CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
Critical Vulnerability in Wazuh Server Enables Remote Attackers to Execute Malicious Code
A critical remote code execution (RCE) vulnerability has been discovered in the Wazuh server, a popular open-source security platform used for threat detection and compliance monitoring. Identified as ... Read more
-
The Register
US Cyber Command reportedly pauses cyberattacks on Russia
Infosec In Brief US Defense Secretary Pete Hegseth has reportedly ordered US Cyber Command to pause offensive operations against Russia, as the USA’s Cybersecurity and Infrastructure Security Agency ( ... Read more
-
Cybersecurity News
Windows Hyper-V Zero-Day CVE-2025-21333: PoC Drops, SYSTEM Access Exposed
Security researcher Alessandro Iandoli has published a proof-of-concept (PoC) exploit for CVE-2025-21333, a zero-day vulnerability in Windows Hyper-V that has been actively exploited in attacks. The f ... Read more
-
Cybersecurity News
CVE-2025-27154: Spotipy Vulnerability Exposes Spotify Auth Tokens
Spotipy, a popular Python library for interacting with the Spotify Web API, recently addressed a security vulnerability that could have exposed users’ authentication tokens. The vulnerability, identif ... Read more
-
Cybersecurity News
Extreme Networks Addresses Critical Security Vulnerabilities in HiveOS
Extreme Networks has recently released security advisories to address three critical vulnerabilities affecting its IQ Engine (HiveOS) product line. These vulnerabilities, discovered by Lukas Schauer w ... Read more
-
Cybersecurity News
Webmin Vulnerability Allows Bypassing of SSL Certificate Authentication
A security vulnerability has been discovered in Webmin, a widely used web-based system administration tool for Unix-like servers. The vulnerability, present in Webmin versions 2.202 and below, could a ... Read more
-
Cybersecurity News
Lotus Blossom Hackers Target Southeast Asia with Sagerunex Backdoor
Attack Chain | Image: Cisco TalosA sophisticated cyber espionage operation linked to the Lotus Blossom group has been discovered targeting government, manufacturing, telecommunications, and media sect ... Read more
-
Cybersecurity News
Arista EOS Devices Vulnerable to Unauthorized Data Access and Configuration Changes (CVE-2025-1259 & CVE-2025-1260)
Arista Networks, a leading provider of network switching solutions, has issued a security advisory warning of two vulnerabilities affecting its Extensible Operating System (EOS) software. The vulnerab ... Read more
-
Cybersecurity News
CVE-2024-47051 (CVSS 9.1): Critical RCE and File Deletion Flaws Expose 200,000+ Organizations
The Mautic project has disclosed a severe security vulnerability, CVE-2024-47051, affecting versions before 5.2.3, with a CVSS score of 9.1. This vulnerability, which enables Remote Code Execution (RC ... Read more
-
Cybersecurity News
Critical LDAP Injection Flaw in IBM TXSeries for Multiplatforms
IBM has released a security bulletin addressing a vulnerability in the Apache Derby package shipped with IBM TXSeries for Multiplatforms. The vulnerability, identified as CVE-2022-46337, carries a CVS ... Read more