CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
Fortinet Warns of Active Exploitation of FortiOS SSL VPN 2FA Bypass Vulnerability
Dec 25, 2025Ravie LakshmananVulnerability / Enterprise Security Fortinet on Wednesday said it observed "recent abuse" of a five-year-old security flaw in FortiOS SSL VPN in the wild under certain co ...
-
The Hacker News
CISA Flags Actively Exploited Digiever NVR Vulnerability Allowing Remote Code Execution
Dec 25, 2025Ravie LakshmananVulnerability / Endpoint Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a security flaw impacting Digiever DS-2105 Pro network video reco ...
-
CybersecurityNews
Hackers Exploiting Three-Year-Old FortiGate Vulnerability to Bypass 2FA on Firewalls
Cybercriminals are actively abusing a long-patched Fortinet FortiGate flaw from July 2020, slipping past two-factor authentication (2FA) on firewalls and potentially granting unauthorized access to VP ...
-
Daily CyberSecurity
The AMX Lockdown: Critical KVM Bug Allows Guest VMs to Crash Linux Hosts
An unpleasant flaw surfaced in Linux—one capable of causing serious headaches for server administrators, particularly in public cloud environments. The issue arises when a KVM guest virtual machine us ...
-
Daily CyberSecurity
Hackers Revive 2020 FortiGate Flaw to Bypass 2FA
Fortinet has issued a warning regarding the active exploitation of a three-year-old vulnerability that allows attackers to bypass two-factor authentication (2FA) on FortiGate firewalls simply by chang ...
-
Daily CyberSecurity
High-Severity Flaws in TeamViewer DEX Allow Attackers to Hijack Nomad Services
TeamViewer has issued important security bulletins addressing multiple vulnerabilities across its Digital Employee Experience (DEX) product line (formerly 1E). The updates patch high-severity flaws in ...
-
Daily CyberSecurity
ChatGPT Atlas Under Guard: OpenAI Fortifies Browser Agent Against “Prompt Injection” Attacks
As artificial intelligence begins to browse the web on our behalf, the battleground for security is shifting from servers to our own browser tabs. OpenAI has deployed a critical security update for it ...
-
Daily CyberSecurity
The “lc” Leak: Critical 9.3 Severity LangChain Flaw Turns Prompt Injections into Secret Theft
A critical vulnerability was found in LangChain, the popular open-source framework used to power Large Language Model (LLM) agents. The flaw, tracked as CVE-2025-68664, carries a severe CVSS score of ...
-
Daily CyberSecurity
Zimbra Under Siege: High-Severity LFI Vulnerability Exposes Internal Files to Unauthenticated Attackers
Administrators of the popular Zimbra Collaboration Suite (ZCS) are being urged to patch immediately after the discovery of two distinct security vulnerabilities. The most severe of the pair allows una ...
-
Daily CyberSecurity
The Ghost in the Market: Unmasking “Fly,” the Secret Architect of the Infamous Russian Market
For over a decade, Russian Market has stood as a pillar of the cybercrime underground, a sprawling bazaar where stolen digital identities, browser cookies, and remote access credentials are sold by th ...