CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CrowdStrike.com
From Domain User to SYSTEM: Analyzing the NTLM LDAP Authentication Bypass Vulnerability (CVE-2025-54918)
In September 2025, a critical vulnerability (CVE-2025-54918) was discovered affecting domain controllers running LDAP or LDAPS services. This vulnerability allows attackers to elevate privileges from ... Read more
-
CybersecurityNews
Windows Cloud Files Mini Filter Driver Vulnerability Exploited to Escalate Privileges
A privilege escalation flaw in Windows Cloud Files Mini Filter Driver has been discovered, allowing local attackers to bypass file write protections and inject malicious code into system processes. Se ... Read more
-
CybersecurityNews
AI Engine WordPress Plugin Exposes 100,000 WordPress Sites to Privilege Escalation Attacks
A critical security vulnerability in the AI Engine WordPress plugin has put more than 100,000 active installations at risk of privilege escalation attacks. The flaw, tracked as CVE-2025-11749 with a C ... Read more
-
hackread.com
Severe React Native Flaw Exposes Developer Systems to Remote Attacks
Security researchers at JFrog, a company specialising in software supply chain protection, recently found a severe security problem in a key part of the React Native mobile app development framework. ... Read more
-
The Register
AMD red-faced over random-number bug that kills cryptographic security
AMD will issue a microcode patch for a high-severity vulnerability that could weaken cryptographic keys across Epyc and Ryzen CPUs. The flaw, tracked as CVE-2025-62626 (7.2), affects Zen 5 chips with ... Read more
-
Help Net Security
Critical Control Web Panel vulnerability is actively exploited (CVE-2025-48703)
On Tuesday, CISA added two vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2025-11371, which affects Gladinet’s CentreStack and Triofox file-sharing and remote access platforms, an ... Read more
-
The Cyber Express
Balancer Hack Exposes $116 Million Smart Contract Vulnerability
Balancer V2, one of the most prominent automated market makers (AMMs), has suffered a large-scale security incident. The Balancer data breach exposed a critical Balancer vulnerability within its smart ... Read more
-
CybersecurityNews
CISA Warns of Control Web Panel OS Command Injection Vulnerability Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding a dangerous OS command injection vulnerability affecting Control Web Panel (CWP), formerly known as ... Read more
-
CrowdStrike.com
From Domain User to SYSTEM: Analyzing the NTLM LDAP Authentication Bypass Vulnerability (CVE-2025-54918)
In September 2025, a critical vulnerability (CVE-2025-54918) was discovered affecting domain controllers running LDAP or LDAPS services. This vulnerability allows attackers to elevate privileges from ... Read more
-
hackread.com
Microsoft Teams Flaws Allowed Attackers to Fake Identities, Rewrite Chats
Microsoft Teams, the communication platform used by hundreds of millions worldwide, has been found to contain serious security vulnerabilities that could have let attackers impersonate executives, alt ... Read more