CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
5-Year Threat: Malicious NuGet Package Used Homoglyphs and Typosquatting to Steal Crypto Wallets
Image: Socket A malicious NuGet package masquerading as a popular .NET logging tool has been caught stealing cryptocurrency wallet data for over five years. The package, Tracer.Fody.NLog, successfully ...
-
Daily CyberSecurity
macOS LPE Flaw Resurfaces: .localized Directory Exploited to Hijack Installers and Gain Root Access
A stubborn vulnerability in macOS third-party installers has resurfaced, allowing attackers to hijack privileged processes and gain root access to a system. Discovered by security researcher Csaba Fit ...
-
Daily CyberSecurity
BlackForce PhaaS Weaponizes React and Stateful Sessions to Bypass MFA & Steal Credentials
A sophisticated new player has entered the Phishing-as-a-Service (PhaaS) market, offering cybercriminals a powerful toolset designed to bypass modern security controls with alarming ease. Dubbed Black ...
-
Daily CyberSecurity
From Cisco Student Rivalry to Global Hackers: Salt Typhoon Breaches 80+ Telecos for Intelligence
A new report from SentinelLabs sheds light on the origins of “Salt Typhoon,” the hacking group responsible for one of the most brazen intelligence collection efforts of the last decade. The operators, ...
-
Daily CyberSecurity
Data Disaster: Claude AI Executes rm -rf ~/ and Wipes Developer’s Mac Home Directory
An increasing number of developers are turning to AI-assisted tools to streamline their workflows. Yet as adoption grows, so too do reports of catastrophic failures caused by these tools. In one earli ...
-
The Register
Amazon security boss blames Russia's GRU for years-long energy-sector hacks
Russia's Main Intelligence Directorate (GRU) is behind a years-long campaign targeting energy, telecommunications, and tech providers, stealing credentials and compromising misconfigured devices hoste ...
-
BleepingComputer
PornHub extorted after hackers steal Premium member activity data
Adult video platform PornHub is being extorted by the ShinyHunters extortion gang after the search and watch history of its Premium members was reportedly stolen in a recent Mixpanel data breach. Last ...
-
BleepingComputer
PornHub extorted after hackers steal Premium member activity data
Adult video platform PornHub is being extorted by the ShinyHunters extortion gang after the search and watch history of its Premium members was reportedly stolen in a recent Mixpanel data breach. Last ...
-
CybersecurityNews
ZnDoor Malware Exploiting React2Shell Vulnerability to Compromise Network Devices
Since December 2025, a concerning trend has emerged across Japanese organizations as attackers exploit a critical vulnerability in React/Next.js applications. The vulnerability, tracked as CVE-2025-55 ...
-
The Register
China, Iran are having a field day with React2Shell, Google warns
At least five more Chinese spy crews, Iran-linked goons, and financially motivated criminals are now attacking the React2Shell, a maximum-severity flaw in the widely used React JavaScript library, acc ...