CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Cisco Addresses High Severity Vulnerabilities in Enterprise Chat and Email, and Meraki MX/Z Series Devices
Cisco has released security advisories addressing vulnerabilities in its Enterprise Chat and Email (ECE) product and its Meraki MX and Z Series devices. These vulnerabilities could allow for denial-of ... Read more
-
CrowdStrike.com
Kubernetes IngressNightmare Vulnerabilities: What You Need to Know
We would like to recognize Amit Serper, Travis Lowe, Tony Gore, Adrian Godoy, Mihai Vasilescu, Suraj Sahu, Pablo Ramos, Raj Jammalamadaka, Lacie Griffin, and Josh Grunzweig for their contributions in ... Read more
-
BleepingComputer
Max severity RCE flaw discovered in widely used Apache Parquet
A maximum severity remote code execution (RCE) vulnerability has been discovered impacting all versions of Apache Parquet up to and including 1.15.0. The problem stems from the deserialization of untr ... Read more
-
Dark Reading
China-Linked Threat Group Exploits Ivanti Bug
Source: David Carillet via ShutterstockA likely China-nexus cyber-espionage group is actively exploiting a vulnerability in certain versions of Ivanti's Connect Secure, Policy Secure, and ZTA gateway ... Read more
-
Dark Reading
Disclosure Drama Clouds CrushFTP Vulnerability Exploitation
Aleksey Funtap via Alamy Stock PhotoA critical CrushFTP vulnerability now under exploitation in the wild has become mired in controversy and confusion.On March 31, the Shadowserver Foundation reported ... Read more
-
The Register
Suspected Chinese spies right now hijacking buggy Ivanti gear – for third time in 3 years
Suspected Chinese government spies have been exploiting a newly disclosed critical bug in Ivanti VPN appliances since mid-March. This is now at least the third time in three years these snoops have be ... Read more
-
CrowdStrike.com
Kubernetes IngressNightmare Vulnerabilities: What You Need to Know
We would like to recognize Amit Serper, Travis Lowe, Tony Gore, Adrian Godoy, Mihai Vasilescu, Suraj Sahu, Pablo Ramos, Raj Jammalamadaka, Lacie Griffin, and Josh Grunzweig for their contributions in ... Read more
-
Help Net Security
Ivanti VPN customers targeted via unrecognized RCE vulnerability (CVE-2025-22457)
A suspected Chinese APT group has exploited CVE-2025-22457 – a buffer overflow bug that was previously thought not to be exploitable – to compromise appliances running Ivanti Connect Secure (ICS) 22.7 ... Read more
-
BleepingComputer
Ivanti patches Connect Secure zero-day exploited since mid-March
Ivanti has released security updates to patch a critical Connect Secure remote code execution vulnerability exploited by a China-linked espionage actor to deploy malware since at least mid-March 2025. ... Read more
-
CrowdStrike.com
Kubernetes IngressNightmare Vulnerabilities: What You Need to Know
We would like to recognize Amit Serper, Travis Lowe, Tony Gore, Adrian Godoy, Mihai Vasilescu, Suraj Sahu, Pablo Ramos, Raj Jammalamadaka, Lacie Griffin, and Josh Grunzweig for their contributions in ... Read more