CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
Hackers Exploit MS Equation Editor Vulnerability to Deploy XLoader Malware
A sophisticated phishing campaign exploiting a nearly 8-year-old Microsoft Office vulnerability to distribute the dangerous XLoader information stealer. The attack leverages CVE-2017-11882, a memory c ... Read more
-
Cyber Security News
Samsung MagicINFO Vulnerability Allows Remote Code Execution Without Valid User
A critical security vulnerability has been discovered in Samsung’s MagicINFO digital signage management platform that could allow attackers to execute arbitrary code with system-level privileges witho ... Read more
-
Cyber Security News
Firefox 138 Released With Fix for Multiple High-Severity Vulnerabilities
Mozilla has released Firefox 138, addressing several high-severity security vulnerabilities while introducing long-awaited features, including improved profile management. Security researchers identif ... Read more
-
The Cyber Express
Ukraine Reports 48% Jump in Cyber Incidents in H2 2024, but 77% Drop in High-Severity Incidents
In Ukraine, cyber warfare is no longer just code and servers. It’s frontline infrastructure, psychological warfare, and kinetic attacks rolled into one. According to the Computer Emergency Response Te ... Read more
-
Cyber Security News
Zimbra Collaboration Server GraphQL Vulnerability Exposes Sensitive User Data
A critical Cross-Site Request Forgery (CSRF) vulnerability in Zimbra Collaboration Server (ZCS) versions 9.0 through 10.1, tracked as CVE-2025-32354, allows attackers to execute unauthorized GraphQL o ... Read more
-
Cyber Security News
Docker Registry Vulnerability Lets MacOS Users Pull Images from Any Registry
A newly disclosed vulnerability in Docker Desktop’s Registry Access Management (RAM) feature has left macOS users vulnerable to unauthorized image pulls, undermining critical container security contro ... Read more
-
Cyber Security News
PowerDNS DNSdist Vulnerability Let Attackers Cause Denial of Service Condition
A high-severity vulnerability (CVE-2025-30194) in PowerDNS DNSdist, a widely used DNS load balancer and security tool, enables remote attackers to trigger denial-of-service (DoS) conditions by exploit ... Read more
-
Cyber Security News
CISA Warns SAP 0-day Vulnerability Exploited in the Wild
CISA has added a critical SAP NetWeaver vulnerability to its Known Exploited Vulnerabilities (KEV) catalog on April 29, 2025. The zero-day flaw, tracked as CVE-2025-31324, carries a maximum CVSS score ... Read more
-
Cyber Security News
Avast Antivirus Vulnerability Let Attackers Escalate Privileges
Security researchers have disclosed a critical vulnerability in Avast Free Antivirus that could allow attackers to gain elevated system privileges and execute malicious code with kernel-level access. ... Read more
-
InfoSec Write-ups
CISA Sounds the Alarm: Broadcom and Commvault Flaws Under Active Exploitation! ️
Photo by Mika Baumeister on UnsplashBuckle up, cybersecurity enthusiasts! The U.S. Cybersecurity and Infrastructure Security Agency (CISA) just dropped a bombshell by adding two critical vulnerabiliti ... Read more