CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
CISA adds Craft CMS and PaloAlto Flaws to KEV Catalog
The Cybersecurity and Infrastructure Security Agency (CISA) recently added two critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog. These vulnerabilities are:CVE-2025-23209: ... Read more
-
The Register
Oops, some of our customers' Power Pages-hosted sites were exploited, says Microsoft
Microsoft has fixed a security flaw in its Power Pages website-building SaaS, after criminals got there first – and urged users to check their sites for signs of exploitation. Power Pages is part of M ... Read more
-
Cyber Security News
Ivanti Endpoint Manager Vulnerabilities Proof-of-Concept (PoC) Exploit Released
A cluster of four critical vulnerabilities in Ivanti Endpoint Manager (EPM) has entered a dangerous new phase with the public release of proof-of-concept (PoC) exploit code, escalating risks for organ ... Read more
-
Cyber Security News
New NailaoLocker Ransomware Attacking European Healthcare
European healthcare organizations are facing a sophisticated cyber threat from a newly identified ransomware strain called NailaoLocker, deployed as part of a campaign tracked as Green Nailao by Orang ... Read more
-
CrowdStrike.com
February 2025 Patch Tuesday: Four Zero-Days and Three Critical Vulnerabilities Among 67 CVEs
Microsoft has released security updates for 67 vulnerabilities in its February 2025 Patch Tuesday rollout. Among these are three Critical vulnerabilities and four zero-days affecting the Windows NTLMv ... Read more
-
CrowdStrike.com
February 2025 Patch Tuesday: Four Zero-Days and Three Critical Vulnerabilities Among 67 CVEs
Microsoft has released security updates for 67 vulnerabilities in its February 2025 Patch Tuesday rollout. Among these are three Critical vulnerabilities and four zero-days affecting the Windows NTLMv ... Read more
-
BleepingComputer
Chinese hackers use custom malware to spy on US telecom networks
The Chinese state-sponsored Salt Typhoon hacking group uses a custom utility called JumbledPath to stealthily monitor network traffic and potentially capture sensitive data in cyberattacks on U.S. tel ... Read more
-
Cyber Security News
Rhadamanthys Infostealer Exploiting Microsoft Management Console to Execute Malicious Script
Researchers uncovered an ongoing campaign distributing the Rhadamanthys Infostealer through malicious Microsoft Management Console (MMC) files (.MSC), leveraging both a patched DLL vulnerability and l ... Read more
-
Cyber Security News
IBM OpenPages Vulnerability Let Attackers Steal Authentication Credentials
IBM has addressed multiple high-severity vulnerabilities in its OpenPages Governance, Risk, and Compliance (GRC) platform that could enable attackers to hijack user sessions, steal authentication cred ... Read more
-
The Register
Critical flaws in Mongoose library expose MongoDB to data thieves, code execution
Security sleuths found two critical vulnerabilities in a third-party library that MongoDB relies on, which means bad guys can potentially steal data and run code. Mongoose is an Object Data Modeling ( ... Read more