CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Firewalls and VPNs are so complex now, they can actually make you less secure
Organizations using Cisco and Citrix VPN devices were nearly seven times as likely to suffer a ransomware infection over a 15-month period, according to At-Bay, a provider of cyber insurance and a ven ...
-
The Cyber Express
CISA Warns that DELMIA Apriso Vulnerabilities Are Under Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two DELMIA Apriso vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Today’s addition of CVE-2025-6204 and ...
-
BleepingComputer
CISA warns of two more actively exploited Dassault vulnerabilities
The Cybersecurity & Infrastructure Security Agency (CISA) warned today that attackers are actively exploiting two vulnerabilities in Dassault Systèmes' DELMIA Apriso, a manufacturing operations manage ...
-
Help Net Security
PoC code drops for remotely exploitable BIND 9 DNS flaw (CVE-2025-40778)
A high-severity vulnerability (CVE-2025-40778) affecting BIND 9 DNS resolvers could be leveraged by remote, unauthenticated attackers to manipulate DNS entries via cache poisoning, allowing them to re ...
-
TheCyberThrone
Google Chrome Zero-Day Delivers Memento Spyware
October 28, 2025A zero-day vulnerability in Google Chrome, CVE-2025-2783, was actively exploited in early 2025 by attackers using spyware linked to Memento Labs (formerly Hacking Team), a notorious It ...
-
CybersecurityNews
XWiki RCE Vulnerability Actively Exploted In Wild To Deliver Coinminer
A critical remote code execution (RCE) flaw in XWiki, a popular open-source wiki platform, was exploited in the wild to deploy cryptocurrency mining malware on compromised servers. The vulnerability, ...
-
Help Net Security
Italian-made spyware Dante linked to Chrome zero-day exploitation campaign
CVE-2025-2783, a Chrome zero-day vulnerability that was detected being exploited in March 2025 and was subsequently fixed by Google, was used by unknown attackers to deliver LeetAgent, suspected comme ...
-
CybersecurityNews
Open-Source Firewall IPFire 2.29 With New Reporting For Intrusion Prevention System
IPFire 2.29 Core Update 198 marks a significant advancement for users of this open-source firewall, introducing enhanced Intrusion Prevention System (IPS) capabilities powered by Suricata 8.0.1. This ...
-
CybersecurityNews
Critical .NET Vulnerability Lets Attacker Bypass Security in QNAP Backup Software
Microsoft has unveiled a critical vulnerability in ASP.NET Core that could enable attackers to sidestep essential security measures. Disclosed on October 24, 2025, under CVE-2025-55315, this flaw stem ...
-
The Cyber Express
Critical Flaw CVE-2025-55315 Exposes QNAP NetBak PC Agent to Security Bypass Attacks
A critical vulnerability, tracked as CVE-2025-55315, has been identified in QNAP’s NetBak PC Agent, stemming from a flaw within Microsoft’s ASP.NET Core framework. The issue allows attackers to exploi ...