CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Critical ASUS DSL Router Flaw (CVE-2025-59367, CVSS 9.3) Allows Unauthenticated Remote Access
ASUS has released an urgent security advisory addressing a critical authentication bypass vulnerability affecting several models in its DSL Series Router lineup. The flaw, tracked as CVE-2025-59367 wi ... Read more
-
seclists.org
Re: [FD] : "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Full Disclosure mailing list archives From: Patrick via Fulldisclosure <fulldisclosure () seclists org> Date: Fri, 07 Nov 2025 15:27:43 +0000 Hello Jan, You are completely right and it’s something I w ... Read more
-
seclists.org
APPLE-SA-11-13-2025-1 Compressor 4.11.1
Full Disclosure mailing list archives From: Apple Product Security via Fulldisclosure <fulldisclosure () seclists org> Date: Thu, 13 Nov 2025 12:57:50 -0800 -----BEGIN PGP SIGNED MESSAGE----- Hash: SH ... Read more
-
seclists.org
Re: 83 vulnerabilities in Vasion Print / PrinterLogic
Full Disclosure mailing list archives From: Pierre Kim <pierre.kim.sec () gmail com> Date: Tue, 11 Nov 2025 10:28:50 -0500 Hello, VulnCheck has assigned the following CVEs to the previously disclosed ... Read more
-
Daily CyberSecurity
High-Severity NVIDIA NeMo Framework Flaws Allow Code Injection and Privilege Escalation in AI Pipelines
NVIDIA has released an important security update for its NeMo Framework, addressing two high-severity vulnerabilities that expose AI developers and machine-learning pipelines to risks including arbitr ... Read more
-
Daily CyberSecurity
Amazon Exposes Advanced APT Exploiting Cisco ISE (RCE) and Citrix Bleed Two as Simultaneous Zero-Days
The Amazon Threat Intelligence team has uncovered a highly sophisticated threat campaign exploiting multiple zero-day vulnerabilities in Cisco Identity Services Engine (ISE) and Citrix systems, demons ... Read more
-
Daily CyberSecurity
Critical Zoho Analytics Plus Flaw (CVE-2025-8324, CVSS 9.8) Allows Unauthenticated SQL Injection and Data Takeover
Zoho Corporation has released an urgent security advisory addressing a critical severity SQL injection vulnerability affecting Analytics Plus on-premise installations. Tracked as CVE-2025-8324 with a ... Read more
-
CrowdStrike.com
From Domain User to SYSTEM: Analyzing the NTLM LDAP Authentication Bypass Vulnerability (CVE-2025-54918)
In September 2025, a critical vulnerability (CVE-2025-54918) was discovered affecting domain controllers running LDAP or LDAPS services. This vulnerability allows attackers to elevate privileges from ... Read more
-
CrowdStrike.com
CrowdStrike Named Overall Leader in 2025 KuppingerCole ITDR Leadership Compass
KuppingerCole recognizes CrowdStrike as the Overall Leader, achieving the top position in every evaluated category in its 2025 identity security report. CrowdStrike has been named the Overall Leader i ... Read more
-
CrowdStrike.com
November 2025 Patch Tuesday: One Zero-Day and Five Critical Vulnerabilities Among 63 CVEs
Microsoft has addressed 63 vulnerabilities in its November 2025 security update release, almost one third from October's record-breaking 172 patches. This month's updates address one actively exploite ... Read more