CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
New Microsoft script updates Windows media with bootkit malware fixes
Microsoft has released a PowerShell script to help Windows users and admins update bootable media so it utilizes the new "Windows UEFI CA 2023" certificate before the mitigations of the BlackLotus UEF ... Read more
-
The Register
Cisco patches two critical Identity Services Engine flaws
Cisco has fixed two critical vulnerabilities in its Identity Services Engine (ISE) that could allow an authenticated remote attacker to execute arbitrary commands as root or access sensitive informati ... Read more
-
Ars Technica
7-Zip 0-day was exploited in Russia’s ongoing invasion of Ukraine
Researchers said they recently discovered a zero-day vulnerability in the 7-Zip archiving utility that was actively exploited as part of Russia's ongoing invasion of Ukraine. The vulnerability allowed ... Read more
-
BleepingComputer
CISA orders agencies to patch Linux kernel bug exploited in attacks
CISA has ordered federal agencies to secure their systems within three weeks against a high-severity Linux kernel flaw actively exploited in attacks. Tracked as CVE-2024-53104, the security bug was f ... Read more
-
BleepingComputer
AMD fixes bug that lets hackers load malicious microcode patches
AMD has released mitigation and firmware updates to address a high-severity vulnerability that can be exploited to load malicious CPU microcode on unpatched devices. The security flaw (CVE-2024-56161 ... Read more
-
BleepingComputer
CISA tags Microsoft .NET and Apache OFBiz bugs as exploited in attacks
The US Cybersecurity & Infrastructure Security Agency (CISA) has added four vulnerabilities to its Known Exploited Vulnerabilities catalog, urging federal agencies and large organizations to apply the ... Read more
-
TheCyberThrone
Google Chrome 133 Stable Channel Released
On February 4, 2025, Google released Chrome 133, which includes several crucial security bug fixes aimed at enhancing the browser’s security and protecting users from potential exploits. Here is a det ... Read more
-
Help Net Security
Cybercrime gang exploited VeraCore zero-day vulnerabilities for years (CVE-2025-25181, CVE-2024-57968)
XE Group, a cybercriminal outfit that has been active for over a decade, has been quietly exploiting zero-day vulnerabilities (CVE-2025-25181, CVE-2024-57968) in VeraCore software, a popular solution ... Read more
-
Krypt3ia
Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest
Date: 2.5.25 Top Headlines Five Eyes Launch Guidance to Improve Edge Device Security Summary: The UK’s leading cybersecurity agency and its Five Eyes peers have produced new guidance for manufacturers ... Read more
-
Help Net Security
Swap EOL Zyxel routers, upgrade Netgear ones!
There will be no patches for EOL Zyxel routers under attack via CVE-2024-40891, the company has confirmed. Meanwhile, Netgear has issued patches for critical flaws affecting its routers and wireless a ... Read more