CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
CERT/CC Warns of Unpatched Root-Level Command Injection Flaws in Tenda 4G03 Pro and N300 Routers (CVE-2025-13207, CVE-2024-24481)
The CERT Coordination Center (CERT/CC) has issued a warning about multiple unpatched command injection vulnerabilities affecting Tenda’s 4G03 Pro and N300 series routers. The flaws, which allow attack ...
-
Daily CyberSecurity
Critical ABB Flaw (CVE-2025-10571, CVSS 9.6) Allows Unauthenticated RCE and Admin Takeover on Edgenius
ABB has issued an urgent cybersecurity advisory warning customers of a critical authentication bypass vulnerability in the ABB Ability Edgenius Management Portal. The flaw—tracked as CVE-2025-10571—af ...
-
Daily CyberSecurity
Critical Markdown to PDF Flaw (CVE-2025-65108, CVSS 10.0) Allows RCE via JS Injection in Markdown Front-Matter
A critical vulnerability (CVE-2025-65108) has been disclosed in the widely used Markdown to PDF npm package, a command-line tool with more than 47,000 weekly downloads. The flaw carries a maximum CVSS ...
-
The Register
Weaponized file name flaw makes updating glob an urgent job
Infosec In Brief Researchers have urged users of the glob file pattern matching library to update their installations, after discovery of a years-old remote code execution flaw in the tool's CLI. Glob ...
-
TheCyberThrone
SonicWall SSLVPN Vulnerability CVE-2025-40601
November 23, 2025A critical vulnerability was discovered affecting SonicWall firewalls’ SSLVPN service, identified as CVE-2025-40601. This stack-based buffer overflow flaw allows unauthenticated remot ...
-
CybersecurityNews
Cybersecurity News Weekly Newsletter – Fortinet, Chrome 0-Day Flaws, Cloudflare Outage and Salesforce Gainsight Breach
Welcome to this week’s edition of the Cybersecurity News Weekly Newsletter, where we analyze the critical incidents defining the current threat landscape. If this week has taught us anything, it is th ...
-
CybersecurityNews
Critical Vulnerability in Azure Bastion Let Attackers Bypass Authentication and Escalate privileges
A critical vulnerability in Azure Bastion (CVE-2025-49752) allows remote attackers to bypass authentication mechanisms and escalate privileges to administrative levels. The flaw, categorized as an aut ...
-
hackread.com
Critical 7 Zip Vulnerability With Public Exploit Requires Manual Update
A vulnerability has been found in the very popular, free file-compressing tool 7-Zip. The flaw, tracked as CVE-2025-11001, has a public exploit, leading to a high-risk warning from the UK’s NHS Englan ...
-
Help Net Security
Week in review: Stealth-patched FortiWeb vulnerability under active exploitation, Logitech data breach
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: The tech that turns supply chains from brittle to unbreakable In this Help Net Security interview, Sev ...
-
TheCyberThrone
Critical Oracle Identity Manager Vulnerability Added to CISA KEV Catalog
November 22, 2025CISA officially added a critical vulnerability, CVE-2025-61757, to its Known Exploited Vulnerabilities (KEV) catalog, underscoring the urgent need for organizations using Oracle Ident ...