CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
cert.pl
Vulnerability in Asseco Poland mMedica software
Vulnerability in Asseco Poland mMedica software CVE ID CVE-2025-9313 Publication date 28 October 2025 Vendor Asseco Poland S.A. Product mMedica Vulnerable versions All before 11.9.5 Vulnerability type ...
-
hackread.com
Mass Attack Targets WordPress via GutenKit and Hunk Companion Plugins
Mass exploitation attacks are once again targeting WordPress websites, this time through serious vulnerabilities in two popular plugins, GutenKit and Hunk Companion. Cybersecurity researchers say the ...
-
The Hacker News
Chrome Zero-Day Exploited to Deliver Italian Memento Labs' LeetAgent Spyware
The zero-day exploitation of a now-patched security flaw in Google Chrome led to the distribution of an espionage-related tool from Italian information technology and services provider Memento Labs, a ...
-
CybersecurityNews
CISA Warns Of Critical Veeder-Root Vulnerabilities Let Attackers Execute System-level Commands
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a stark advisory highlighting two severe vulnerabilities in Veeder-Root’s TLS4B Automatic Tank Gauge System, a critical tool ...
-
CybersecurityNews
OpenVPN Vulnerability Exposes Linux, macOS Systems to Script Injection Attacks
A new vulnerability in early versions of OpenVPN has been disclosed, potentially allowing malicious servers to execute arbitrary commands on client machines. The flaw affects OpenVPN releases from 2.7 ...
-
Daily CyberSecurity
Critical .NET Flaw (CVE-2025-55315) in QNAP: NAS Backup Utility Vulnerable to Credential Theft
Earlier, Microsoft released a security update to address a critical vulnerability in ASP.NET, identified as CVE-2025-55315 with a CVSS score of 9.8. At the time, the .NET team noted that the actual se ...
-
Daily CyberSecurity
Microsoft Teams Will Auto-Track Office Location via Wi-Fi
Microsoft’s collaborative workspace platform Microsoft Teams, widely used by enterprises and professional teams, is set to receive a notable new feature this December, according to the latest roadmap ...
-
Daily CyberSecurity
Values Over Cash: Python Foundation Rejects $1.5M US Grant Over Anti-DEI Clause
In January 2025, the Python Software Foundation (PSF) submitted a proposal to the U.S. National Science Foundation (NSF) under the Open Source Ecosystem Security, Safety, and Privacy initiative, aimin ...
-
Daily CyberSecurity
Kaspersky Exposes Chrome Zero-Day RCE (CVE-2025-2783) Delivering Memento Labs Spyware in ForumTroll Campaign
Researchers at Kaspersky uncovered a sophisticated espionage campaign exploiting a zero-day vulnerability in Google Chrome and delivering commercial spyware linked to the Italian company Memento Labs ...
-
Daily CyberSecurity
High-Severity OpenVPN Flaw (CVE-2025-10680) Allows Script Injection on Linux/macOS via Malicious DNS Server
Security researchers have disclosed a high-severity vulnerability, tracked as CVE-2025-10680 (CVSS 8.8), affecting OpenVPN 2.7_alpha1 through 2.7_beta1 releases. The flaw exposes Unix-like systems to ...