CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
Network Security / Vulnerability Cisco has confirmed that a Chinese threat actor known as Salt Typhoon gained access by likely abusing a known security flaw tracked as CVE-2018-0171, and by obtaining ... Read more
-
The Hacker News
CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks
Web Security / Vulnerability A high-severity security flaw impacting the Craft content management system (CMS) has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its ... Read more
-
Cyber Security News
Pegasus Spyware Used Widely to Target Individuals in Private Industry & Finance Sectors
Pegasus spyware, once considered a tool for targeting journalists and activists—is now being deployed against executives in the private sector, including finance, real estate, and logistics. In a Dece ... Read more
-
Cyber Security News
SPAWNCHIMERA Malware Exploiting Ivanti Buffer Overflow Vulnerability By Applying A Fix
Ivanti disclosed a critical buffer overflow vulnerability (CVE-2025-0282) affecting its Connect Secure VPN appliances. This vulnerability, caused by improper handling of the strncpy function in the we ... Read more
-
The Register
Ivanti endpoint manager can become endpoint ravager, thanks to quartet of critical flaws
Security engineers have released a proof-of-concept exploit for four critical Ivanti Endpoint Manager bugs, giving those who haven't already installed patches released in January extra incentive to re ... Read more
-
The Cyber Express
Improper Certificate Validation in RadiAnt DICOM Viewer Puts Healthcare Systems at Risk
A newly identified cybersecurity vulnerability in Medixant’s RadiAnt DICOM Viewer has raised concerns about potential security threats in the healthcare sector. The vulnerability tracked as CVE-2025-1 ... Read more
-
CrowdStrike.com
February 2025 Patch Tuesday: Four Zero-Days and Three Critical Vulnerabilities Among 67 CVEs
Microsoft has released security updates for 67 vulnerabilities in its February 2025 Patch Tuesday rollout. Among these are three Critical vulnerabilities and four zero-days affecting the Windows NTLMv ... Read more
-
seclists.org
MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client
Full Disclosure mailing list archives From: Qualys Security Advisory via Fulldisclosure <fulldisclosure () seclists org> Date: Tue, 18 Feb 2025 10:28:30 +0000 Qualys Security Advisory CVE-2025-26465: ... Read more
-
CrowdStrike.com
February 2025 Patch Tuesday: Four Zero-Days and Three Critical Vulnerabilities Among 67 CVEs
Microsoft has released security updates for 67 vulnerabilities in its February 2025 Patch Tuesday rollout. Among these are three Critical vulnerabilities and four zero-days affecting the Windows NTLMv ... Read more
-
Cyber Security News
Google Released PoC Exploit For Palo Alto Firewall Command Injection Vulnerability
Google’s Project Zero and Mandiant cybersecurity teams have jointly published a proof-of-concept (PoC) exploit for a high-severity command injection vulnerability in Palo Alto Networks’ PAN-OS OpenCon ... Read more