CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
PoC Exploit Tool Released for FortiWeb WAF Vulnerability Exploited in the Wild
A proof-of-concept (PoC) exploit tool for CVE-2025-64446 has been publicly released on GitHub. This vulnerability, affecting FortiWeb devices from Fortinet, involves a critical path traversal flaw tha ...
-
CybersecurityNews
Critical pgAdmin4 Vulnerability Lets Attackers Execute Remote Code on Servers
A severe remote code execution (RCE) flaw has been uncovered in pgAdmin4, the popular open-source interface for PostgreSQL databases. Dubbed CVE-2025-12762, the vulnerability affects versions up to 9. ...
-
Daily CyberSecurity
WhatsApp Interoperability Live: Meta Confirms DMA Integration with BirdyChat and Haiket
To comply with the EU Digital Markets Act (DMA), Meta has announced that WhatsApp will soon become interoperable with two third-party messaging services: BirdyChat and Haiket. This marks the first con ...
-
CybersecurityNews
Akira Ransomware Targets Over 250 Organizations, Extracts $42 Million in Ransom Payments – New CISA Report
A new advisory from the Cybersecurity and Infrastructure Security Agency reveals that Akira ransomware has become one of the most active threats targeting businesses worldwide. Since March 2023, this ...
-
CybersecurityNews
Critical FortiWeb WAF Flaw Exploited in the Wild, Enabling Full Admin Takeover
Fortinet has issued an urgent advisory warning of a critical vulnerability in its FortiWeb web application firewall (WAF) product, which attackers are actively exploiting in the wild. Identified as CV ...
-
TheCyberThrone
Critical Fortinet FortiWeb Vulnerability CVE-2025-64446
November 15, 2025On November 14, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) officially added CVE-2025-64446 to its Known Exploited Vulnerabilities (KEV) catalog. This critical v ...
-
Daily CyberSecurity
Symfony Patches PATH_INFO Parsing Flaw Leading to Authorization Bypass (CVE-2025-64500)
The Symfony project has released security updates to address a newly disclosed vulnerability affecting its widely used HTTP Foundation component. Tracked as CVE-2025-64500 and rated CVSS 7.3, the flaw ...
-
Daily CyberSecurity
Cisco Warns of High-Severity Privilege Escalation Flaw (CVE-2025-20341) in Catalyst Center Virtual Appliance
A newly disclosed high-severity vulnerability in the Cisco Catalyst Center Virtual Appliance could allow attackers with low-level access to elevate their privileges to full administrative control, acc ...
-
BleepingComputer
Logitech confirms data breach after Clop extortion attack
Hardware accessory giant Logitech has confirmed it suffered a data breach in a cyberattack claimed by the Clop extortion gang, which conducted Oracle E-Business Suite data theft attacks in July. Logit ...
-
The Register
Fortinet finally cops to critical make-me-admin bug under active exploitation
Fortinet finally published a security advisory on Friday for a critical FortiWeb path traversal vulnerability under active exploitation – but it appears digital intruders got a month's head start. The ...