CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Hackers Weaponizing Calendar Files as New Attack Vector Bypassing Traditional Email Defenses
A surge in attacks exploiting iCalendar (.ics) files as a sophisticated threat vector that bypasses traditional email security defenses. These attacks leverage the trusted, plain-text nature of calend ...
-
security.nl
Antivirusfunctionaliteit in Gladinet Triofox uitgebuit voor installeren van malware
Google's Mandiant Threat Defense waarschuwt voor een actief uitgebuit lek (CVE-2025-12480) in Gladinet’s Triofox-platform voor bestandsdeling en toegang op afstand. Het gaat om een kritieke kwetsbaa ...
-
CybersecurityNews
Zoom Workplace for Windows Vulnerability Allow Users to Escalate Privilege
A security vulnerability has been discovered in Zoom Workplace VDI Client for Windows that could allow attackers to gain elevated privileges on affected systems. The flaw, tracked as CVE-2025-64740, h ...
-
CybersecurityNews
Devolutions Server Vulnerability Let Attackers Impersonate Users Using Pre-MFA Cookie
A critical vulnerability in Devolutions Server could allow attackers with low-level access to impersonate other user accounts by exploiting how the application handles authentication cookies before mu ...
-
Help Net Security
Attackers exploited another Gladinet Triofox zero-day (CVE-2025-12480)
Attackers have exploited a now-fixed vulnerability (CVE-2025-12480) in the Gladinet Triofox secure file sharing and remote access platform while it was still a zero-day, Mandiant revealed on Monday. C ...
-
security.nl
Kritiek lek in Samsung Galaxy-smartphones toegevoegd aan KEV-database CISA
Het Amerikaanse Cybersecurity & Infrastructure Security Agency (CISA) heeft een kwetsbaarheid in Samsung Galaxy-smartphones toegevoegd aan de Known Exploited Vulnerabilities (KEV)-database met kwetsba ...
-
The Register
Hitachi-owned GlobalLogic admits data stolen on 10k current and former staff
Digital engineering outfit GlobalLogic says personal data from more than 10,000 current and former employees was exposed in the wave of Oracle E-Business Suite (EBS) attacks attributed to the Clop ran ...
-
CybersecurityNews
WatchGuard Firebox Firewall Vulnerability Let Attackers Gain Unauthorized SSH Access
A critical vulnerability in WatchGuard Firebox firewalls could allow attackers to gain complete administrative access to the devices without any authentication. The flaw, tracked as CVE-2025-59396, st ...
-
CybersecurityNews
Zoom Vulnerabilities Let Attackers Bypass Access Controls to Access Session Data
Zoom has issued multiple security bulletins detailing patches for several vulnerabilities affecting its Workplace applications. The disclosures, published today, highlight two high-severity issues alo ...
-
Daily CyberSecurity
SAP November 2025 Patch Day Fixes 3 Critical Flaws (CVSS 10) — Including Code Injection and Insecure Key Management
Today, SAP released its latest batch of Security Patch Day updates, delivering 18 new security notes and two updates to previously released ones. Among them, three critical vulnerabilities stand out — ...