CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Help Net Security
Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282)
Ivanti has fixed two vulnerabilities affecting Ivanti Connect Secure, Policy Secure and ZTA gateways, one of which (CVE-2025-0282) has been exploited as a zero-day by attackers to compromise Connect S ... Read more
-
BleepingComputer
SonicWall urges admins to patch exploitable SSLVPN bug immediately
SonicWall is emailing customers urging them to upgrade their firewall's SonicOS firmware to patch an authentication bypass vulnerability in SSL VPN and SSH management that is "susceptible to actual ex ... Read more
-
BleepingComputer
Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens
Hackers are trying to exploit CVE-2024-52875, a critical CRLF injection vulnerability that leads to 1-click remote code execution (RCE) attacks in GFI KerioControl firewall product. KerioControl is a ... Read more
-
Cybersecurity News
CVE-2025-0282 (CVSS 9.0): Ivanti Confirms Active Exploitation of Critical Flaw
Ivanti has issued a security advisory addressing two vulnerabilities in its Connect Secure, Policy Secure, and Neurons for ZTA Gateways. The vulnerabilities—CVE-2025-0282 and CVE-2025-0283—pose signif ... Read more
-
Zero Day Initiative
ZDI Threat Hunting 2024: Highlights, Trends, & Challenges
Reflecting on 2024, it has been an eventful year for the Zero Day Initiative Threat Hunting team. Throughout the year, we identified numerous threat actor campaigns exploiting zero-day vulnerabilities ... Read more
-
TheCyberThrone
Google Chrome fixes CVE-2025-0291
Google Chrome is one of the most widely used web browsers globally, and keeping it secure is paramount to protecting users from potential threats. The latest stable channel update to version 131.0.677 ... Read more
-
The Register
DNA sequencers found running ancient BIOS, posing risk to clinical research
Updated Argentine cybersecurity shop Eclypsium claims security issues affecting leading DNA sequencing devices could lead to disruptions in crucial clinical research. The iSeq 100, developed by manufa ... Read more
-
Cybersecurity News
DNA Sequencer BIOS Vulnerabilities Pose Significant Supply Chain Risks
In a recent revelation, Eclypsium’s research team has uncovered severe BIOS/UEFI vulnerabilities in a widely used DNA gene sequencer manufactured by Illumina.The Illumina iSeq 100, a pivotal tool in g ... Read more
-
Google Cloud
Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation
Written by: John Wolfram, Josh Murchie, Matt Lin, Daniel Ainsworth, Robert Wallace, Dimiter Andonov, Dhanesh Kizhakkinan, Jacob Thompson Note: This is a developing campaign under active analysis by Ma ... Read more
-
The Cyber Express
Cyberattacks and Industry Vulnerabilities: What 2025 Holds
The rise of cyberattacks has changed the dynamics of global industries, with cybercriminals increasingly targeting sectors that hold vast amounts of sensitive data, financial resources, or critical in ... Read more