CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
cert.pl
Vulnerabilities in Payload CMS software
Vulnerabilities in Payload CMS software CVE ID CVE-2025-4643 Publication date 29 August 2025 Vendor Payload CMS Product Payload Vulnerable versions All before 3.44.0 Vulnerability type (CWE) Insuffici ... Read more
-
The Hacker News
Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page
Aug 29, 2025Ravie LakshmananVulnerability / Enterprise Security Click Studios, the developer of enterprise-focused password management solution Passwordstate, said it has released security updates t ... Read more
-
The Hacker News
FreePBX Servers Targeted by Zero-Day Flaw, Emergency Patch Now Available
Aug 29, 2025Ravie LakshmananZero-Day / Vulnerability The Sangoma FreePBX Security Team has issued an advisory warning about an actively exploited FreePBX zero-day vulnerability that impacts systems ... Read more
-
Daily CyberSecurity
Multi Flaws Found in HikCentral, Including a Bypass for Admin Access (CVE-2025-39247)
The Hikvision Security Response Center (HSRC) has released a new advisory detailing three vulnerabilities affecting different versions of the company’s HikCentral product line. The flaws range from CS ... Read more
-
security.nl
Onderzoeker: sterke afname van het aantal Citrix-systemen op internet
Het aantal Citrix-systemen op internet is de afgelopen jaren sterk afgenomen wat samenhangt met alle misbruikte kwetsbaarheden in het systeem, zo stelt beveiligingsonderzoeker Kevin Beaumont op basis ... Read more
-
CybersecurityNews
PhpSpreadsheet Library Vulnerability Enables Attackers to Feed Malicious HTML Input
A high-severity Server-Side Request Forgery (SSRF) vulnerability has been identified in the widely used PhpSpreadsheet library, potentially allowing attackers to exploit internal network resources and ... Read more
-
CrowdStrike.com
August 2025 Patch Tuesday: One Publicly Disclosed Zero-Day and 13 Critical Vulnerabilities Among 107 CVEs
Microsoft has addressed 107 vulnerabilities in its August 2025 security update release. This month's patches include fixes for one publicly disclosed zero-day vulnerability and 13 Critical vulnerabili ... Read more
-
CrowdStrike.com
MURKY PANDA: A Trusted-Relationship Threat in the Cloud
Since late 2024, CrowdStrike Counter Adversary Operations has observed significant activity conducted by MURKY PANDA, a China-nexus adversary that has targeted government, technology, academic, legal, ... Read more
-
Daily CyberSecurity
NVIDIA Refuses to Pay 15% China Revenue Share Without a Law
Earlier reports suggested that the U.S. government had reached an agreement with NVIDIA and AMD, requiring the two semiconductor giants to surrender 15% of revenue from certain AI chip exports to Chin ... Read more
-
Daily CyberSecurity
CRITICAL Zero-Day CVE-2025-57819 in FreePBX Is Under Active Attack (CVSS 10.0)
The Sangoma FreePBX Security Team has issued a critical advisory for a newly discovered vulnerability in its popular open-source telephony platform. Tracked as CVE-2025-57819 with a maximum CVSSv4 sco ... Read more