CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
SAP Security Update – Patch for Critical Vulnerabilities Allowing Code Execution and Injection Attacks
SAP released its monthly Security Patch Day updates, addressing 18 new security notes and providing two updates to existing ones, focusing on vulnerabilities that could enable remote code execution an ...
-
Daily CyberSecurity
Critical Synology BeeStation Zero-Day (CVE-2025-12686) Found at Pwn2Own Allows Remote Code Execution
Synology has released an urgent security update for its BeeStation OS, patching a zero-day vulnerability (CVE-2025-12686) that was successfully exploited by researchers during the Pwn2Own Ireland 2025 ...
-
CybersecurityNews
Hackers Exploiting Triofox 0-Day Vulnerability to Execute Malicious Payload Abusing Anti-Virus Feature
Google Mandiant has disclosed active exploitation of CVE-2025-12480, a critical unauthenticated access vulnerability in Gladinet’s Triofox file-sharing platform. The threat cluster tracked as UNC6485 ...
-
The Cyber Express
Researchers Uncover Critical runC Bugs Allowing Full Container Escape
Security researchers have revealed three serious vulnerabilities in runC, the Open Container Initiative (OCI)-compliant runtime that powers platforms such as Docker and Kubernetes, which could allow a ...
-
CybersecurityNews
CISA Warns of Samsung Mobile Devices 0-Day RCE Vulnerability Exploited in Attacks
CISA has added a critical zero-day vulnerability affecting Samsung mobile devices to its Known Exploited Vulnerabilities catalog. Warning that threat actors are actively exploiting the flaw in real-wo ...
-
CybersecurityNews
Threat Actors Leverage RMM Tools to Deploy Medusa & DragonForce Ransomware
A sophisticated wave of ransomware attacks targeting UK organizations has emerged in 2025, exploiting vulnerabilities in the widely-used SimpleHelp Remote Monitoring and Management platform. Two promi ...
-
TheCyberThrone
Samsung Galaxy Zero-Day CVE-2025-21042 Exploited by LANDFALL Spyware
In recent months, a critical zero-day vulnerability identified as CVE-2025-21042 has been actively exploited on Samsung Galaxy devices, posing a significant security risk to users worldwide. This flaw ...
-
Daily CyberSecurity
Critical Triofox Zero-Day (CVE-2025-12480) Under Active Exploit: Host Header Bypass Allows Unauthenticated Admin Takeover
CVE-2025-12480 exploitation chain | Image: Mandiant Threat Defense Researchers at Mandiant Threat Defense, part of Google Cloud Security Operations, have revealed that a critical unauthenticated acces ...
-
Daily CyberSecurity
SuiteCRM SQL Injection Flaws (CVE-2025-64492, CVE-2025-64493) Expose Customer Data
The maintainers of SuiteCRM, the popular open-source customer relationship management (CRM) platform, have released an urgent security update addressing two significant SQL injection vulnerabilities t ...
-
Daily CyberSecurity
Critical Devolutions Server Flaw (CVE-2025-12485, CVSS 9.4) Allows User Impersonation via Pre-MFA Cookie Hijacking
Devolutions, a leading provider of privileged access management (PAM) and remote connection solutions, has released an urgent security advisory addressing two serious vulnerabilities in its Devolution ...