CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
GitLab Releases Security Update to Patch XSS and Account Takeover Flaws
GitLab has issued a security advisory urging users to upgrade their self-managed GitLab installations immediately. The advisory highlights the release of versions 17.11.1, 17.10.5, and 17.9.7 for both ... Read more
-
Daily CyberSecurity
High-Severity SonicWall SSLVPN Vulnerability Allows Firewall Crashing
SonicWall has disclosed a vulnerability affecting its SonicOS SSLVPN Virtual Office interface, which, if exploited, could allow remote attackers to crash firewall appliances. Tracked as CVE-2025-32818 ... Read more
-
Daily CyberSecurity
CVE-2025-32965: Backdoor in xrpl.js SDK Puts Crypto Wallets at Risk
Aikido Intel has issued an urgent alert after detecting a backdoor in multiple versions of xrpl.js, the official SDK for the XRP Ledger, marking one of the most severe supply chain attacks to hit the ... Read more
-
Daily CyberSecurity
CVE-2025-34028: Critical RCE Flaw in Commvault Command Center Scores CVSS 10
Commvault has disclosed a critical vulnerability affecting its Command Center, identified as CVE-2025-34028, with the maximum CVSS score of 10.0. The flaw allows unauthenticated remote attackers to ex ... Read more
-
Daily CyberSecurity
CVE-2024-6235: NetScaler Console Flaw Enables Admin Access, PoC Publishes
A critical vulnerability—CVE-2024-6235—in Citrix NetScaler Console has been dissected by security researcher chutton-r7, revealing a severe unauthenticated session hijack that enables attackers to cre ... Read more
-
Daily CyberSecurity
NVIDIA NeMo Framework: High-Risk Vulnerabilities Allow Remote Code Execution
NVIDIA has issued a security bulletin disclosing three high-severity vulnerabilities in its NeMo Framework, a scalable, cloud-native generative AI platform designed for developers working with Large L ... Read more
-
Daily CyberSecurity
Grafana Patches CVE-2025-3260 and More in Critical Security Update
Grafana Labs has issued security updates for multiple product versions, addressing one high and two medium-severity vulnerabilities affecting Grafana OSS and Enterprise editions. The most serious—CVE- ... Read more
-
Daily CyberSecurity
FormBook Malware Spreads via Sophisticated Phishing Attack
Workflow diagram of this FormBook campaign | Image: FortiGuard Labs A new phishing campaign distributing the FormBook infostealer malware has been uncovered by Fortinet’s FortiGuard Labs, targeting Wi ... Read more
-
CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs
Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more
-
The Register
Ripple NPM supply chain attack hunts for private keys
Many versions of the Ripple ledger (XRPL) official NPM package are compromised with malware injected to steal cryptocurrency. The NPM package, xrpl, is a JavaScript/TypeScript library that devs use to ... Read more