CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
Chinese MirrorFace APT targets Japan
The MirrorFace Advanced Persistent Threat (APT) group, also known as Earth Kasha, has been linked to a series of cyber-attacks targeting Japan. These attacks have been ongoing since 2019 and have prim ... Read more
-
Help Net Security
Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) Ivanti has fixed two vulnerabili ... Read more
-
TheCyberThrone
CVE-2024-5594 impacts OpenVPN
CVE-2024-5594 is a critical vulnerability identified in OpenVPN versions prior to 2.6.11. This vulnerability stems from improper sanitization of PUSH_REPLY messages, which allows attackers to inject u ... Read more
-
Cybersecurity News
CVE-2025-22777 (CVSS 9.8): Critical Security Alert for GiveWP Plugin with 100,000 Active Installations
A severe vulnerability has been identified in the GiveWP plugin, one of WordPress’s most widely used tools for online donations and fundraising. Tracked as CVE-2025-22777, the flaw has a CVSS score of ... Read more
-
BleepingComputer
Fake LDAPNightmware exploit on GitHub spreads infostealer malware
A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka "LDAPNightmare") on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. The tact ... Read more
-
TheCyberThrone
CVE-2024-49415 : Samsung Android devices Impacted
CVE-2024-49415 is a critical vulnerability found in Samsung devices running Android versions 12, 13, and 14. This vulnerability was discovered by researchers from Google Project Zero, a team dedicated ... Read more
-
TheCyberThrone
CVE-2024-53704 impacts SonicWall
CVE-2024-53704 is a high-severity vulnerability impacting SonicWall’s SSLVPN authentication mechanism. This flaw, with a CVSS score of 8.2, allows remote attackers to bypass authentication and gain un ... Read more
-
malware-traffic-analysis.net
2025-01-09: CVE-2017-0199 XLS --> HTA --> VBS --> steganography --> DBatLoader/GuiLoader style malware
2025-01-09 (THURSDAY): CVE-2017-0199 XLS --> HTA --> VBS --> STEGANOGRAPHY --> DBATLOADER/GUILOADER STYLE MALWARE NOTES: Zip files are password-protected. Of note, this site has a new password scheme ... Read more
-
TheCyberThrone
CVE-2024-12847: Proof-of-Concept Exploit Code Released
OverviewCVE-2024-12847 is a critical security vulnerability affecting certain models of NETGEAR routers, notably the DGN1000 and DGN2200 v1. This vulnerability has been assigned a CVSS score of 9.8, r ... Read more
-
InfoSec Write-ups
Reversing, Discovering, And Exploiting A TP-Link Router Vulnerability — CVE-2024–54887
OverviewRecently, I picked up an interest in reverse engineering and exploit development. After a while, picking at Hack The Box challenges can get tired, and I started looking for a more interesting ... Read more