CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
SAP NetWeaver 0-day Vulnerability Exploited in the Wild to Deploy Webshells
A wave of targeted cyberattacks has exposed a previously unknown vulnerability in SAP NetWeaver, allowing attackers to deploy malicious JSP webshells and gain unauthorized access to enterprise systems ... Read more
-
Cyber Security News
Lazarus APT Attacking Organizations by Exploiting One-Day vulnerabilities
Cybersecurity experts have identified a sophisticated campaign by the North Korean state-sponsored Lazarus APT group targeting critical infrastructure and financial organizations worldwide. The threat ... Read more
-
Daily CyberSecurity
CVE-2025-31324 (CVSS 10): Zero-Day in SAP NetWeaver Exploited in the Wild to Deploy Webshells and C2 Frameworks
A critical zero-day vulnerability affecting SAP NetWeaver Visual Composer MetadataUploader, now tracked as CVE-2025-31324, is being actively exploited in the wild to compromise enterprise and governme ... Read more
-
Daily CyberSecurity
Microsoft’s Patch for Symlink Exploit Introduces New Windows Update DoS Flaw
Image: Kevin Beaumont Previously, in an effort to patch security vulnerability (CVE-2025–21204) within the Windows operating system, Microsoft began creating an empty folder named inetpub in the syste ... Read more
-
Daily CyberSecurity
Perplexity Eyes Chrome as DOJ Pressures Google Over Antitrust
In addition to OpenAI expressing interest in acquiring Google’s Chrome browser business, Perplexity.ai has also signaled its intent to pursue such a deal. During testimony in the U.S. Department of Ju ... Read more
-
Daily CyberSecurity
CVE-2024-2787: Apple Archive Flaw Enables Arbitrary File Write and Gatekeeper Bypass, PoC Releases
A newly disclosed vulnerability in Apple’s proprietary libAppleArchive library, tracked as CVE-2024-27876, enables attackers to achieve arbitrary file writes on macOS and iOS systems, with the added p ... Read more
-
Daily CyberSecurity
ToyMaker’s Playbook: Cisco Talos Exposes IAB Tactics Leading to Cactus Ransomware
Image: Cisco Talos Cisco Talos’ 2023 incident response report unveils the operations of “ToyMaker,” a financially motivated Initial Access Broker (IAB) whose behind-the-scenes activity opened the floo ... Read more
-
Dark Reading
Max-Severity Commvault Bug Alarms Researchers
Source: T. Schneider via ShutterstockSecurity researchers have raised concerns about a maximum severity bug in certain versions of Commvault's Command Center that enables an unauthenticated remote att ... Read more
-
CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs
Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more
-
The Register
Microsoft mystery folder fix might need a fix of its own
Turns out Microsoft's latest patch job might need a patch of its own, again. This time, the culprit is a mysterious inetpub folder quietly deployed by Redmond, now hijacked by a security researcher to ... Read more