CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Critical W3 Total Cache Flaw (CVE-2025-9501, CVSS 9.0) Risks Unauthenticated RCE on 1 Million WordPress Sites
A newly disclosed high-severity security flaw in the widely used W3 Total Cache (W3TC) plugin is putting more than 1 million WordPress websites at risk. Tracked as CVE-2025-9501, the vulnerability car ...
-
Daily CyberSecurity
CISA/Europol Warn: Akira Ransomware Profits Hit $244M, Group Expands to Encrypt Nutanix AHV VMs
The United States Cybersecurity and Infrastructure Security Agency (CISA), alongside a coalition of global law-enforcement and cybersecurity organizations, has issued a warning about the rapidly evolv ...
-
Daily CyberSecurity
Google Patches Actively Exploited Chrome Zero-Day Flaw (CVE-2025-13223) in Emergency Update
Google has issued an urgent, out-of-band security update for the Chrome Stable channel, addressing two separate Type Confusion vulnerabilities in the critical V8 JavaScript engine. The most serious of ...
-
BleepingComputer
RondoDox botnet malware now hacks servers using XWiki flaw
The RondoDox botnet malware is now exploiting a critical remote code execution (RCE) flaw in XWiki Platform tracked as CVE-2025-24893. On October 30, the U.S. Cybersecurity and Information Security Ag ...
-
The Cyber Express
IBM AIX Hit by Three Critical Vulnerabilities, One a Perfect 10. Patch Now!
Vulnerabilities in the IBM AIX operating system for Power servers could allow remote attackers to execute arbitrary commands, obtain Network Installation Manager (NIM) private keys, or traverse direct ...
-
The Cyber Express
Logitech Confirms Data Breach Following CL0P Victim Claims
Logitech International S.A. has confirmed that it was hit by a data breach, the company said in an SEC filing late last week. Logitech’s 8-K filing released on Nov. 14 was short on details, but the co ...
-
BleepingComputer
Pennsylvania AG confirms data breach after INC Ransom attack
The office of Pennsylvania's attorney general has confirmed that the ransomware gang behind an August 2025 cyberattack stole files containing personal and medical information. This comes after Attorne ...
-
Help Net Security
Logitech confirms data breach
Logitech, the Swiss multinational electronics and technology company best known for marketing computer peripherals and hardware, has suffered a data breach. “While the investigation is ongoing, at thi ...
-
CybersecurityNews
CISA Warns of Fortinet FortiWeb WAF Vulnerability Exploited in the Wild to Gain Admin Access
CISA has issued an urgent alert about a critical vulnerability in Fortinet’s FortiWeb Web Application Firewall (WAF), actively exploited by threat actors to seize administrative control of affected sy ...
-
The Hacker News
⚡ Weekly Recap: Fortinet Exploited, China's AI Hacks, PhaaS Empire Falls & More
This week showed just how fast things can go wrong when no one's watching. Some attacks were silent and sneaky. Others used tools we trust every day — like AI, VPNs, or app stores — to cause damage wi ...