CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Cyber Express
SessionReaper Exploits Erupt as Magento Sites Lag on Patching
Six weeks after Adobe shipped an emergency fix, attackers have begun weaponizing SessionReaper — and most Magento stores still stand exposed. Security firm Sansec’s forensics team said it blocked hund ...
-
CybersecurityNews
Microsoft Releases Emergency Patch For Windows Server Update Service RCE Vulnerability
Microsoft has rolled out an out-of-band emergency patch for a remote code execution (RCE) vulnerability affecting the Windows Server Update Services (WSUS). Identified as CVE-2025-59287, the issue ste ...
-
BleepingComputer
Windows Server emergency patches fix WSUS bug with PoC exploit
Microsoft has released out-of-band (OOB) security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with publicly available proof-of-concept exploit code. WSUS is ...
-
security.nl
WordPress-sites aangevallen via kritiek beveiligingslek in plug-ins
WordPress-sites zijn het doelwit van een aanval waarbij misbruik wordt gemaakt van kritieke kwetsbaarheden in twee plug-ins genaamd GutenKit en Hunk Companion. Via de beveiligingslekken kan een ongeau ...
-
cert.pl
Vulnerability in Request Tracker software
Vulnerability in Request Tracker software CVE ID CVE-2025-9158 Publication date 24 October 2025 Vendor Best Practical Product Request Tracker Vulnerable versions From 5.0.4 through 5.0.8 and from 6.0. ...
-
CybersecurityNews
Bitter APT Hackers Exploit WinRAR Zero-Day Via Weaponized Word Documents to Steal Sensitive Data
The Bitter APT group, also tracked as APT-Q-37 and known in China as 蔓灵花, has launched a sophisticated cyberespionage campaign targeting government agencies, military installations, and critical infra ...
-
Huntress
Exploitation of Windows Server Update Services Remote Code Execution Vulnerability (CVE-2025-59287)
Acknowledgments: Special thanks to Luke Wilkinson, Joshua Kiriakoff, and Jordan Sexton for their contributions to this investigation and writeup.TL;DR: Huntress has observed threat actors exploiting a ...
-
Daily CyberSecurity
Warlock Ransomware Hits US Firms Exploiting SharePoint Zero-Day, Linked to China’s CamoFei APT
Researchers from Symantec and Carbon Black have published a detailed analysis of Warlock ransomware, a newly emerging threat that made its debut in June 2025 and rapidly gained notoriety after being d ...
-
Daily CyberSecurity
PhantomCaptcha Spyware Targets Ukraine NGOs with Fake Cloudflare Lure to Deploy WebSocket RAT
Researchers from SentinelLABS, in collaboration with the Digital Security Lab of Ukraine, have exposed a coordinated spearphishing campaign aimed at humanitarian organizations and regional government ...
-
hackread.com
Medusa Ransomware Leaks 834 GB of Comcast Data After $1.2M Demand
The Medusa ransomware group has leaked 186.36 GB of compressed data it claimed to have stolen from Comcast Corporation, a global media and technology company. According to Hackread.com’s earlier repor ...