CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
Critical Vulnerability in Rasa Framework Enables Remote Code Execution (CVE-2024-49375)
A critical-severity vulnerability (CVE-2024-49375) has been identified in the popular open-source Rasa framework. This flaw, which carries a CVSS score of 9.1, allows attackers to achieve Remote Code ... Read more
-
Cybersecurity News
CVE-2025-23042 (CVSS 9.1): Gradio Patches Critical ACL Bypass Flaw in Popular Machine Learning Platform
Gradio, a popular open-source Python library for creating machine learning demos and web applications, has recently patched a high-severity vulnerability. Identified as CVE-2025-23042 and carrying a C ... Read more
-
Cybersecurity News
CVE-2024-9042: Code Execution Vulnerability Found in Kubernetes Windows Nodes
A recently discovered security vulnerability, CVE-2024-9042, poses a significant risk to Kubernetes clusters running Windows worker nodes. Rated Medium with a CVSS v3.1 score of 5.9, the flaw enables ... Read more
-
Cybersecurity News
CVE-2024-7344: Howyar Reloader Vulnerability Exposes UEFI Systems to Unsigned Software Threats
A recent vulnerability note from CERT/CC has exposed a significant security flaw in the Howyar Reloader UEFI bootloader, distributed as part of SysReturn prior to version 10.2.02320240919. Identified ... Read more
-
Cybersecurity News
13,000 MikroTik Routers Hijacked for Global Malspam Operation
A recent report from Infoblox Threat Intel highlights a sophisticated botnet operation leveraging a simple DNS misconfiguration to distribute malware on a massive scale. This botnet, built on approxim ... Read more
-
Cybersecurity News
CVE-2025-20055 (CVSS 9.8): Critical Vulnerability Threatens STEALTHONE Storage
JPCERT/CC has issued a warning regarding multiple vulnerabilities affecting STEALTHONE D220, D340, and D440 network storage servers, urging users to update their firmware immediately.These vulnerabili ... Read more
-
Cybersecurity News
CVE-2024-12365: Popular WordPress Caching Plugin Exposes Millions of Sites to Attack
Over a million WordPress websites are at risk due to a high-severity vulnerability discovered in the popular W3 Total Cache plugin.W3 Total Cache, a plugin used to boost website performance and improv ... Read more
-
Cybersecurity News
Unveiling Zero-Day Behavior in PDF Samples: The Risk of NTLM Information Leaks
In a recent revelation, EXPMON has reported a previously unknown “zero-day behavior” in certain PDF samples, leading to the potential leakage of local (net)NTLM information. While not a zero-day attac ... Read more
-
Cybersecurity News
Veeam Releases Patch for High-Risk SSRF Vulnerability CVE-2025-23082 in Azure Backup Solution
Veeam, a prominent player in data management and backup solutions, has recently disclosed a critical vulnerability in its Veeam Backup for Microsoft Azure product. Identified as CVE-2025-23082, this S ... Read more
-
DoublePulsar
2022 zero day was used to raid Fortigate firewall configs. Somebody just released them.
Back in 2022, Fortinet warned that somebody had a zero day vulnerability and was using it to exploit Fortigate firewalls https://www.fortinet.com/blog/psirt-blogs/update-regarding-cve-2022-40684Today, ... Read more