CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Dark Reading
China-Backed Hackers Target SentinelOne in 'PurpleHaze' Attack Spree
Source: Shane Stickley via Alamy Stock PhotoThreat actors from China targeted a security vendor as part of a spree of attacks against various organizations that occurred in an eight-month period start ...
-
Cyber Security News
Jenkins Gatling Plugin Vulnerability Let Attackers Bypass Content-Security-Policy Protection
A critical cross-site scripting (XSS) vulnerability in the popular Jenkins Gatling Plugin allows attackers to bypass Content-Security-Policy (CSP) protections. The vulnerability, tracked as CVE-2025-5 ...
-
The Hacker News
⚡ Weekly Recap: Chrome 0-Day, Data Wipers, Misused Tools and Zero-Click iPhone Attacks
Cybersecurity / Hacking News Behind every security alert is a bigger story. Sometimes it's a system being tested. Sometimes it's trust being lost in quiet ways—through delays, odd behavior, or subtle ...
-
Daily CyberSecurity
Critical 9.8 CVSS Flaw: Unpatched PayU CommercePro Plugin Allows Admin Account Takeover!
A severe vulnerability in the PayU CommercePro plugin for WordPress, which has over 5,000 active installations, allows unauthenticated attackers to take over any user account, including admins. Tracke ...
-
security.nl
Digitale videorecorders TBK aangevallen door Mirai-botnet
Digitale videorecorders van fabrikant TBK zijn het doelwit van een variant van de Mirai-malware, die besmette apparaten onderdeel maakt van een botnet. Dat laat antivirusbedrijf Kaspersky in een analy ...
-
The Register
Chinese spy crew appears to be preparing for conflict by backdooring 75+ critical orgs
An IT services company, a European media group, and a South Asian government entity are among the more than 75 companies where China-linked groups have planted malware to access strategic networks sho ...
-
Cyber Security News
PoC Exploit Released for Fortinet 0-Day Vulnerability that Allows Remote Code Execution
A new proof-of-concept (PoC) exploit for a critical zero-day vulnerability affecting multiple Fortinet products raises urgent concerns about the security of enterprise network infrastructure. The vuln ...
-
Daily CyberSecurity
Critical CVSS 10.0 Flaws in B. Braun OnlineSuite Threaten Healthcare Infrastructure
B. Braun Melsungen AG has issued a high-priority security advisory warning of three severe vulnerabilities affecting its OnlineSuite AP 3.0 and earlier, including one rated a maximum CVSS score of 10. ...
-
Daily CyberSecurity
UNC1151 Exploits Roundcube Flaw in Spear Phishing Attack
CERT Polska has sounded the alarm after uncovering a spear phishing campaign that targeted Polish organizations using a critical webmail vulnerability. The campaign is linked to the UNC1151 APT group, ...
-
Daily CyberSecurity
Go Fixes Three Security Flaws: Update Your Apps Now!
The Go team has rolled out versions 1.24.4 and 1.23.10, addressing three critical security vulnerabilities affecting core packages such as net/http, os, and crypto/x509. While these are minor point re ...