CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
ToddyCat Hackers Exploit ESET’s Command Line Scanner Vulnerability to Evade Detection
ToddyCat, the notorious APT group, used a sophisticated attack strategy to stealthily deploy malicious code in targeted systems by exploiting a weakness in ESET’s command line scanner. The vulnerabili ... Read more
-
CrowdStrike.com
Kubernetes IngressNightmare Vulnerabilities: What You Need to Know
We would like to recognize Amit Serper, Travis Lowe, Tony Gore, Adrian Godoy, Mihai Vasilescu, Suraj Sahu, Pablo Ramos, Raj Jammalamadaka, Lacie Griffin, and Josh Grunzweig for their contributions in ... Read more
-
Cyber Security News
50,000+ WordPress Sites Vulnerable to Privilege Escalation Attacks
In a recent discovery, over 50,000 WordPress sites using the popular “Uncanny Automator” plugin have been found vulnerable to privilege escalation attacks. This alarming flaw allows authenticated user ... Read more
-
Cyber Security News
MediaTek Security Update – Patch for Vulnerabilities Affecting Smartphone, Tablet, & other Devices
MediaTek has released a critical security update addressing multiple vulnerabilities in its chipsets, with one critical flaw that could potentially allow attackers to execute malicious code remotely o ... Read more
-
Cyber Security News
Python JSON Logger Vulnerability Allows Remote Code Execution – PoC Released
A critical vulnerability in the widely-used python-json-logger library has been identified, potentially allowing attackers to execute arbitrary code on affected systems. The flaw, tracked as CVE-2025- ... Read more
-
Help Net Security
WinRAR MotW bypass flaw fixed, update ASAP (CVE-2025-31334)
WinRAR users, upgrade your software as soon as possible: a vulnerability (CVE-2025-31334) that could allow attackers to bypass Windows’ Mark of the Web (MotW) security warning and execute arbitrary co ... Read more
-
The Hacker News
⚡ Weekly Recap: VPN Exploits, Oracle's Silent Breach, ClickFix Comeback and More
Threat Intelligence / Cybersecurity Today, every unpatched system, leaked password, and overlooked plugin is a doorway for attackers. Supply chains stretch deep into the code we trust, and malware hid ... Read more
-
InfoSec Write-ups
Remix and React Router Vulnerability CVE-2025–31137 -$$$$ BOUNTY
Disclaimer: This document is for educational purposes only. Exploiting systems without authorization is illegal and punishable by law.Stay ethical. Stay legal. Secure responsibly.Thanks, Everyone for ... Read more
-
Kaspersky
How ToddyCat tried to hide behind AV software
To hide their activity in infected systems, APT groups resort to various techniques to bypass defenses. Most of these techniques are well known and detectable by both EPP solutions and EDR threat-moni ... Read more
-
Cyber Security News
New Sakura RAT Emerges on GitHub, Successfully Evading AV & EDR Protections
A new Remote Access Trojan (RAT) called Sakura has been published on GitHub. Due to its sophisticated anti-detection capabilities and comprehensive system control features, Sakura is raising significa ... Read more