CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
CISA Alert: Chinese Hackers Weaponize CVSS 10 Cisco Zero-Day & SonicWall Exploit Chains
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive adding three critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, signaling that ha ...
-
Daily CyberSecurity
Cisco Zero-Day Siege: Chinese Group UAT-9686 Deploys ‘Aqua’ Malware via CVSS 10 Root Exploit
A critical zero-day vulnerability in Cisco’s secure email appliances is under active siege by a sophisticated Chinese hacking group, granting them total control over sensitive network gateways. The ca ...
-
Daily CyberSecurity
Zero-Day Warning: Hackers Chain SonicWall SMA1000 Flaws for Unauthenticated Root RCE
SonicWall has issued an urgent security advisory for its high-end remote access appliances, patching a vulnerability that, while seemingly moderate on its own, serves as the final piece in a devastati ...
-
Daily CyberSecurity
Academic Ambush: How the Forum Troll APT Hijacks Scholars’ Systems via Fake Plagiarism Reports
A relentless Advanced Persistent Threat (APT) group known as “Forum Troll” has shifted its crosshairs from corporate networks to the academic elite, launching a precision phishing campaign against Rus ...
-
Daily CyberSecurity
Locked Out of the Cloud: Hackers Use AWS Termination Protection to Hijack ECS for Unstoppable Crypto Mining
In a striking display of cloud-native tradecraft, cybercriminals have been caught turning legitimate AWS environments into illicit cryptocurrency mining farms, utilizing a “novel persistence technique ...
-
Daily CyberSecurity
Blurred Deception: Russian APT Targets Transnistria and NATO with High-Pressure Phishing Lures
A sophisticated Russian Advanced Persistent Threat (APT) group has launched a targeted credential harvesting campaign against the governing body of Transnistria (the Pridnestrovian Moldavian Republic) ...
-
Daily CyberSecurity
“Better Auth” Framework Alert: The Double-Slash Trick That Bypasses Security Controls
A high-severity vulnerability has been disclosed in Better Auth, a rapidly growing authentication framework for TypeScript, potentially allowing attackers to bypass critical access controls with a sim ...
-
Daily CyberSecurity
Ink Dragon’s Global Mesh: How Chinese Spies Turn Compromised Government Servers into C2 Relay Nodes
A sophisticated Chinese cyber-espionage group is rewriting the rules of persistence, turning compromised government servers into a living, breathing command network. A new report from Check Point Rese ...
-
Daily CyberSecurity
CVE-2025-46295 (CVSS 9.8): Critical Apache Commons Text Flaw Risks Total Server Takeover
A critical vulnerability has been fixed in Apache Commons Text, a ubiquitous Java library used for text manipulation, preventing what could have been a widespread remote code execution (RCE) crisis. T ...
-
Daily CyberSecurity
Node.js Alert: systeminformation Flaw Risks Windows RCE for 16M+ Monthly Users
A high-severity vulnerability has been uncovered in systeminformation, a massively popular Node.js library used by millions of developers to retrieve system metrics. Tracked as CVE-2025-68154, the fla ...