CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
InfoSec Write-ups
Your NTLM Hashes at Risk: Inside CVE‑2025‑24054
😱 Your NTLM Hashes at Risk: Inside CVE‑2025‑24054CVE‑2025‑24054NTLM (New Technology LAN Manager) is Microsoft’s legacy authentication suite, still found in many enterprise environments. NTLMv2 improve ... Read more
-
CVSS 10.0 Critical Vulnerability in Erlang/OTP’s SSH: Unauthenticated Remote Code Execution Risk
A critical security vulnerability (CVE-2025–32433) with a CVSS score of 10.0 has been identified in the SSH implementation of Erlang/OTP, a platform widely used in distributed, fault-tolerant systems ... Read more
-
CrowdStrike.com
Kubernetes IngressNightmare Vulnerabilities: What You Need to Know
We would like to recognize Amit Serper, Travis Lowe, Tony Gore, Adrian Godoy, Mihai Vasilescu, Suraj Sahu, Pablo Ramos, Raj Jammalamadaka, Lacie Griffin, and Josh Grunzweig for their contributions in ... Read more
-
CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs
Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more
-
Daily CyberSecurity
Global Zoom Outage Caused by Domain Registry Error at GoDaddy
On Wednesday afternoon Eastern Time, Zoom, the widely used remote video conferencing platform, experienced a massive and global outage. During the disruption, users were met with error messages indica ... Read more
-
Daily CyberSecurity
OpenAI Introduces Flex API for More Affordable AI Model Access
OpenAI’s API pricing is generally considered relatively high—for instance, the latest o3 and o4-mini APIs are significantly more expensive than comparable offerings from competing providers. Although ... Read more
-
Cyber Security News
CISA Warns of Multiple Apple 0-day Vulnerabilities Actively Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding multiple Apple 0-day vulnerabilities currently being actively exploited in targeted attacks. These c ... Read more
-
CrowdStrike.com
Kubernetes IngressNightmare Vulnerabilities: What You Need to Know
We would like to recognize Amit Serper, Travis Lowe, Tony Gore, Adrian Godoy, Mihai Vasilescu, Suraj Sahu, Pablo Ramos, Raj Jammalamadaka, Lacie Griffin, and Josh Grunzweig for their contributions in ... Read more
-
CrowdStrike.com
April 2025 Patch Tuesday: One Zero-Day and 11 Critical Vulnerabilities Among 121 CVEs
Microsoft has addressed 121 vulnerabilities in its April 2025 security update release. This month's patches include fixes for one actively exploited zero-day vulnerability and 11 Critical vulnerabilit ... Read more
-
The Hacker News
CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download
Windows Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a medium-severity security flaw impacting Microsoft Windows to its Known Exploited V ... Read more