CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
seclists.org
SEC Consult SA-20250911-0 :: Unauthenticated SQL Injection Vulnerability in Shibboleth Service Provider (SP) (ODBC interface)
Full Disclosure mailing list archives From: SEC Consult Vulnerability Lab via Fulldisclosure <fulldisclosure () seclists org> Date: Thu, 11 Sep 2025 05:23:27 +0000 SEC Consult Vulnerability Lab Securi ... Read more
-
Daily CyberSecurity
CVE-2025-5821: Critical Authentication Bypass in WordPress Case Theme User Plugin Exploited in the Wild
Hackers are exploiting a critical authentication bypass vulnerability in the Case Theme User plugin, a WordPress plugin with an estimated 12,000 active installations. This plugin is bundled in multipl ... Read more
-
Daily CyberSecurity
Spring Framework and Spring Security Vulnerabilities Expose Authorization Bypass Risks (CVE-2025-41248 & CVE-2025-41249)
The Spring team has disclosed two related vulnerabilities—CVE-2025-41248 and CVE-2025-41249—that affect Spring Security and the Spring Framework. Both issues stem from annotation resolution flaws in m ... Read more
-
TheCyberThrone
HybridPetya: The UEFI-Busting Heir to Petya/NotPetya
September 16, 2025In September 2025, security researchers spotlighted the rise of HybridPetya, a next-generation ransomware that revives and amplifies the catastrophic tactics of Petya and NotPetya—th ... Read more
-
Daily CyberSecurity
PoC Published: Linux Kernel 0-Click RCE Vulnerability Found in ksmbd
Image: BitsByWill In a recent deep-dive analysis, security researcher BitsByWill examined two critical Linux kernel vulnerabilities—CVE-2023-52440 and CVE-2023-4130—both impacting ksmbd, the in-kernel ... Read more
-
CrowdStrike.com
MURKY PANDA: A Trusted-Relationship Threat in the Cloud
Since late 2024, CrowdStrike Counter Adversary Operations has observed significant activity conducted by MURKY PANDA, a China-nexus adversary that has targeted government, technology, academic, legal, ... Read more
-
CrowdStrike.com
September 2025 Patch Tuesday: Two Publicly Disclosed Zero-Days and Eight Critical Vulnerabilities Among 84 CVEs
Microsoft has addressed 84 vulnerabilities in its September 2025 security update release. This month's patches address two publicly disclosed zero-day vulnerabilities and eight Critical vulnerabilitie ... Read more
-
CrowdStrike.com
MURKY PANDA: A Trusted-Relationship Threat in the Cloud
Since late 2024, CrowdStrike Counter Adversary Operations has observed significant activity conducted by MURKY PANDA, a China-nexus adversary that has targeted government, technology, academic, legal, ... Read more
-
CrowdStrike.com
September 2025 Patch Tuesday: Two Publicly Disclosed Zero-Days and Eight Critical Vulnerabilities Among 84 CVEs
Microsoft has addressed 84 vulnerabilities in its September 2025 security update release. This month's patches address two publicly disclosed zero-day vulnerabilities and eight Critical vulnerabilitie ... Read more
-
CrowdStrike.com
MURKY PANDA: A Trusted-Relationship Threat in the Cloud
Since late 2024, CrowdStrike Counter Adversary Operations has observed significant activity conducted by MURKY PANDA, a China-nexus adversary that has targeted government, technology, academic, legal, ... Read more