CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
JetBrains Makes Its Language Server Protocol API Free
The integrated development environment (IDE) tools vendor JetBrains has announced changes to its LSP API—the Language Server Protocol interface—which will now be made available free of charge. In July ... Read more
-
CybersecurityNews
Critical Qualcomm Vulnerabilities Allow Attackers to Execute Arbitrary Code Remotely
Multiple critical vulnerabilities in Qualcomm Technologies’ proprietary Data Network Stack and Multi-Mode Call Processor that permit remote attackers to execute arbitrary code. These flaws, tracked as ... Read more
-
CrowdStrike.com
August 2025 Patch Tuesday: One Publicly Disclosed Zero-Day and 13 Critical Vulnerabilities Among 107 CVEs
Microsoft has addressed 107 vulnerabilities in its August 2025 security update release. This month's patches include fixes for one publicly disclosed zero-day vulnerability and 13 Critical vulnerabili ... Read more
-
CrowdStrike.com
MURKY PANDA: A Trusted-Relationship Threat in the Cloud
Since late 2024, CrowdStrike Counter Adversary Operations has observed significant activity conducted by MURKY PANDA, a China-nexus adversary that has targeted government, technology, academic, legal, ... Read more
-
Daily CyberSecurity
CVE-2025-57808: ESPHome Web Server Authentication Bypass Exposes Smart Devices
The ESPHome project, a popular open-source firmware framework for ESP32- and ESP8266-based smart home devices, has disclosed a critical vulnerability that undermines basic authentication in its web se ... Read more
-
Daily CyberSecurity
Critical CVE-2025-21483 & CVE-2025-27034 in Qualcomm Modems Score CVSS 9.8
Qualcomm has published its September 2025 Security Bulletin, addressing a wide range of vulnerabilities across its chipsets, connectivity stacks, and automotive platforms. In total, dozens of flaws we ... Read more
-
Daily CyberSecurity
CVE-2025-6203: DoS Flaw in HashiCorp Vault Allows Attackers to Crash Servers
HashiCorp has issued a security advisory for a newly disclosed vulnerability in Vault, its widely used secrets management platform. Tracked as CVE-2025-6203 and rated CVSS 7.5 (High), the flaw could a ... Read more
-
Daily CyberSecurity
A Deceptive Ad Campaign Is Stealing Credentials from the Hospitality Industry
The phishing page prompts for OTP codes sent via SMS | Image: Okta Okta Threat Intelligence is sounding the alarm over a large-scale phishing campaign that has been actively impersonating major player ... Read more
-
Daily CyberSecurity
CVE-2025-58158 Flaw in Harness Gitness Allows Arbitrary File Write
The open-source DevOps ecosystem has been hit with another critical security issue—this time in Harness Open Source, a platform that combines code hosting, automated pipelines, Gitspaces, and artifact ... Read more
-
CrowdStrike.com
August 2025 Patch Tuesday: One Publicly Disclosed Zero-Day and 13 Critical Vulnerabilities Among 107 CVEs
Microsoft has addressed 107 vulnerabilities in its August 2025 security update release. This month's patches include fixes for one publicly disclosed zero-day vulnerability and 13 Critical vulnerabili ... Read more