CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
cert.pl
Vulnerability in Request Tracker software
Vulnerability in Request Tracker software CVE ID CVE-2025-9158 Publication date 24 October 2025 Vendor Best Practical Product Request Tracker Vulnerable versions From 5.0.4 through 5.0.8 and from 6.0. ...
-
CybersecurityNews
Bitter APT Hackers Exploit WinRAR Zero-Day Via Weaponized Word Documents to Steal Sensitive Data
The Bitter APT group, also tracked as APT-Q-37 and known in China as 蔓灵花, has launched a sophisticated cyberespionage campaign targeting government agencies, military installations, and critical infra ...
-
Huntress
Exploitation of Windows Server Update Services Remote Code Execution Vulnerability (CVE-2025-59287)
Acknowledgments: Special thanks to Luke Wilkinson, Joshua Kiriakoff, and Jordan Sexton for their contributions to this investigation and writeup.TL;DR: Huntress has observed threat actors exploiting a ...
-
Daily CyberSecurity
Warlock Ransomware Hits US Firms Exploiting SharePoint Zero-Day, Linked to China’s CamoFei APT
Researchers from Symantec and Carbon Black have published a detailed analysis of Warlock ransomware, a newly emerging threat that made its debut in June 2025 and rapidly gained notoriety after being d ...
-
Daily CyberSecurity
PhantomCaptcha Spyware Targets Ukraine NGOs with Fake Cloudflare Lure to Deploy WebSocket RAT
Researchers from SentinelLABS, in collaboration with the Digital Security Lab of Ukraine, have exposed a coordinated spearphishing campaign aimed at humanitarian organizations and regional government ...
-
hackread.com
Medusa Ransomware Leaks 834 GB of Comcast Data After $1.2M Demand
The Medusa ransomware group has leaked 186.36 GB of compressed data it claimed to have stolen from Comcast Corporation, a global media and technology company. According to Hackread.com’s earlier repor ...
-
The Register
Norks droning on about your dream job while pwning your PC
North Korea's Lazarus Group has successfully compromised Europe's unmanned aerial vehicle (UAV) sector with its Operation DreamJob campaign, which promises job seekers lucrative employment opportuniti ...
-
BleepingComputer
CISA warns of Lanscope Endpoint Manager flaw exploited in attacks
The Cybersecurity & Infrastructure Security Agency (CISA) is warning that hackers are exploiting a critical vulnerability in the Motex Landscope Endpoint Manager. The flaw is tracked as CVE-2025-61932 ...
-
The Register
Microsoft suggests temporary registry hack for stricken smart card users
Microsoft accidentally broke several things in the October 2025 Windows Update, but smart card authentication was not one of them. That was intentionally broken, and the temporary workaround requires ...
-
Help Net Security
Lanscope Endpoint Manager vulnerability exploited in zero-day attacks (CVE-2025-61932)
CVE-2025-61932, an “improper verification of source of a communication channel” vulnerability affecting Lanscope Endpoint Manager, has been exploited as a zero-day since April 2025, the Japan Computer ...