CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Italian spyware vendor linked to Chrome zero-day attacks
A zero-day vulnerability in Google Chrome, exploited in Operation ForumTroll earlier this year, delivered malware linked to Italian spyware vendor Memento Labs, born after IntheCyber Group acquired ...
-
CybersecurityNews
Ubiquiti UniFi Door Access App Vulnerability Exposes API Management Without Authentication
Ubiquiti’s UniFi Access application has been found vulnerable to a critical flaw that leaves its management API exposed without authentication. Discovered by Catchify Security, this issue allows malic ...
-
BleepingComputer
CISA orders feds to patch actively exploited Windows Server WSUS flaw
The Cybersecurity and Infrastructure Security Agency (CISA) ordered U.S. government agencies to patch a critical-severity Windows Server Update Services (WSUS) vulnerability after adding it to its cat ...
-
The Hacker News
⚡ Weekly Recap: WSUS Exploited, LockBit 5.0 Returns, Telegram Backdoor, F5 Breach Widens
Oct 27, 2025Ravie LakshmananCybersecurity / Hacking News Security, trust, and stability — once the pillars of our digital world — are now the tools attackers turn against us. From stolen accounts to ...
-
CybersecurityNews
Hackers Actively Exploiting WordPress Arbitrary Installation Vulnerabilities in The Wild
Threat actors have launched a significant mass exploitation campaign targeting critical vulnerabilities in two popular WordPress plugins, GutenKit and Hunk Companion, affecting hundreds of thousands o ...
-
The Cyber Express
New BIND 9 Security Flaw (CVE-2025-40778) Threatens Global DNS Infrastructure
A newly disclosed security flaw has put more than 706,000 BIND 9 DNS resolvers worldwide at risk of cache poisoning attacks, according to an advisory published by the Internet Systems Consortium (ISC) ...
-
CybersecurityNews
Chrome 0-Day Vulnerability Actively Exploited in Attacks by Notorious Hacker Group
The notorious Mem3nt0 mori hacker group has been actively exploiting a zero-day vulnerability in Google Chrome, compromising high-profile targets across Russia and Belarus. Dubbed CVE-2025-2783, this ...
-
security.nl
Google Chrome-gebruikers via link in phishingmail geïnfecteerd met spyware
Gebruikers van Google Chrome zijn eerder dit jaar het doelwit van een aanval geworden waarbij alleen het klikken op een malafide link in een phishingmail voldoende was om met spyware geïnfecteerd te r ...
-
CybersecurityNews
HashiCorp Vault Vulnerabilities Let Attack Bypass Authentication And Trigger DoS Attack
HashiCorp has disclosed two critical vulnerabilities in its Vault software that could allow attackers to bypass authentication controls and launch denial-of-service (DoS) attacks. Published on October ...
-
security.nl
NCSC verwacht misbruik van kwetsbaarheden in dns-software BIND 9
Het Nationaal Cyber Security Centrum (NCSC) verwacht dat aanvallers misbruik zullen maken van verschillende kwetsbaarheden in dns-serversoftware BIND 9, waardoor cache-poisoning mogelijk is en gebruik ...