CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
Hackers Exploited Confluence Server Vulnerability To Deploy LockBit Ransomware
A sophisticated ransomware attack leveraging a critical Atlassian Confluence vulnerability (CVE-2023-22527, CVSS 10.0) has been uncovered, culminating in the deployment of LockBit Black ransomware acr ... Read more
-
Cyber Security News
Parallels Desktop 0-Day Vulnerability Gain Root Privileges – PoC Released
A critical 0-day vulnerability in Parallels Desktop virtualization software has been publicly disclosed, enabling local attackers to escalate privileges to root-level access on macOS systems. All vers ... Read more
-
Cyber Security News
Exim Mail Transfer Vulnerability Let Attackers Inject Malicious SQL Queries
Security researchers have uncovered a critical SQL injection vulnerability (CVE-2025-26794) in Exim, the widely-used mail transfer agent (MTA) that powers over 60% of internet mail servers. The flaw e ... Read more
-
Cyber Security News
PoC Exploit Released for F5 BIG-IP Command Injection Vulnerability
Security researchers have released proof-of-concept (PoC) exploit code for CVE-2025-20029, a high-severity command injection vulnerability affecting F5’s BIG-IP application delivery controllers. The f ... Read more
-
Cyber Security News
Nagios XI Vulnerability Allows Unauthenticated Users to View Other User Details & Email
A significant security vulnerability (CVE-2024-54961) has been identified in Nagios XI 2024R1.2.2, enabling unauthenticated attackers to retrieve sensitive user information, including usernames and em ... Read more
-
Cyber Security News
Fluent Bit 0-day Vulnerabilities Exposes Billions of Production Environments to Cyber Attacks
Researchers uncovered critical zero-day vulnerabilities in Fluent Bit, a ubiquitous logging utility embedded in cloud infrastructure across major providers like AWS, Google Cloud, and Microsoft Azure. ... Read more
-
Cyber Security News
UniFi Protect Camera Vulnerability Allows Remote Code Execution Attacks
Ubiquiti Networks has issued an urgent security advisory addressing five critical vulnerabilities in its UniFi Protect camera ecosystem, including two flaws enabling unauthenticated remote code execut ... Read more
-
CrowdStrike.com
February 2025 Patch Tuesday: Four Zero-Days and Three Critical Vulnerabilities Among 67 CVEs
Microsoft has released security updates for 67 vulnerabilities in its February 2025 Patch Tuesday rollout. Among these are three Critical vulnerabilities and four zero-days affecting the Windows NTLMv ... Read more
-
Cybersecurity News
Australia Bans Kaspersky Products from Government Systems, Citing “Unacceptable Security Risk”
The Australian Government has issued a new directive banning the use of Kaspersky Lab products and web services across all government systems and devices. The directive, issued by the Department of Ho ... Read more
-
The Register
Rather than add a backdoor, Apple decides to kill iCloud E2EE for UK peeps
Infosec in brief Apple has responded to the UK government's demand for access to its customers’ data stored in iCloud by deciding to turn off its Advanced Data Protection (ADP) end-to-end encryption s ... Read more