CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
FortiWeb Authentication Bypass Vulnerability Exploited – Script to Detect Vulnerable Appliances
Threat actors are actively exploiting a critical authentication bypass vulnerability in Fortinet’s FortiWeb web application firewall (WAF) worldwide, prompting defenders to heighten vigilance. Researc ...
-
Daily CyberSecurity
Critical ASUS DSL Router Flaw (CVE-2025-59367, CVSS 9.3) Allows Unauthenticated Remote Access
ASUS has released an urgent security advisory addressing a critical authentication bypass vulnerability affecting several models in its DSL Series Router lineup. The flaw, tracked as CVE-2025-59367 wi ...
-
seclists.org
Re: [FD] : "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Full Disclosure mailing list archives From: Patrick via Fulldisclosure <fulldisclosure () seclists org> Date: Fri, 07 Nov 2025 15:27:43 +0000 Hello Jan, You are completely right and it’s something I w ...
-
seclists.org
APPLE-SA-11-13-2025-1 Compressor 4.11.1
Full Disclosure mailing list archives From: Apple Product Security via Fulldisclosure <fulldisclosure () seclists org> Date: Thu, 13 Nov 2025 12:57:50 -0800 -----BEGIN PGP SIGNED MESSAGE----- Hash: SH ...
-
seclists.org
Re: 83 vulnerabilities in Vasion Print / PrinterLogic
Full Disclosure mailing list archives From: Pierre Kim <pierre.kim.sec () gmail com> Date: Tue, 11 Nov 2025 10:28:50 -0500 Hello, VulnCheck has assigned the following CVEs to the previously disclosed ...
-
Daily CyberSecurity
High-Severity NVIDIA NeMo Framework Flaws Allow Code Injection and Privilege Escalation in AI Pipelines
NVIDIA has released an important security update for its NeMo Framework, addressing two high-severity vulnerabilities that expose AI developers and machine-learning pipelines to risks including arbitr ...
-
Daily CyberSecurity
Amazon Exposes Advanced APT Exploiting Cisco ISE (RCE) and Citrix Bleed Two as Simultaneous Zero-Days
The Amazon Threat Intelligence team has uncovered a highly sophisticated threat campaign exploiting multiple zero-day vulnerabilities in Cisco Identity Services Engine (ISE) and Citrix systems, demons ...
-
Daily CyberSecurity
Critical Zoho Analytics Plus Flaw (CVE-2025-8324, CVSS 9.8) Allows Unauthenticated SQL Injection and Data Takeover
Zoho Corporation has released an urgent security advisory addressing a critical severity SQL injection vulnerability affecting Analytics Plus on-premise installations. Tracked as CVE-2025-8324 with a ...
-
CrowdStrike.com
From Domain User to SYSTEM: Analyzing the NTLM LDAP Authentication Bypass Vulnerability (CVE-2025-54918)
In September 2025, a critical vulnerability (CVE-2025-54918) was discovered affecting domain controllers running LDAP or LDAPS services. This vulnerability allows attackers to elevate privileges from ...
-
BleepingComputer
CISA warns of Akira ransomware Linux encryptor targeting Nutanix VMs
US government agencies are warning that the Akira ransomware operation has been spotted encrypting Nutanix AHV virtual machines in attacks. An updated joint advisory from CISA, the FBI, the Department ...