CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
security.nl
Libraesva dicht actief aangevallen kwetsbaarheid in Email Security Gateway
Aanbieder van e-mailoplossingen Libraesva heeft een beveiligingsupdate uitgebracht voor een actief aangevallen kwetsbaarheid in de Email Security Gateway (ESG) die het biedt. Volgens het bedrijf is he ... Read more
-
The Hacker News
Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials
Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services (AW ... Read more
-
CrowdStrike.com
September 2025 Patch Tuesday: Two Publicly Disclosed Zero-Days and Eight Critical Vulnerabilities Among 84 CVEs
Microsoft has addressed 84 vulnerabilities in its September 2025 security update release. This month's patches address two publicly disclosed zero-day vulnerabilities and eight Critical vulnerabilitie ... Read more
-
The Hacker News
State-Sponsored Hackers Exploiting Libraesva Email Security Gateway Vulnerability
Sep 24, 2025Ravie LakshmananVulnerability / Email Security Libraesva has released a security update to address a vulnerability in its Email Security Gateway (ESG) solution that it said has been expl ... Read more
-
CybersecurityNews
CISA Details That Hackers Gained Access to a U.S. Federal Agency Network Via GeoServer RCE Vulnerability
CISA has released a comprehensive cybersecurity advisory detailing how threat actors successfully compromised a U.S. federal civilian executive branch agency’s network by exploiting CVE-2024-36401, a ... Read more
-
CrowdStrike.com
September 2025 Patch Tuesday: Two Publicly Disclosed Zero-Days and Eight Critical Vulnerabilities Among 84 CVEs
Microsoft has addressed 84 vulnerabilities in its September 2025 security update release. This month's patches address two publicly disclosed zero-day vulnerabilities and eight Critical vulnerabilitie ... Read more
-
Daily CyberSecurity
CISA adds Chrome zero-day CVE-2025-10585 to KEV after public exploit appears
CISA this week added CVE-2025-10585, a high-severity type-confusion flaw in Google’s V8 JavaScript engine, to its Known Exploited Vulnerabilities catalog after evidence of active exploitation was obse ... Read more
-
Daily CyberSecurity
OpenSSF Warns: Open Source Software Is Not a Free Service
The Open Source Security Foundation (OpenSSF), together with several prominent open-source and software foundations, has issued a joint statement declaring that it can no longer serve as the unpaid ga ... Read more
-
Daily CyberSecurity
CVE-2025-9844: Salesforce CLI Installer Vulnerability Could Lead to SYSTEM-Level Compromise
Salesforce has published a security advisory detailing a high-severity flaw in its Salesforce-CLI installer (sf-x64.exe). The vulnerability, tracked as CVE-2025-9844 with a CVSS score of 8.8, could al ... Read more
-
Daily CyberSecurity
CVE-2025-10184: Unpatched OnePlus Flaw Exposes SMS Data & Breaks MFA, PoC Available
Researchers at Rapid7 have disclosed a critical permission bypass vulnerability in OnePlus OxygenOS, tracked as CVE-2025-10184. The flaw allows any installed application on affected devices to read SM ... Read more