CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Microsoft Outlook to block more risky attachments used in attacks
Microsoft announced it will expand the list of blocked attachments in Outlook Web and the new Outlook for Windows starting next month. The company said on Monday in a Microsoft 365 Message Center upda ...
-
The Register
Critical Wazuh bug exploited in growing Mirai botnet infection
Cybercriminals are trying to spread multiple Mirai variants by exploiting a critical Wazuh vulnerability, researchers say – the first reported active attacks since the code execution bug was disclosed ...
-
BleepingComputer
Ivanti Workspace Control hardcoded key flaws expose SQL credentials
Ivanti has released security updates to fix three high-severity hardcoded key vulnerabilities in the company's Workspace Control (IWC) solution. IWC helps enterprise admins manage desktops and applica ...
-
security.nl
SAP waarschuwt voor nieuwe kritieke NetWeaver-kwetsbaarheid
SAP waarschuwt opnieuw voor een kritieke kwetsbaarheid in NetWeaver en heeft updates uitgebracht om het probleem te verhelpen. De software blijkt noodzakelijke autorisatiecontroles voor geauthenticeer ...
-
Cyber Security News
Ivanti Workspace Control Vulnerabilities Let Attackers Decrypt Stored SQL Credentials
Ivanti has issued urgent security updates for its Workspace Control platform after discovering three high-severity vulnerabilities that could allow attackers to decrypt stored SQL credentials. The com ...
-
Cyber Security News
Fortinet OS Command Injection Vulnerability Lets Attackers Execute Unauthorised Code on FortiAnalyzer-Cloud
Fortinet, a leading provider of cybersecurity solutions, has recently addressed a significant security vulnerability, CVE-2023-42788, classified as an OS command injection issue under CWE-78. This vul ...
-
Cyber Security News
Critical SAP NetWeaver Vulnerability Let Attackers Bypass Authorization Checks
A critical security vulnerability has been discovered in SAP NetWeaver Application Server for ABAP that allows authenticated attackers to bypass standard authorization checks and escalate their privil ...
-
Cyber Security News
Critical Vulnerability in Lovable’s Security Policies Let Attackers Inject Malicious Code
A severe security vulnerability, designated as CVE-2025-48757, has been discovered in Lovable’s implementation of Row Level Security (RLS) policies, allowing attackers to bypass authentication control ...
-
security.nl
Meerdere botnets misbruiken kritiek lek in beveiligingsplatform Wazuh
Verschillende botnets maken actief misbruik van een kritieke kwetsbaarheid in Wazuh, een opensource-beveiligingsplatform voor het voorkomen en detecteren van dreigingen en incidentrespons. Dat laat in ...
-
Help Net Security
Unpatched Wazuh servers targeted by Mirai botnets (CVE-2025-24016)
Two Mirai botnets are exploiting a critical remote code execution vulnerability (CVE-2025-24016) in the open-source Wazuh XDR/SIEM platform, Akamai researchers have warned. What is Wazuh? Wazuh is a p ...