CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
CVE-2025-2492: Critical ASUS Router Vulnerability Requires Immediate Firmware Update
ASUS has released a firmware update addressing a critical-severity vulnerability—CVE-2025-2492—with a CVSSv4 score of 9.2. The flaw impacts several ASUS router firmware series with AiCloud enabled and ... Read more
-
Daily CyberSecurity
Larva-24005: Kimsuky’s Global Cyber Espionage Campaign Exploits RDP and Office Flaws
A new cybersecurity report from the AhnLab Security intelligence Center (ASEC) has shed light on a recently identified operation linked to the notorious Kimsuky group. Dubbed “Larva-24005,” this campa ... Read more
-
Daily CyberSecurity
CVE-2025-42599: Critical Buffer Overflow in Active! mail Exploited in the Wild
A severe security vulnerability has been identified in Active! mail, a product of QUALITIA CO., LTD., posing a significant risk to affected systems. The Japan Computer Emergency Response Team (JPCERT) ... Read more
-
Daily CyberSecurity
APT41/RedGolf Infrastructure Briefly Exposed: Fortinet Zero-Days Targeted Shiseido
In a rare window into the operations of an advanced persistent threat, a KeyPlug-linked infrastructure briefly went live, exposing tools and scripts tied to APT41/RedGolf operations. The server, activ ... Read more
-
Daily CyberSecurity
Critical Meshtastic RCE Vulnerability (CVE-2025-24797) Requires Urgent Update
A critical security vulnerability has been disclosed in Meshtastic, the open-source LoRa mesh networking platform known for enabling long-range, low-power communication without cellular or internet co ... Read more
-
cybereason.com
CVE-2025-32433: Unauthenticated RCE Vulnerability in Erlang/OTP’s SSH Implementation
Key Takeaways A critical vulnerability has been discovered in Erlang/OTP, tracked as CVE-2025-32433, and has a CVSS score of 10 (critical). This critical remote code execution (RCE) vulnerability aff ... Read more
-
TheCyberThrone
CVE-2025-2492 impacts ASUS AiCloud Routers
CVE-2025-2492 is a critical authentication bypass vulnerability affecting ASUS routers with AiCloud enabled. This flaw allows remote attackers to execute unauthorized functions on vulnerable devices w ... Read more
-
CrowdStrike.com
Kubernetes IngressNightmare Vulnerabilities: What You Need to Know
We would like to recognize Amit Serper, Travis Lowe, Tony Gore, Adrian Godoy, Mihai Vasilescu, Suraj Sahu, Pablo Ramos, Raj Jammalamadaka, Lacie Griffin, and Josh Grunzweig for their contributions in ... Read more
-
CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs
Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more
-
Help Net Security
Week in review: LLM package hallucinations harm supply chains, Nagios Log Server flaws fixed
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) Apple has ... Read more