CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
CVE-2024-9042: Code Execution Vulnerability Found in Kubernetes Windows Nodes
A recently discovered security vulnerability, CVE-2024-9042, poses a significant risk to Kubernetes clusters running Windows worker nodes. Rated Medium with a CVSS v3.1 score of 5.9, the flaw enables ... Read more
-
Cybersecurity News
CVE-2024-7344: Howyar Reloader Vulnerability Exposes UEFI Systems to Unsigned Software Threats
A recent vulnerability note from CERT/CC has exposed a significant security flaw in the Howyar Reloader UEFI bootloader, distributed as part of SysReturn prior to version 10.2.02320240919. Identified ... Read more
-
Cybersecurity News
13,000 MikroTik Routers Hijacked for Global Malspam Operation
A recent report from Infoblox Threat Intel highlights a sophisticated botnet operation leveraging a simple DNS misconfiguration to distribute malware on a massive scale. This botnet, built on approxim ... Read more
-
Cybersecurity News
CVE-2025-20055 (CVSS 9.8): Critical Vulnerability Threatens STEALTHONE Storage
JPCERT/CC has issued a warning regarding multiple vulnerabilities affecting STEALTHONE D220, D340, and D440 network storage servers, urging users to update their firmware immediately.These vulnerabili ... Read more
-
Cybersecurity News
CVE-2024-12365: Popular WordPress Caching Plugin Exposes Millions of Sites to Attack
Over a million WordPress websites are at risk due to a high-severity vulnerability discovered in the popular W3 Total Cache plugin.W3 Total Cache, a plugin used to boost website performance and improv ... Read more
-
Cybersecurity News
Unveiling Zero-Day Behavior in PDF Samples: The Risk of NTLM Information Leaks
In a recent revelation, EXPMON has reported a previously unknown “zero-day behavior” in certain PDF samples, leading to the potential leakage of local (net)NTLM information. While not a zero-day attac ... Read more
-
Cybersecurity News
Veeam Releases Patch for High-Risk SSRF Vulnerability CVE-2025-23082 in Azure Backup Solution
Veeam, a prominent player in data management and backup solutions, has recently disclosed a critical vulnerability in its Veeam Backup for Microsoft Azure product. Identified as CVE-2025-23082, this S ... Read more
-
DoublePulsar
2022 zero day was used to raid Fortigate firewall configs. Somebody just released them.
Back in 2022, Fortinet warned that somebody had a zero day vulnerability and was using it to exploit Fortigate firewalls https://www.fortinet.com/blog/psirt-blogs/update-regarding-cve-2022-40684Today, ... Read more
-
BleepingComputer
SAP fixes critical vulnerabilities in NetWeaver application servers
SAP has fixed two critical vulnerabilities affecting NetWeaver web application server that could be exploited to escalate privileges and access restricted information. As part of the January Security ... Read more
-
CrowdStrike.com
January 2025 Patch Tuesday: 10 Critical Vulnerabilities and Eight Zero-Days Among 159 CVEs
Microsoft has released security updates for 159 vulnerabilities in its January 2025 Patch Tuesday rollout. Among these are 10 Critical vulnerabilities and eight zero-days affecting the Windows Hyper-V ... Read more