CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
Leaked KeyPlug Malware Infrastructure Contains Exploit Scripts to Hack Fortinet Firewall and VPN
A server briefly linked to the notorious KeyPlug malware has inadvertently exposed a comprehensive arsenal of exploitation tools specifically designed to target Fortinet firewall and VPN appliances. T ... Read more
-
BleepingComputer
ASUS warns of critical auth bypass flaw in routers using AiCloud
ASUS is warning about an authentication bypass vulnerability in routers with AiCloud enabled that could allow remote attackers to perform unauthorized execution of functions on the device. The vulnera ... Read more
-
BleepingComputer
SonicWall SMA VPN devices targeted in attacks since January
A remote code execution vulnerability affecting SonicWall Secure Mobile Access (SMA) appliances has been under active exploitation since at least January 2025, according to cybersecurity company Arcti ... Read more
-
BleepingComputer
Chinese hackers target Russian govt with upgraded RAT malware
Chinese-speaking IronHusky hackers are targeting Russian and Mongolian government organizations using upgraded MysterySnail remote access trojan (RAT) malware. Security researchers at Kaspersky's Glob ... Read more
-
TheCyberThrone
CISA adds Microsoft and Apple vulnerabilities to KEV Catalog
The Cybersecurity and Infrastructure Security Agency (CISA) has added three newly exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, signaling active exploitation in the w ... Read more
-
Dark Reading
Apple Zero-Days Under 'Sophisticated Attack,' but Details Lacking
dpa picture alliance / AlamyTwo Apple zero-day vulnerabilities were exploited in "extremely sophisticated attacks," according to the technology giant, but it has provided little detail on the threats. ... Read more
-
CrowdStrike.com
Kubernetes IngressNightmare Vulnerabilities: What You Need to Know
We would like to recognize Amit Serper, Travis Lowe, Tony Gore, Adrian Godoy, Mihai Vasilescu, Suraj Sahu, Pablo Ramos, Raj Jammalamadaka, Lacie Griffin, and Josh Grunzweig for their contributions in ... Read more
-
CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs
Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more
-
Cyber Security News
Linux Kernel Vulnerability Let Attackers Escalate Privilege – PoC Released
A newly discovered vulnerability, CVE-2024-53141, in the Linux kernel’s IP sets framework has exposed a critical security flaw that allows local attackers to escalate privileges and potentially gain r ... Read more
-
BleepingComputer
Cisco Webex bug lets hackers gain code execution via meeting links
Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code execution using malicious meeting invite links. Tracke ... Read more