CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
CISA Details That Hackers Gained Access to a U.S. Federal Agency Network Via GeoServer RCE Vulnerability
CISA has released a comprehensive cybersecurity advisory detailing how threat actors successfully compromised a U.S. federal civilian executive branch agency’s network by exploiting CVE-2024-36401, a ... Read more
-
CrowdStrike.com
September 2025 Patch Tuesday: Two Publicly Disclosed Zero-Days and Eight Critical Vulnerabilities Among 84 CVEs
Microsoft has addressed 84 vulnerabilities in its September 2025 security update release. This month's patches address two publicly disclosed zero-day vulnerabilities and eight Critical vulnerabilitie ... Read more
-
Daily CyberSecurity
CISA adds Chrome zero-day CVE-2025-10585 to KEV after public exploit appears
CISA this week added CVE-2025-10585, a high-severity type-confusion flaw in Google’s V8 JavaScript engine, to its Known Exploited Vulnerabilities catalog after evidence of active exploitation was obse ... Read more
-
Daily CyberSecurity
OpenSSF Warns: Open Source Software Is Not a Free Service
The Open Source Security Foundation (OpenSSF), together with several prominent open-source and software foundations, has issued a joint statement declaring that it can no longer serve as the unpaid ga ... Read more
-
Daily CyberSecurity
CVE-2025-9844: Salesforce CLI Installer Vulnerability Could Lead to SYSTEM-Level Compromise
Salesforce has published a security advisory detailing a high-severity flaw in its Salesforce-CLI installer (sf-x64.exe). The vulnerability, tracked as CVE-2025-9844 with a CVSS score of 8.8, could al ... Read more
-
Daily CyberSecurity
CVE-2025-10184: Unpatched OnePlus Flaw Exposes SMS Data & Breaks MFA, PoC Available
Researchers at Rapid7 have disclosed a critical permission bypass vulnerability in OnePlus OxygenOS, tracked as CVE-2025-10184. The flaw allows any installed application on affected devices to read SM ... Read more
-
CybersecurityNews
Chrome High-severity Vulnerabilities Let Attackers Access Sensitive Data and Crash System
Google has issued an urgent security update for its Chrome web browser to address three high-severity vulnerabilities that could allow attackers to access sensitive information or cause the system to ... Read more
-
Daily CyberSecurity
CVE-2025-59545: Critical XSS Flaw in DNN Software Puts 750,000 Websites at Risk
DNN Software has issued a security advisory warning of a critical stored cross-site scripting (XSS) vulnerability in its Prompt module, tracked as CVE-2025-59545 with a CVSS score of 9.1. DNN (formerl ... Read more
-
Daily CyberSecurity
Cisco Uncovers New PlugX Backdoor Linked to Chinese APTs
Researchers at Cisco Talos have uncovered a long-running espionage campaign active since 2022, targeting the telecommunications and manufacturing sectors across Central and South Asia. The campaign re ... Read more
-
Daily CyberSecurity
Google Chrome Patches Three High-Severity Flaws in V8 Engine
Google has released a Stable Channel Update for Desktop with builds 140.0.7339.207/.208 for Windows and Mac and 140.0.7339.207 for Linux. The update, rolling out over the coming days and weeks, addres ... Read more