CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
CodeQLEAKED – GitHub Supply Chain Attack Allows Code Execution Using CodeQL Repositories
A significant vulnerability in GitHub’s CodeQL actions could have permitted attackers to execute malicious code across hundreds of thousands of repositories. The vulnerability, assigned CVE-2025-24362 ... Read more
-
TheCyberThrone
CISA KEV Catalog Update Part VII – March 2025
CISA’s add vulnerabilities related to Sitecore CMS and Reviewdog GitHub Actions to its Known Exploited Vulnerabilities (KEV) catalog1. Sitecore CMS VulnerabilitiesCISA has identified critical vulnerab ... Read more
-
Cybersecurity News
CVE-2025-2848: Synology Mail Server Vulnerability Allows Remote Configuration Tampering
A recently disclosed vulnerability in Synology Mail Server could allow remote authenticated attackers to tamper with system configurations, potentially impacting the stability of mail services in ente ... Read more
-
Cyber Security News
Exim Use-After-Free Vulnerability Allows Privilege Escalation
A critical security vulnerability has been identified in the widely used Exim mail transfer agent (MTA), potentially allowing attackers with command-line access to escalate privileges on affected syst ... Read more
-
The Hacker News
CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices
Vulnerability / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two six-year-old security flaws impacting Sitecore CMS and Experience Platform (XP) to it ... Read more
-
Cybersecurity News
Windows Print Glitch Fixed: KB5053657
Microsoft released the optional non-security update (KB5053657) to Windows 10 and 11 yesterday. These updates are typically intended for testing purposes and, if found to be stable, are incorporated i ... Read more
-
The Hacker News
NetApp SnapCenter Flaw Could Let Users Gain Remote Admin Access on Plug-In Systems
Vulnerability / Enterprise Security A critical security flaw has been disclosed in NetApp SnapCenter that, if successfully exploited, could allow privilege escalation. SnapCenter is an enterprise-focu ... Read more
-
TheCyberThrone
Google Chrome was affected by CVE-2025-2783
CVE-2025-2783 is a zero-day vulnerability affecting Google Chrome, uncovered in a targeted cyber-espionage campaign known as Operation ForumTroll. This critical flaw has allowed attackers to bypass Ch ... Read more
-
Cybersecurity News
Millions at Risk: PoC Exploit Releases for Vite Arbitrary File Read Flaw (CVE-2025-30208)
Vite, the blazing-fast frontend build tool that powers millions of modern web applications, has been found vulnerable to a file access control bypass flaw that could expose arbitrary file contents to ... Read more
-
Cyber Security News
Splunk RCE Vulnerability Let Attackers Execute Arbitrary Code Via File Upload
Splunk has released patches to address a high-severity Remote Code Execution (RCE) vulnerability affecting Splunk Enterprise and Splunk Cloud Platform. The vulnerability, identified as CVE-2025-20229, ... Read more