CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Multiple Hikvision Vulnerabilities Let Attackers Inject Executable Commands
Hikvision has disclosed three significant security vulnerabilities affecting multiple versions of its HikCentral product suite that could enable attackers to execute malicious commands and gain unauth ... Read more
-
cert.pl
Vulnerabilities in Payload CMS software
Vulnerabilities in Payload CMS software CVE ID CVE-2025-4643 Publication date 29 August 2025 Vendor Payload CMS Product Payload Vulnerable versions All before 3.44.0 Vulnerability type (CWE) Insuffici ... Read more
-
The Hacker News
Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page
Aug 29, 2025Ravie LakshmananVulnerability / Enterprise Security Click Studios, the developer of enterprise-focused password management solution Passwordstate, said it has released security updates t ... Read more
-
The Hacker News
FreePBX Servers Targeted by Zero-Day Flaw, Emergency Patch Now Available
Aug 29, 2025Ravie LakshmananZero-Day / Vulnerability The Sangoma FreePBX Security Team has issued an advisory warning about an actively exploited FreePBX zero-day vulnerability that impacts systems ... Read more
-
Daily CyberSecurity
Multi Flaws Found in HikCentral, Including a Bypass for Admin Access (CVE-2025-39247)
The Hikvision Security Response Center (HSRC) has released a new advisory detailing three vulnerabilities affecting different versions of the company’s HikCentral product line. The flaws range from CS ... Read more
-
security.nl
Onderzoeker: sterke afname van het aantal Citrix-systemen op internet
Het aantal Citrix-systemen op internet is de afgelopen jaren sterk afgenomen wat samenhangt met alle misbruikte kwetsbaarheden in het systeem, zo stelt beveiligingsonderzoeker Kevin Beaumont op basis ... Read more
-
CybersecurityNews
PhpSpreadsheet Library Vulnerability Enables Attackers to Feed Malicious HTML Input
A high-severity Server-Side Request Forgery (SSRF) vulnerability has been identified in the widely used PhpSpreadsheet library, potentially allowing attackers to exploit internal network resources and ... Read more
-
CrowdStrike.com
August 2025 Patch Tuesday: One Publicly Disclosed Zero-Day and 13 Critical Vulnerabilities Among 107 CVEs
Microsoft has addressed 107 vulnerabilities in its August 2025 security update release. This month's patches include fixes for one publicly disclosed zero-day vulnerability and 13 Critical vulnerabili ... Read more
-
CrowdStrike.com
MURKY PANDA: A Trusted-Relationship Threat in the Cloud
Since late 2024, CrowdStrike Counter Adversary Operations has observed significant activity conducted by MURKY PANDA, a China-nexus adversary that has targeted government, technology, academic, legal, ... Read more
-
Daily CyberSecurity
NVIDIA Refuses to Pay 15% China Revenue Share Without a Law
Earlier reports suggested that the U.S. government had reached an agreement with NVIDIA and AMD, requiring the two semiconductor giants to surrender 15% of revenue from certain AI chip exports to Chin ... Read more