CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Google Cloud
Sanctioned but Still Spying: Intellexa’s Prolific Zero-Day Exploits Continue
Introduction Despite extensive scrutiny and public reporting, commercial surveillance vendors continue to operate unimpeded. A prominent name continues to surface in the world of mercenary spyware, In ...
-
BleepingComputer
University of Phoenix discloses data breach after Oracle hack
The University of Phoenix (UoPX) has joined a growing list of U.S. universities breached in a Clop data theft campaign targeting vulnerable Oracle E-Business Suite instances in August 2025. Founded in ...
-
CybersecurityNews
CISA Warns of Android 0-Day Vulnerability Exploited in Attacks
CISA has added two critical Android Framework vulnerabilities to its Known Exploited Vulnerabilities catalog, signaling active exploitation in the wild. The vulnerabilities affect the Android OS and p ...
-
security.nl
'Microsoft heeft LNK-kwetsbaarheid in Windows stilletjes gepatcht'
Microsoft heeft stilletjes een LNK-kwetsbaarheid in Windows gepatcht waar aanvallers actief misbruik van maken, zo stelt securitybedrijf Acros Security. In eerste instantie had Microsoft nog aangegeve ...
-
CybersecurityNews
Critical Elementor Plugin Vulnerability Let Attackers Takeover WordPress Site Admin Control
A critical security flaw in the popular “King Addons for Elementor” WordPress plugin has left thousands of websites at risk of complete takeover, security researchers have warned. The vulnerability, t ...
-
Kaspersky
Exploits and vulnerabilities in Q3 2025
In the third quarter, attackers continued to exploit security flaws in WinRAR, while the total number of registered vulnerabilities grew again. In this report, we examine statistics on published vulne ...
-
CybersecurityNews
Angular Platform Vulnerability Allows Malicious Code Execution Via Weaponized SVG Animation Files
A critical Stored XSS vulnerability in Angular’s template compiler (CVE-2025-66412) allows attackers to execute arbitrary code by weaponizing SVG animation attributes. Bypassing Angular’s built-in sec ...
-
CybersecurityNews
Critical Elementor Plugin Vulnerability Let Attackers Takeover WordPress Site Admin Control
A serious vulnerability has been discovered in the King Addons for Elementor WordPress plugin, affecting more than 10,000 active installations worldwide. The flaw allows unauthenticated attackers to g ...
-
CybersecurityNews
CISA Warns of Iskra iHUB Vulnerability Allowing Remote Device Reconfiguration
A critical warning regarding a severe authentication vulnerability affecting Iskra’s iHUB and iHUB Lite intelligent metering gateways used in energy infrastructure worldwide. The flaw, tracked as CVE- ...
-
security.nl
Tienduizenden WordPress-sites kwetsbaar door kritiek RCE-lek in plug-in
Tienduizenden WordPress-sites lopen door de aanwezigheid van een kritiek beveiligingslek in een gebruikte plug-in het risico om door aanvallers op afstand te worden overgenomen. Een beveiligingsupdate ...