CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
InfoSec Write-ups
Everything You Need to Know About CVE-2025–3248: Langflow RCE Vulnerability Explained
CVE-2025–3248: Langflow RCE — When Your AI Pipeline Becomes an Attacker’s PlaygroundIntroductionIn today’s fast-evolving AI ecosystem, frameworks like Langflow are becoming increasingly popular for bu ...
-
security.nl
WhatsApp: FreeType-lek gebruikt bij aanvallen met Paragon-spyware
Een kwetsbaarheid in FreeType die in maart door Meta werd geopenbaard is gebruikt bij aanvallen met de Graphite-spyware van Paragon Solutions. Dat heeft WhatsApp tegenover SecurityWeek laten weten. Fr ...
-
cert.pl
TCC Bypass vulnerabilities in two macOS applications
CVE ID CVE-2025-5255 Publication date 20 June 2025 Vendor Core.ai Product Phoenix Code Vulnerable versions All through 4.0.3 Vulnerability type (CWE) Incorrect Default Permissions (CWE-276) Report sou ...
-
The Cyber Express
CVE-2025-49763: Apache Traffic Server Vulnerability Enables Memory Exhaustion Attacks
A security flaw in Apache Traffic Server (ATS) is targeting cloud service providers worldwide. The vulnerability, identified as CVE-2025-49763, exposes affected systems to denial-of-service (DoS) atta ...
-
Cyber Security News
ClamAV 1.4.3 and 1.0.9 Released With Fix for Vulnerabilities that Enable Remote Code Execution
Multiple high-severity vulnerabilities, including a dangerous buffer overflow capable of remote code execution, have been fixed in critical security updates released by the ClamAV team for versions 1. ...
-
Cyber Security News
Apache SeaTunnel Vulnerability Allows Unauthorized Users to Perform Deserialization Attack
Apache SeaTunnel, the widely used distributed data integration platform, has disclosed a significant security vulnerability that enables unauthorized users to execute arbitrary file read operations an ...
-
Daily CyberSecurity
Urgent WordPress Alert: Motors Theme Flaw (CVE-2025-4322) Actively Exploited for Site Takeover
Last month, a critical vulnerability was reported to Wordfence that now threatens more than 22,000 WordPress websites using the popular Motors automotive dealership theme. Tracked as CVE-2025-4322 and ...
-
Daily CyberSecurity
Microsoft 365 Boosts Security: Legacy File Access Protocols RPS & FrontPage RPC Phased Out July 2025
Microsoft routinely phases out outdated protocols used to access its services, primarily to reduce the potential attack surface. As time passes, older protocols often become vulnerable to flaws and ex ...
-
Daily CyberSecurity
Massive Data Leak: Hacker Allegedly Selling 16 Billion Login Credentials from Major Tech Giants
Since yesterday, reports of a hacker allegedly selling a staggering 16 billion sets of login credentials have swiftly drawn widespread attention. This massive database purportedly involves accounts li ...
-
Cyber Security News
IBM QRadar SIEM Vulnerabilities Allows Attackers to Execute Arbitrary Commands
Multiple high-severity vulnerabilities in IBM QRadar SIEM could allow attackers to execute arbitrary commands and access sensitive data. The most critical flaw, tracked as CVE-2025-33117, carries a CV ...