CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
New TP-Link zero-day surfaces as CISA warns other flaws are exploited
TP-Link has confirmed the existence of an unpatched zero-day vulnerability impacting multiple router models, as CISA warns that other router flaws have been exploited in attacks. The zero-day vulnerab ... Read more
-
The Register
Windows starts asking for admin rights where it shouldn't after security fix
Microsoft's August 2025 Windows Security Update is causing pain for administrators after a fix for a vulnerability led to some unintended consequences. The fix was related to CVE-2025-50173, which add ... Read more
-
CrowdStrike.com
MURKY PANDA: A Trusted-Relationship Threat in the Cloud
Since late 2024, CrowdStrike Counter Adversary Operations has observed significant activity conducted by MURKY PANDA, a China-nexus adversary that has targeted government, technology, academic, legal, ... Read more
-
TheCyberThrone
Critical Sitecore Zero-Day Flaw
September 4, 2025IntroductionOn September 3, 2025, a critical zero-day vulnerability (CVE-2025-53690) in the Sitecore Experience Platform sent shockwaves through the enterprise content management comm ... Read more
-
CrowdStrike.com
MURKY PANDA: A Trusted-Relationship Threat in the Cloud
Since late 2024, CrowdStrike Counter Adversary Operations has observed significant activity conducted by MURKY PANDA, a China-nexus adversary that has targeted government, technology, academic, legal, ... Read more
-
cert.pl
Vulnerability in Concept Intermedia GOV CMS software
Vulnerability in Concept Intermedia GOV CMS software CVE ID CVE-2025-7385 Publication date 04 September 2025 Vendor Concept Intermedia Product GOV CMS Vulnerable versions All before 4.0 Vulnerability ... Read more
-
Help Net Security
macOS vulnerability allowed Keychain and iOS app decryption without a password
Today at Nullcon Berlin, a researcher disclosed a macOS vulnerability (CVE-2025-24204) that allowed attackers to read the memory of any process, even with System Integrity Protection (SIP) enabled. Th ... Read more
-
The Cyber Express
Django Web Vulnerability Exposes Applications to High-Risk SQL Injection – CVE-2025-57833
A serious Django web vulnerability has been identified, prompting immediate action from the Django web framework development team. The flaw, officially registered as CVE-2025-57833, affects the Filter ... Read more
-
BleepingComputer
Microsoft says recent Windows updates cause app install issues
Microsoft says the August 2025 security updates are triggering unexpected User Account Control (UAC) prompts and app installation issues for non-admin users across all supported Windows versions. This ... Read more
-
Help Net Security
Sitecore zero-day vulnerability exploited by attackers (CVE-2025-53690)
A threat actor is leveraging a zero-day vulnerability (CVE-2025-53690) and an exposed sample ASP.NET machine key to breach internet-facing, on-premises deployments of several Sitecore solutions, Mandi ... Read more