CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
security.nl
Fortinet bevestigt actief misbruik van path traversal-lek in FortiWeb-firewall
Na berichtgeving door verschillende securitybedrijven heeft ook Fortinet nu bevestigd dat aanvallers actief misbruik maken van een path traversal-lek in de FortiWeb web application firewall (WAF). Het ...
-
CybersecurityNews
Hackers Exploiting XWiki Vulnerability in the Wild to Hire the Servers for Botnet
A sharp increase in attacks targeting a critical vulnerability in XWiki servers. Multiple threat actors are actively exploiting CVE-2025-24893 to deploy botnets and coin miners, and to establish unaut ...
-
The Hacker News
Rust Adoption Drives Android Memory Safety Bugs Below 20% for First Time
Nov 17, 2025Ravie LakshmananVulnerability / Mobile Security Google has disclosed that the company's continued adoption of the Rust programming language in Android has resulted in the number of memor ...
-
Daily CyberSecurity
End of an Era: Apple Has Reportedly Cancelled the Mac Pro Lineup
According to a report by Bloomberg journalist Mark Gurman, Apple appears to have abandoned the Mac Pro. The company’s most powerful workstation—last refreshed in 2023 with the M2 Ultra chip—now seems ...
-
Daily CyberSecurity
Critical pgAdmin Flaws (CVE-2025-12762, CVSS 9.1) Allow Remote Code Execution via PostgreSQL Dump Files
The pgAdmin development team has issued patches addressing four newly disclosed security vulnerabilities impacting pgAdmin versions up to 9.9, including a critical Remote Code Execution (RCE) flaw tha ...
-
Daily CyberSecurity
High-Severity Memos Flaw (CVE-2024-21635) Allows Hackers to Stay Logged In After Password Change
The team behind Memos, the privacy-first, self-hosted knowledge base platform, has issued a security advisory for CVE-2024-21635, a session-management flaw that could allow attackers to maintain acces ...
-
Daily CyberSecurity
Critical IBM AIX RCE (CVE-2025-36250, CVSS 10.0) Flaw Exposes NIM Private Keys and Risks Directory Traversal
IBM has released a new security bulletin addressing multiple high-severity vulnerabilities affecting AIX 7.2, AIX 7.3, and VIOS 3.1/4.1, including flaws that could allow remote attackers to execute ar ...
-
Daily CyberSecurity
Record Supply Chain Attack: 150,000+ Malicious npm Packages Flooded Registry for Token Farming Rewards
In one of the largest open-source supply chain incidents ever recorded, Amazon Inspector security researchers have uncovered over 150,000 malicious npm packages linked to a coordinated tea.xyz token f ...
-
Daily CyberSecurity
CISA Warns: Critical Lynx+ Gateway Flaw (CVSS 10.0) Allows Unauthenticated Remote Reset; Vendor Non-Responsive
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new advisory detailing multiple high-severity vulnerabilities affecting the Lynx+ Gateway manufactured by General Industri ...
-
Daily CyberSecurity
Phishing-as-a-Service Uncovered: Automated Kit Impersonates Aruba S.p.A. to Steal Credentials and Credit Cards
A new report from Group-IB exposes a highly automated phishing framework engineered to impersonate Italian IT and web-services giant Aruba S.p.A., a company serving more than 5.4 million customers and ...