CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
GitHub Enterprise Server Vulnerabilities Expose Risk of Code Execution and Data Leaks
GitHub has released security updates to address several vulnerabilities in GitHub Enterprise Server, including a high-severity flaw that could allow attackers to execute arbitrary code. Organizations ...
-
cloudsecurityalliance.org
Virtual Patching: How to Protect VMware ESXi from Zero-Day Exploits
Originally published by Vali Cyber. Written by Nathan Montierth. Recently, three VMware zero-day vulnerabilities (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226) were patched amid concerns of active e ...
-
Cyber Security News
Leaked KeyPlug Malware Infrastructure Contains Exploit Scripts to Hack Fortinet Firewall and VPN
A server briefly linked to the notorious KeyPlug malware has inadvertently exposed a comprehensive arsenal of exploitation tools specifically designed to target Fortinet firewall and VPN appliances. T ...
-
BleepingComputer
ASUS warns of critical auth bypass flaw in routers using AiCloud
ASUS is warning about an authentication bypass vulnerability in routers with AiCloud enabled that could allow remote attackers to perform unauthorized execution of functions on the device. The vulnera ...
-
BleepingComputer
SonicWall SMA VPN devices targeted in attacks since January
A remote code execution vulnerability affecting SonicWall Secure Mobile Access (SMA) appliances has been under active exploitation since at least January 2025, according to cybersecurity company Arcti ...
-
BleepingComputer
Chinese hackers target Russian govt with upgraded RAT malware
Chinese-speaking IronHusky hackers are targeting Russian and Mongolian government organizations using upgraded MysterySnail remote access trojan (RAT) malware. Security researchers at Kaspersky's Glob ...
-
TheCyberThrone
CISA adds Microsoft and Apple vulnerabilities to KEV Catalog
The Cybersecurity and Infrastructure Security Agency (CISA) has added three newly exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, signaling active exploitation in the w ...
-
Dark Reading
Apple Zero-Days Under 'Sophisticated Attack,' but Details Lacking
dpa picture alliance / AlamyTwo Apple zero-day vulnerabilities were exploited in "extremely sophisticated attacks," according to the technology giant, but it has provided little detail on the threats. ...
-
Cyber Security News
Linux Kernel Vulnerability Let Attackers Escalate Privilege – PoC Released
A newly discovered vulnerability, CVE-2024-53141, in the Linux kernel’s IP sets framework has exposed a critical security flaw that allows local attackers to escalate privileges and potentially gain r ...
-
BleepingComputer
Cisco Webex bug lets hackers gain code execution via meeting links
Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code execution using malicious meeting invite links. Tracke ...