CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CrowdStrike.com
MURKY PANDA: A Trusted-Relationship Threat in the Cloud
Since late 2024, CrowdStrike Counter Adversary Operations has observed significant activity conducted by MURKY PANDA, a China-nexus adversary that has targeted government, technology, academic, legal, ... Read more
-
CrowdStrike.com
August 2025 Patch Tuesday: One Publicly Disclosed Zero-Day and 13 Critical Vulnerabilities Among 107 CVEs
Microsoft has addressed 107 vulnerabilities in its August 2025 security update release. This month's patches include fixes for one publicly disclosed zero-day vulnerability and 13 Critical vulnerabili ... Read more
-
TheCyberThrone
CVE-2018-0171 Years old Cisco Bug exploited
August 21, 2025The CVE-2018-0171 vulnerability is a critical security flaw in Cisco IOS and IOS XE software, specifically affecting the Smart Install feature, which is designed for easy deployment of ... Read more
-
The Hacker News
Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks
Aug 21, 2025Ravie LakshmananVulnerability / Software Security Commvault has released updates to address four security gaps that could be exploited to achieve remote code execution on susceptible ins ... Read more
-
CrowdStrike.com
August 2025 Patch Tuesday: One Publicly Disclosed Zero-Day and 13 Critical Vulnerabilities Among 107 CVEs
Microsoft has addressed 107 vulnerabilities in its August 2025 security update release. This month's patches include fixes for one publicly disclosed zero-day vulnerability and 13 Critical vulnerabili ... Read more
-
CybersecurityNews
Threat Actors Gaining Access to Victims’ Machines and Monetizing Access to Their Bandwidth
A stealthy campaign emerged in early March 2025 that capitalized on a critical remote code execution flaw in GeoServer (CVE-2024-36401) to compromise publicly exposed geospatial servers. Attackers exp ... Read more
-
Help Net Security
Russian threat actors using old Cisco bug to target critical infrastructure orgs
A threat group linked to the Russian Federal Security Service’s (FSB) Center 16 unit has been compromising unpatched and end-of-life Cisco networking devices via an old vulnerability (CVE-2018-0171), ... Read more
-
CrowdStrike.com
August 2025 Patch Tuesday: One Publicly Disclosed Zero-Day and 13 Critical Vulnerabilities Among 107 CVEs
Microsoft has addressed 107 vulnerabilities in its August 2025 security update release. This month's patches include fixes for one publicly disclosed zero-day vulnerability and 13 Critical vulnerabili ... Read more
-
CybersecurityNews
Mozilla High Severity Vulnerabilities Enables Remote Code Execution
Mozilla has released Firefox 142 to address multiple high-severity security vulnerabilities that could allow attackers to execute arbitrary code remotely on affected systems. The security advisory, pu ... Read more
-
CybersecurityNews
New QUIC-LEAK Vulnerability Let Attackers Exhaust Server Memory and Trigger DoS Attack
A critical pre-handshake vulnerability in the LSQUIC QUIC implementation that allows remote attackers to crash servers through memory exhaustion attacks. The vulnerability, designated CVE-2025-54939 a ... Read more