CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
seclists.org
[SBA-ADV-20250729-01] CVE-2025-39663: Checkmk Cross Site Scripting
Full Disclosure mailing list archives From: SBA Research Security Advisory via Fulldisclosure <fulldisclosure () seclists org> Date: Thu, 30 Oct 2025 09:16:25 +0000 -----BEGIN PGP SIGNED MESSAGE----- ... Read more
-
The Cyber Express
Critical CVE-2025-12779 Vulnerability Exposes Amazon WorkSpaces for Linux Users to Token Theft
A newly disclosed security flaw in the Amazon WorkSpaces client for Linux has raised serious concerns across organizations relying on AWS virtual desktop infrastructure. The vulnerability, identified ... Read more
-
security.nl
Samsung Galaxy-telefoons via kritiek lek geïnfecteerd met Android-spyware
Aanvallers hebben een kritieke kwetsbaarheid gebruikt om Samsung Galaxy-telefoons op afstand met Android-spyware te infecteren. Misbruik vond geruime tijd plaats voordat een beveiligingsupdate beschik ... Read more
-
CybersecurityNews
Chinese Hackers Organization Influence U.S. Government Policy on International Issues
China-linked threat actors have intensified their focus on influencing American governmental decision-making processes by targeting organizations involved in shaping international policy. In April 202 ... Read more
-
CybersecurityNews
Amazon WorkSpaces For Linux Vulnerability Let Attackers Extract Valid Authentication Token
Amazon has disclosed a significant security vulnerability in its WorkSpaces client for Linux that could allow unauthorized users to extract valid authentication tokens and gain unauthorized access to ... Read more
-
CrowdStrike.com
From Domain User to SYSTEM: Analyzing the NTLM LDAP Authentication Bypass Vulnerability (CVE-2025-54918)
In September 2025, a critical vulnerability (CVE-2025-54918) was discovered affecting domain controllers running LDAP or LDAPS services. This vulnerability allows attackers to elevate privileges from ... Read more
-
Help Net Security
November 2025 Patch Tuesday forecast: Windows Exchange Server EOL?
October 2025 Patch Tuesday was one for the record books in so many ways. There was a big push by Microsoft to fix as many open vulnerabilities as possible in products that were reaching end-of-life (E ... Read more
-
TheCyberThrone
Australian Signals Directorate Warns of Attacks Exploiting Cisco Vulnerability
November 7, 2025The Australian Signals Directorate (ASD) recently issued a high-severity alert about an ongoing cyber attack campaign exploiting a critical vulnerability in Cisco IOS XE devices, track ... Read more
-
CybersecurityNews
NVIDIA NVApp for Windows Vulnerability Let Attackers Execute Malicious Code
NVIDIA has patched a critical vulnerability in its App for Windows that could allow local attackers to execute arbitrary code and escalate privileges on affected systems. Tracked as CVE-2025-23358, th ... Read more
-
CybersecurityNews
Cisco Identity Services Engine Vulnerability Allows Attackers to Restart ISE Unexpectedly
A critical vulnerability in Cisco Identity Services Engine (ISE) could allow remote attackers to crash the system through a crafted sequence of RADIUS requests. The flaw CVE-2024-20399, lies in how IS ... Read more