CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
Notepad++ Vulnerability Let Attacker Gains Complete System Control – PoC Released
A severe privilege escalation vulnerability has been discovered in Notepad++ version 8.8.1, potentially exposing millions of users worldwide to complete system compromise. The flaw, designated CVE-202 ...
-
Daily CyberSecurity
Critical Convoy Flaw (CVE-2025-52562, CVSS 10.0): Unauthenticated Remote Code Execution on KVM Servers!
A newly disclosed vulnerability in Convoy, a modern KVM server management panel built for hosting providers, has received the highest possible severity rating—CVSS 10.0—and could allow unauthenticated ...
-
Daily CyberSecurity
From Bypass to Root: Mandiant Red Team Exploits CVE-2025-2171 and CVE-2025-2172 in Aviatrix Cloud Controller
Mandiant successfully breached a fully patched instance of the Aviatrix Controller—a central component in Software-Defined Networking (SDN) architectures—by chaining together multiple vulnerabilities ...
-
Daily CyberSecurity
No Patch, Full Exploit: CVSS 9.9 RCE & IDOR Flaws in InnoShop eCommerce Platform
Security researcher TheHiker disclosured three serious vulnerabilities in InnoShop, an open-source eCommerce system built on Laravel 12. These issues—ranging from insecure direct object references (ID ...
-
TheCyberThrone
CVE-2025-5777 – Critical Citrix NetScaler Vulnerability
CVE-2025-5777 is a critical out-of-bounds read vulnerability discovered in Citrix NetScaler ADC and NetScaler Gateway. This flaw allows unauthenticated remote attackers to access sensitive memory cont ...
-
Daily CyberSecurity
North Korean Hackers Exploit GitHub and Dropbox in Targeted Spearphishing Attacks
A new report from EnkiWhiteHat has unveiled a sophisticated cyber espionage operation that leverages GitHub private repositories, Dropbox links, and the open-source XenoRAT malware in a campaign targe ...
-
Daily CyberSecurity
Wedding Invitation Scam: SpyMax RAT Targets Indian WhatsApp Users, Stealing OTPs & Banking Credentials
Researchers at K7 Labs have uncovered a highly targeted Android spyware campaign aimed at Indian mobile users, using a seemingly innocent “Wedding Invitation” APK file shared via WhatsApp. Behind the ...
-
The Register
Typhoon-like gang slinging TLS certificate 'signed' by the Los Angeles Police Department
A stealthy, ongoing campaign to gain long-term access to networks bears all the markings of intrusions conducted by China’s ‘Typhoon’ crews and has infected at least 1,000 devices, primarily in the US ...
-
Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Salt Typhoon Targets Telecoms via Router Flaws, Warn FBI and Canada
A newly released advisory from the FBI and Canada’s Cyber Centre warns of an ongoing cyber espionage campaign by a China-linked group that is targeting telecom networks worldwide. The report, issued J ...
-
Ars Technica
Canadian telecom hacked by suspected China state group
Hackers suspected of working on behalf of the Chinese government exploited a maximum-severity vulnerability, which had received a patch 16 months earlier, to compromise a telecommunications provider i ...