CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CrowdStrike.com
MURKY PANDA: A Trusted-Relationship Threat in the Cloud
Since late 2024, CrowdStrike Counter Adversary Operations has observed significant activity conducted by MURKY PANDA, a China-nexus adversary that has targeted government, technology, academic, legal, ... Read more
-
Daily CyberSecurity
QNAP Patches Critical Flaw (CVE-2025-52856) with CVSS 9.3
QNAP has released a security advisory addressing multiple vulnerabilities affecting the QVR firmware on legacy VioStor NVR devices. The flaws include an improper authentication bug and a path traversa ... Read more
-
Daily CyberSecurity
A Critical Zero-Click WhatsApp Flaw, CVE-2025-55177, Was Exploited in Zero-Day Attacks
Meta’s WhatsApp Security Team has patched a zero-day flaw (CVE-2025-55177) in WhatsApp for iOS (prior to v2.25.21.73), WhatsApp Business for iOS (prior to v2.25.21.78), and WhatsApp for Mac (prior to ... Read more
-
The Hacker News
Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution
Aug 29, 2025Ravie LakshmananVulnerability / Web Security Three new security vulnerabilities have been disclosed in the Sitecore Experience Platform that could be exploited to achieve information dis ... Read more
-
CybersecurityNews
WhatsApp 0-Day Vulnerability Exploited to Hack Mac and iOS Users
A sophisticated attack campaign has leveraged a previously unknown zero-day vulnerability in WhatsApp on Apple devices to target specific users, the company has confirmed. The vulnerability, now ident ... Read more
-
BleepingComputer
WhatsApp patches vulnerability exploited in zero-day attacks
WhatsApp has patched a security vulnerability in its iOS and macOS messaging clients that was exploited in targeted zero-day attacks. The company says this zero-click flaw (tracked as CVE-2025-55177) ... Read more
-
CybersecurityNews
Citrix Netscaler 0-day RCE Vulnerability Patched – Vulnerable Instances Reduced from 28.2K to 12.4K
A significant global effort to patch a critical zero-day remote code execution (RCE) vulnerability in Citrix NetScaler devices has seen the number of exposed systems drop from approximately 28,200 to ... Read more
-
CybersecurityNews
NodeBB Vulnerability Let Attackers Inject Boolean-Based Blind and PostgreSQL Error-Based Payloads
NodeBB, a popular open-source forum platform, has been found vulnerable to a critical SQL injection flaw in version 4.3.0. The flaw, tracked as CVE-2025-50979, resides in the search-categories API end ... Read more
-
SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 35
The Good | Interpol Cracks Down on Cybercrime as U.S. Sanctions North Korean IT Scheme Interpol announced the arrest of over 1200 suspects in Operation Serengeti 2.0, a three-month crackdown on cyberc ... Read more
-
SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 35
The Good | Interpol Cracks Down on Cybercrime as U.S. Sanctions North Korean IT Scheme Interpol announced the arrest of over 1200 suspects in Operation Serengeti 2.0, a three-month crackdown on cyberc ... Read more