CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
Over 250 Magento Stores Hit Overnight as Hackers Exploit New Adobe Commerce Flaw
Oct 23, 2025Ravie LakshmananData Breach / Vulnerability E-commerce security company Sansec has warned that threat actors have begun to exploit a recently disclosed security vulnerability in Adobe Co ... Read more
-
The Hacker News
Critical Lanscope Endpoint Manager Bug Exploited in Ongoing Cyberattacks, CISA Confirms
Oct 23, 2025Ravie LakshmananVulnerability / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Motex Lanscope ... Read more
-
Daily CyberSecurity
Security First: Windows 11 Disables File Previews for Web Downloads
Earlier this month, Microsoft released a Windows 11 cumulative update addressing several known feature issues and security vulnerabilities. Among the modifications introduced, one notable change invol ... Read more
-
Daily CyberSecurity
Full-Scale War: Apple Challenges EU’s Digital Markets Act in Court
The fierce standoff between Apple and the European Union over the Digital Markets Act (DMA) has officially escalated from a war of words into a full-scale legal battle before the EU General Court in L ... Read more
-
Daily CyberSecurity
ISC Patches Multiple High-Severity BIND Vulnerabilities Enabling Cache Poisoning and Denial of Service Attacks
The Internet Systems Consortium (ISC) has issued patches for three high-severity vulnerabilities impacting the BIND 9 DNS server, including two that could enable cache poisoning attacks (CVE-2025-4077 ... Read more
-
Daily CyberSecurity
Jira Path Traversal Flaw (CVE-2025-22167) Allows Arbitrary File Write on Server/Data Center
Atlassian has released patches addressing a high-severity Path Traversal vulnerability (CVE-2025-22167) affecting Jira Software Data Center and Server as well as Jira Service Management Data Center an ... Read more
-
Daily CyberSecurity
Symantec Exposes Chinese APT Overlap: Zingdoor, ShadowPad, and KrustyLoader Used in Global Espionage
Symantec’s investigation uncovered a complex web of interconnected Chinese espionage operations, with infrastructure and tooling overlapping multiple threat clusters. The team observed the Zingdoor ba ... Read more
-
Daily CyberSecurity
Critical WSUS Flaw (CVE-2025-59287, CVSS 9.8) Allows Unauthenticated RCE via Unsafe Cookie Deserialization, PoC Available
Security researcher Batuhan Er from HawkTrace has detailed a critical remote code execution (RCE) vulnerability in Microsoft Windows Server Update Services (WSUS), tracked as CVE-2025-59287. The flaw, ... Read more
-
Daily CyberSecurity
Critical NeuVector RCE Flaw (CVE-2025-54469, CVSS 10.0) Allows Command Injection via Unsanitized Environment Variables
The SUSE Rancher Security team has issued a critical advisory addressing a command injection and buffer overflow vulnerability in NeuVector, the company’s full lifecycle container security platform. T ... Read more
-
Daily CyberSecurity
Major Threat: Vidar Stealer v2.0 Bypasses Chrome AppBound Encryption with Multithreaded Memory Injection
Researchers at Trend Micro have released an in-depth analysis of Vidar Stealer v2.0, a major overhaul of the well-known Vidar information-stealing malware that has resurfaced with powerful new capabil ... Read more