CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
Microsoft Patches Outlook Zero-Click: CVE-2025-21298 Exploits RCE via Emails
Microsoft has addressed a critical vulnerability (CVE-2025-21298) in its latest 2025 Patch Tuesday update. This flaw, rated with a CVSS score of 9.8, allows attackers to achieve remote code execution ... Read more
-
Cybersecurity News
ECOVACS Patches Critical WiFi RCE Vulnerability CVE-2024-42911 in Deebot Robot Vacuums
ECOVACS Robotics has addressed a critical remote code execution (RCE) vulnerability affecting its Deebot series robot vacuums. The vulnerability, identified as CVE-2024-42911, could allow attackers to ... Read more
-
Cybersecurity News
Critical Vulnerability in Rasa Framework Enables Remote Code Execution (CVE-2024-49375)
A critical-severity vulnerability (CVE-2024-49375) has been identified in the popular open-source Rasa framework. This flaw, which carries a CVSS score of 9.1, allows attackers to achieve Remote Code ... Read more
-
Cybersecurity News
CVE-2025-23042 (CVSS 9.1): Gradio Patches Critical ACL Bypass Flaw in Popular Machine Learning Platform
Gradio, a popular open-source Python library for creating machine learning demos and web applications, has recently patched a high-severity vulnerability. Identified as CVE-2025-23042 and carrying a C ... Read more
-
Cybersecurity News
CVE-2024-9042: Code Execution Vulnerability Found in Kubernetes Windows Nodes
A recently discovered security vulnerability, CVE-2024-9042, poses a significant risk to Kubernetes clusters running Windows worker nodes. Rated Medium with a CVSS v3.1 score of 5.9, the flaw enables ... Read more
-
Cybersecurity News
CVE-2024-7344: Howyar Reloader Vulnerability Exposes UEFI Systems to Unsigned Software Threats
A recent vulnerability note from CERT/CC has exposed a significant security flaw in the Howyar Reloader UEFI bootloader, distributed as part of SysReturn prior to version 10.2.02320240919. Identified ... Read more
-
Cybersecurity News
13,000 MikroTik Routers Hijacked for Global Malspam Operation
A recent report from Infoblox Threat Intel highlights a sophisticated botnet operation leveraging a simple DNS misconfiguration to distribute malware on a massive scale. This botnet, built on approxim ... Read more
-
Cybersecurity News
CVE-2025-20055 (CVSS 9.8): Critical Vulnerability Threatens STEALTHONE Storage
JPCERT/CC has issued a warning regarding multiple vulnerabilities affecting STEALTHONE D220, D340, and D440 network storage servers, urging users to update their firmware immediately.These vulnerabili ... Read more
-
Cybersecurity News
CVE-2024-12365: Popular WordPress Caching Plugin Exposes Millions of Sites to Attack
Over a million WordPress websites are at risk due to a high-severity vulnerability discovered in the popular W3 Total Cache plugin.W3 Total Cache, a plugin used to boost website performance and improv ... Read more
-
Cybersecurity News
Unveiling Zero-Day Behavior in PDF Samples: The Risk of NTLM Information Leaks
In a recent revelation, EXPMON has reported a previously unknown “zero-day behavior” in certain PDF samples, leading to the potential leakage of local (net)NTLM information. While not a zero-day attac ... Read more