CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
CISA orders feds to patch Samsung zero-day used in spyware attacks
CISA ordered U.S. federal agencies today to patch a critical Samsung vulnerability that has been exploited in zero-day attacks to deploy LandFall spyware on devices running WhatsApp. Tracked as CVE-20 ...
-
BleepingComputer
Popular JavaScript library expr-eval vulnerable to RCE flaw
A critical vulnerability in the popular expr-eval JavaScript library, with over 800,000 weekly downloads on NPM, can be exploited to execute code remotely through maliciously crafted input. The securi ...
-
hackread.com
LANDFALL Spyware Targeted Samsung Galaxy Phones via Malicious Images
Security researchers from Palo Alto Networks’ Unit 42 have discovered a dangerous new commercial-grade spyware called LANDFALL that secretly targeted Samsung Galaxy smartphones for months. This sophis ...
-
Google Cloud
No Place Like Localhost: Unauthenticated Remote Access via Triofox Vulnerability CVE-2025-12480
Written by: Stallone D'Souza, Praveeth DSouza, Bill Glynn, Kevin O'Flynn, Yash Gupta Welcome to the Frontline Bulletin Series Straight from Mandiant Threat Defense, the "Frontline Bulletin" series bri ...
-
CybersecurityNews
Critical Vulnerability in Popular NPM Library Exposes AI and NLP Apps to Remote Code Execution
A critical security flaw has been discovered in the widely used npm package expr-eval, potentially exposing AI and natural language processing applications to remote code execution attacks. The vulner ...
-
CybersecurityNews
LangGraph Vulnerability Allows Malicious Python Code Execution During Deserialization
A critical remote code execution vulnerability has been discovered in LangGraph’s checkpoint serialization system. The flaw CVE-2025-64439 affects versions of langgraph-checkpoint before 3.0. It allo ...
-
The Hacker News
⚡ Weekly Recap: Hyper-V Malware, Malicious AI Bots, RDP Exploits, WhatsApp Lockdown and More
Cyber threats didn't slow down last week—and attackers are getting smarter. We're seeing malware hidden in virtual machines, side-channel leaks exposing AI chats, and spyware quietly targeting Android ...
-
security.nl
The Washington Post getroffen door aanval op E-Business Suite van Oracle
The Washington Post is getroffen door een cyberaanval op de E-Business Suite van Oracle, meldt de Amerikaanse krant in een verklaring. De impact van de aanval is onduidelijk. Oracle E-Business Suite i ...
-
hackread.com
Monsta FTP Vulnerability Exposed Thousands of Servers to Full Takeover
A web-based file management application, Monsta FTP, was recently found to have a serious security problem that could allow hackers to completely take over a web server. Cybersecurity firm watchTowr d ...
-
CybersecurityNews
Elastic Defend for Windows Vulnerability Let Attackers Escalate Privileges
Elastic has disclosed a significant security vulnerability in Elastic Defend for Windows that could allow attackers to escalate their privileges on affected systems. Tracked as CVE-2025-37735 and desi ...