CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Urgent CISA Alert: Ransomware Actors Exploiting SimpleHelp RMM Flaw (CVE-2024-57727)
The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with its federal partners, has issued a high-priority alert (AA25-163A) detailing how ransomware actors have exploited unp ...
-
Daily CyberSecurity
Warning: Discontinued Amazon Cloud Cam Has Vulnerability (CVE-2025-6031), Exposing Your Network
A newly disclosed vulnerability in the now-discontinued Amazon Cloud Cam has raised serious concerns about the risks of continuing to use unsupported smart home devices. Tracked as CVE-2025-6031 and r ...
-
Daily CyberSecurity
Apache Tomcat Under Attack: Massive Brute-Force Campaign Targets Manager Interfaces
A significant surge in brute-force attacks is targeting Apache Tomcat Manager interfaces, according to a new report from GreyNoise. On June 5, 2025, analysts observed a large-scale campaign where atta ...
-
Daily CyberSecurity
Flaw in PostgreSQL JDBC Driver (CVE-2025-49146) Exposes Database Connections to MITM Attacks!
A recently disclosed vulnerability in the PostgreSQL JDBC Driver (PgJDBC) could allow attackers to intercept database connections even when security settings are configured to prevent such attacks. Tr ...
-
Daily CyberSecurity
High-Severity Flaw in HashiCorp Nomad (CVE-2025-4922) Allows Privilege Escalation
HashiCorp has disclosed a high-severity vulnerability in its workload orchestration tool, Nomad, which could allow attackers to escalate privileges by exploiting a flaw in the system’s Access Control ...
-
Daily CyberSecurity
HelloTDS Unmasked: Covert Traffic System Funnels Millions to FakeCaptcha Malware!
A complex and evasive infrastructure dubbed HelloTDS is silently steering millions of internet users into the clutches of malware—particularly FakeCaptcha, a social engineering attack masquerading as ...
-
The Register
Ransomware scum disrupted utility services with SimpleHelp attacks
Ransomware criminals infected a utility billing software providers' customers, and in some cases disrupted services, after exploiting unpatched versions of SimpleHelp’s remote monitoring and managemen ...
-
Dark Reading
Researchers Detail Zero-Click Copilot Exploit 'EchoLeak'
Source: Adrian Vidal via Alamy Stock PhotoA critical vulnerability could have enabled attackers to unleash prompt injection attacks against Copilot users, though Microsoft ultimately addressed the iss ...
-
BleepingComputer
Trend Micro fixes critical vulnerabilities in multiple products
Trend Micro has released security updates to address multiple critical-severity remote code execution and authentication bypass vulnerabilities that impact its Apex Central and Endpoint Encryption (TM ...
-
BleepingComputer
Graphite spyware used in Apple iOS zero-click attacks on journalists
Forensic investigation has confirmed the use of Paragon's Graphite spyware platform in zero-click attacks that targeted Apple iOS devices of at least two journalists in Europe. Researchers at Citizen ...