CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
SSRF Flaw (CVE-2025-6087) in OpenNext for Cloudflare Allows Unauthenticated Content Proxying
A Server-Side Request Forgery (SSRF) vulnerability has been discovered in the @opennextjs/cloudflare package, potentially allowing unauthenticated users to abuse the /_next/image endpoint to proxy arb ...
-
Daily CyberSecurity
Critical Auth Bypass Vulnerability (CVE-2025-51381) Found in KAON KCM3100 Gateways
A critical vulnerability has been disclosed in KAON’s KCM3100 Wi-Fi gateway devices that could allow attackers to bypass authentication controls from within a local network. Tracked as CVE-2025-51381 ...
-
Cyber Security News
RapperBot Botnet Attack Peaks 50,000+ Attacks Targeting Network Edge Devices
The RapperBot botnet has reached unprecedented scale, with security researchers observing over 50,000 active bot infections targeting network edge devices across the globe. This sophisticated malware ...
-
BleepingComputer
CISA warns of attackers exploiting Linux flaw with PoC exploit
CISA has warned U.S. federal agencies about attackers targeting a high-severity vulnerability in the Linux kernel's OverlayFS subsystem that allows them to gain root privileges. This local privilege e ...
-
The Register
Veeam patches third critical RCE bug in Backup & Replication in space of a year
Veeam Backup & Replication users are urged to apply the latest patches that fix another critical bug leading to remote code execution (RCE) on backup servers. Tracked as CVE-2025-23121 with a CVSS v3 ...
-
security.nl
Linux-lek geeft aanvaller roottoegang: "organisaties moeten meteen patchen"
Onderzoekers hebbentwee nieuwe Linux-kwetsbaarheden ontdekt waardoor een niet-geprivilegeerde lokale gebruiker rootrechten kan krijgen. "Gegeven dat udisks overal aanwezig is en de eenvoud van de expl ...
-
The Cyber Express
CISA Flags CVE-2023-0386 as Actively Exploited Linux Kernel Privilege Escalation Threat
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning about the active exploitation of a critical Linux kernel vulnerability, officially listed as CVE-2023-0386. The vulnerabilit ...
-
Help Net Security
Chaining two LPEs to get “root”: Most Linux distros vulnerable (CVE-2025-6018, CVE-2025-6019)
Qualys researchers have unearthed two local privilege escalation vulnerabilities (CVE-2025-6018, CVE-2025-6019) that can be exploited in tandem to achieve root access on most Linux distributions “with ...
-
security.nl
Kritiek Veeam-lek laat aanvaller code op back-upserver uitvoeren
Een kritieke kwetsbaarheid in de software van Veeam maakt het mogelijk voor aanvallers om code op de back-upserver uit te voeren. Het bedrijf heeft een update uitgebracht om het probleem te verhelpen. ...
-
BleepingComputer
BeyondTrust warns of pre-auth RCE in Remote Support software
BeyondTrust has released security updates to fix a high-severity flaw in its Remote Support (RS) and Privileged Remote Access (PRA) solutions that can let unauthenticated attackers gain remote code ex ...