CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
28,000+ Citrix Servers Exposed to Active 0-Day RCE Vulnerability Exploited in the Wild
A critical zero-day remote code execution (RCE) vulnerability, tracked as CVE-2025-7775, is affecting over 28,000 Citrix instances worldwide. The flaw is being actively exploited in the wild, promptin ... Read more
-
CybersecurityNews
PoC Exploit Released for CrushFTP 0-day Vulnerability (CVE-2025-54309)
A weaponized proof-of-concept exploit has been publicly released targeting CVE-2025-54309, a severe authentication bypass vulnerability affecting CrushFTP file transfer servers. The flaw enables remot ... Read more
-
AttackIQ
Emulating the Expedited Warlock Ransomware
Introduction Warlock is a ransomware strain operating under the Ransomware-as-a-Service (RaaS) model that emerged in June 2025, following an advertisement on the Russian Anonymous Marketplace (RAMP) w ... Read more
-
BleepingComputer
Global Salt Typhoon hacking campaigns linked to Chinese tech firms
The U.S. National Security Agency (NSA), the UK's National Cyber Security Centre (NCSC), and partners from over a dozen countries have linked the Salt Typhoon global hacking campaigns to three China-b ... Read more
-
CybersecurityNews
IPFire Web-Based Firewall Interface Allows Authenticated Administrator to Inject Persistent JavaScript
A stored cross-site scripting (XSS) flaw identified in IPFire 2.29’s web-based firewall interface (firewall.cgi). Tracked as CVE-2025-50975, the vulnerability allows any authenticated administrator to ... Read more
-
CybersecurityNews
NVIDIA NeMo AI Curator Enables Code Execution and Privilege Escalation
NVIDIA has issued a critical security bulletin addressing a high-severity vulnerability in its NeMo Curator platform that could allow attackers to execute malicious code and escalate privileges on aff ... Read more
-
CrowdStrike.com
August 2025 Patch Tuesday: One Publicly Disclosed Zero-Day and 13 Critical Vulnerabilities Among 107 CVEs
Microsoft has addressed 107 vulnerabilities in its August 2025 security update release. This month's patches include fixes for one publicly disclosed zero-day vulnerability and 13 Critical vulnerabili ... Read more
-
CrowdStrike.com
MURKY PANDA: A Trusted-Relationship Threat in the Cloud
Since late 2024, CrowdStrike Counter Adversary Operations has observed significant activity conducted by MURKY PANDA, a China-nexus adversary that has targeted government, technology, academic, legal, ... Read more
-
CybersecurityNews
CISA releases New ICS Advisories Surrounding Vulnerabilities and Exploits
CISA released three significant Industrial Control Systems (ICS) advisories on August 26, 2025, alerting organizations to critical vulnerabilities affecting widely-deployed automation systems. These a ... Read more
-
BleepingComputer
Over 28,000 Citrix devices vulnerable to new exploited RCE flaw
More than 28,200 Citrix instances are vulnerable to a critical remote code execution vulnerability tracked as CVE-2025-7775 that is already being exploited in the wild. The vulnerability affects NetSc ... Read more