CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
CVE-2025-27554 (CVSS 9.9): Critical Flaw Found in ToDesktop Electron App Bundler
A recently disclosed vulnerability in ToDesktop, an Electron app bundler service, could have allowed attackers to execute arbitrary commands on the build server and deploy unauthorized updates to appl ... Read more
-
Cybersecurity News
Cellebrite Spyware Bypasses Android Lock Screens with Zero-Day Flaws
Israeli digital intelligence company Cellebrite offers intelligence gathering and forensic review services to its clients. Additionally, the company provides certain undisclosed zero-day vulnerabiliti ... Read more
-
BleepingComputer
Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks
Microsoft had discovered five Paragon Partition Manager BioNTdrv.sys driver flaws, with one used by ransomware gangs in zero-day attacks to gain SYSTEM privileges in Windows. The vulnerable drivers we ... Read more
-
security.nl
Amnesty: Cellebrite gebruikte Android usb-lek voor ontgrendelen telefoons
Ontwikkelaar van forensische software Cellebrite heeft drie kwetsbaarheden in de usb-kerneldrivers van Android gebruikt voor het ontgrendelen van vergrendelde telefoons, zo meldt mensenrechtenorganisa ... Read more
-
TheCyberThrone
CVE-2025-20059 impacts Ping Identity
CVE-2025-20059 represents a critical security vulnerability known as a Relative Path Traversal flaw, which impacts the Ping Identity PingAM Java Policy Agent. This vulnerability allows for parameter i ... Read more
-
Cybersecurity News
CVE-2024-53675: PoC Exploit Released for HPE Insight RS XML Injection Flaw
Security researcher Robin recently disclosed details and a PoC exploit code of an XML external entity injection (XXE) vulnerability, tracked as CVE-2024-53675, affecting HPE Insight Remote Support (In ... Read more
-
TheCyberThrone
CVE-2025-27364 affects MITRE Caldera
CVE-2025-27364 is a critical Remote Code Execution (RCE) vulnerability identified in MITRE Caldera, a highly regarded cybersecurity platform used for adversary emulation, detection evaluation, and tra ... Read more
-
Cyber Security News
Android Phone’s Unlocked Using Cellebrite’s Linux USB Zero-day Exploit
Amnesty International’s Security Lab has uncovered a sophisticated cyber-espionage campaign in Serbia, where authorities used a zero-day exploit chain developed by Cellebrite to unlock the Android pho ... Read more
-
Cybersecurity News
CVE-2025-27110: ModSecurity Vulnerability Leaves Web Applications Exposed
A newly discovered vulnerability in ModSecurity, a popular open-source web application firewall (WAF), could leave countless web applications vulnerable to attack. The vulnerability, tracked as CVE-20 ... Read more
-
Cybersecurity News
DragonForce Ransomware Group Targets Saudi Arabia with Large-Scale Data Breach
Image: ResecurityThe DragonForce ransomware group has launched a major cyberattack against organizations in Saudi Arabia, marking its first known attack on a large KSA enterprise entity. The attack, d ... Read more