remote Crash Via Buffer Overflow
A newly discovered critical vulnerability (CVE-2025-7206) in the D-Link DIR-825 router running firmware version 2.10 poses a serious threat to home and enterprise networks. The flaw, unearthed by inde ...
-
Daily CyberSecurity
Ruckus Wireless Exposed: 9 Critical Vulnerabilities Leave Wi-Fi Management Systems Wide Open, No Patch!
Multiple critical vulnerabilities have been discovered in Ruckus Wireless’ Virtual SmartZone (vSZ) and Network Director (RND), posing a serious threat to the security of wireless environments in schoo ...
-
Daily CyberSecurity
Opossum Attack: New Vulnerability Compromises Encrypted TLS Connections, Allowing MitM & Data Injection
Opossum attack on HTTPS | Image: Researchers Researchers have unveiled the Opossum Attack, a novel class of desynchronization vulnerabilities that exploits the coexistence of implicit and opportunisti ...
-
Daily CyberSecurity
Critical Vulnerabilities Found in Schneider Electric’s EcoStruxure IT Data Center Expert
Schneider Electric has issued a high-severity security advisory disclosing multiple vulnerabilities affecting its flagship infrastructure management platform, EcoStruxure IT Data Center Expert (DCE), ...
-
seclists.org
KL-001-2025-011: Schneider Electric EcoStruxure IT Data Center Expert Unauthenticated Server-Side Request Forgery
Full Disclosure mailing list archives From: KoreLogic Disclosures via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 9 Jul 2025 17:18:08 -0500 KL-001-2025-011: Schneider Electric EcoStruxu ...