CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Help Net Security
PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433)
There are now several public proof-of-concept (PoC) exploits for a maximum-severity vulnerability in the Erlang/OTP SSH server (CVE-2025-32433) unveiled last week. “All users running an SSH server bas ...
-
Cyber Security News
New Rust Botnet Hijacking Routers to Inject Commands Remotely
A sophisticated new botnet malware written in the Rust programming language has been discovered targeting vulnerable router devices worldwide. Dubbed “RustoBot” due to its Rust-based implementation, t ...
-
Kaspersky
Update PyTorch ASAP | Kaspersky official blog
vulnerability Researchers have found a way to exploit a security mechanism in a popular machine-learning framework. April 22, 2025 A researcher has discovered a vulnerability in PyTorch – an open-sour ...
-
Cyber Security News
Patching Vulnerabilities Faster Reduces Risks & Lower Cyber Risk Index
A significant correlation between vulnerability patching speed and reduced cybersecurity risks has emerged according to groundbreaking research released on March 25, 2025. Organizations implementing r ...
-
The Register
Google's email spoofed by cunning phisherfolk who re-used DKIM creds
Infosec In Brief Email security outfit EasyDMARC recently spotted a phishing campaign that successfully spoofed Google with a sophisticated attack. As explained in a technical breakdown, the attackers ...
-
Cyber Security News
Critical Windows Update Stack Vulnerability Allows Code Execution & Privilege Escalation
A security flaw has been identified in the Windows Update Stack, exposing millions of Windows systems to the risk of unauthorized code execution and privilege escalation. Tracked as CVE-2025-21204, th ...
-
Cyber Security News
HPE Performance Cluster Manager Vulnerability Allow Remote Attacker to Bypass Authentication
A critical vulnerability in Hewlett Packard Enterprise‘s Performance Cluster Manager has been identified, enabling attackers to remotely bypass authentication safeguards. The flaw, formally documented ...
-
The Cyber Express
Critical Security Vulnerability Found in WordPress Plugin InstaWP Connect
The Moroccan authorities have warned users of a critical vulnerability in the popular WordPress plugin, InstaWP Connect. The General Directorate of Information Systems Security (DGSSI), which operates ...
-
huntress.com
Say Hello to Mac Malware
Yes, Windows devices are still very much a business favorite—but the adoption of macOS devices has been steadily ticking upward. Threat actors have noticed. More macOS malware variants have cropped up ...
-
The Hacker News
Lotus Panda Hacks SE Asian Governments With Browser Stealers and Sideloaded Malware
Cyber Espionage / Threat Intelligence The China-linked cyber espionage group tracked as Lotus Panda has been attributed to a campaign that compromised multiple organizations in an unnamed Southeast As ...