CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
“VM Isolation is Not Absolute”: Researchers Unmask Sophisticated ESXi “Maestro” Exploit
In a new report, the Huntress Tactical Response Team details a sophisticated intrusion discovered in December 2025 where threat actors successfully executed a “VM escape”—breaking out of a guest virtu ...
-
Daily CyberSecurity
GoBruteforcer Returns: How AI Code Snippets Fueled a 50,000-Server Botnet
A sophisticated new variant of the GoBruteforcer botnet is on the loose, and it’s capitalizing on a thoroughly modern problem: the “mass reuse of AI-generated server deployment examples” that leave th ...
-
CybersecurityNews
Hackers Exploiting VMware ESXi Instances in the Wild Using zero-day Exploit Toolkit
Hackers are exploiting VMware ESXi instances in the wild with a zero-day exploit toolkit that chains multiple vulnerabilities for VM escapes. Cybersecurity firm Huntress disrupted one such attack, att ...
-
Daily CyberSecurity
CVE-2025-67859: Critical Auth Bypass Discovered in Popular Linux Battery Utility
A critical security flaw has been unearthed in TLP, the widely used power management utility for Linux laptops, potentially allowing unauthorized users to bypass authentication checks and tamper with ...
-
Daily CyberSecurity
CrazyHunter: The “Ruthless” Ransomware Stalking Healthcare
The victimology page from the CrazyHunter site A new, highly aggressive ransomware strain is cutting a swath through the healthcare sector, leaving hospitals and critical organizations scrambling to p ...
-
Daily CyberSecurity
GitLab Patch: High-Severity XSS & AI Flaws Expose User Data
GitLab has issued a critical security release for its Community Edition (CE) and Enterprise Edition (EE) platforms, patching a raft of vulnerabilities that range from high-severity Cross-Site Scriptin ...
-
TheCyberThrone
Critical RCE in Veeam Backup & Replication: CVE-2025-59470
January 8, 2026Critical remote code execution vulnerability CVE-2025-59470 affects Veeam Backup & Replication, allowing authenticated Backup or Tape Operators to execute code as the postgres user thro ...
-
Daily CyberSecurity
One Request to Rule Them All: Critical Trendnet Flaw (CVE-2025-15471) Allows Total Takeover
A critical pre-authentication command injection vulnerability has been uncovered in the Trendnet TEW-713RE Wi-Fi extender, allowing remote attackers to seize full control of the device with a single H ...
-
Daily CyberSecurity
CVE-2025-60262: Critical Misconfiguration in H3C Wireless Gear Hands Control to Hackers
A glaring configuration oversight in select H3C wireless controllers and access points has opened the door for remote attackers to seize root-level control of the devices. The vulnerability, tracked a ...
-
BleepingComputer
Critical jsPDF flaw lets hackers steal secrets via generated PDFs
The jsPDF library for generating PDF documents in JavaScript applications is vulnerable to a critical vulnerability that allows an attacker to steal sensitive data from the local filesystem by includi ...