CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
OpenPGP.js Vulnerability Let Attackers Spoof Message Signature Verification
A critical vulnerability in the widely-used OpenPGP.js library has been discovered that allows attackers to forge digital signatures and deceive users into believing malicious content was legitimately ... Read more
-
Cyber Security News
Palo Alto Networks PAN-OS Vulnerability Enables Admin to Execute Root User Actions
A critical command injection vulnerability in Palo Alto Networks PAN-OS operating system enables authenticated administrative users to escalate privileges and execute commands as the root user. Design ... Read more
-
Cyber Security News
Multiple GitLab Vulnerabilities Allow Attackers to Achieve Complete Account Takeover
A series of critical security vulnerabilities across GitLab Community Edition (CE) and Enterprise Edition (EE) platforms that could enable attackers to achieve complete account takeover and compromise ... Read more
-
Daily CyberSecurity
CVE-2025-41234: Spring Framework Vulnerability Enables Reflected File Download Attacks
The Spring project has released a security advisory disclosing a vulnerability in the popular Spring Framework, which could allow attackers to launch Reflected File Download (RFD) attacks under certai ... Read more
-
Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
EchoLeak Zero-Click AI Attack in Microsoft Copilot Exposes Company Data
Cybersecurity firm Aim Labs has uncovered a serious new security problem, named EchoLeak, affecting Microsoft 365 (M365) Copilot, a popular AI assistant. This flaw is a zero-click vulnerability, meani ... Read more
-
BleepingComputer
GitLab patches high severity account takeover, missing auth issues
GitLab has released security updates to address multiple vulnerabilities in the company's DevSecOps platform, including ones enabling attackers to take over accounts and inject malicious jobs in futur ... Read more
-
Cyber Security News
Trend Micro Apex One Vulnerability Allow Attackers to Inject Malicious Code
Multiple critical security vulnerabilities in the Trend Micro Apex One enterprise security platform could enable attackers to inject malicious code and escalate privileges on affected systems. The com ... Read more
-
The Hacker News
Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
A novel attack technique named EchoLeak has been characterized as a "zero-click" artificial intelligence (AI) vulnerability that allows bad actors to exfiltrate sensitive data from Microsoft 365 Copil ... Read more
-
Cyber Security News
Palo Alto Networks PAN-OS Vulnerability Let Attacker Run Arbitrary Commands as Root User
A newly disclosed command injection vulnerability in Palo Alto Networks’ PAN-OS operating system poses significant security risks to enterprise firewall infrastructures worldwide. The vulnerability, c ... Read more
-
BleepingComputer
Windows 11 24H2 emergency update fixes Easy Anti-Cheat BSOD issue
Microsoft has released an emergency Windows 11 24H2 update to address an incompatibility issue triggering restarts with blue screen of death (BSOD) errors on systems with Easy Anti-Cheat. The out-of-b ... Read more