CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CrowdStrike.com
CrowdStrike Falcon Prevents Supply Chain Attack Involving Compromised NPM Packages
Recently, five popular NPM (Node Package Manager) packages were compromised and modified to deliver a malicious DLL, dubbed “Scavenger”. The malware pushed via these compromised NPM packages executes ... Read more
-
The Hacker News
Researchers Spot Surge in Erlang/OTP SSH RCE Exploits, 70% Target OT Firewalls
Aug 11, 2025Ravie LakshmananVulnerability / Network Security Malicious actors have been observed exploiting a now-patched critical security flaw impacting Erlang/Open Telecom Platform (OTP) SSH as e ... Read more
-
security.nl
Google beloont onderzoeker met 250.000 dollar voor melden van Chrome-lek
Google heeft een beveiligingsonderzoeker voor een kwetsbaarheid in Chrome een beloning van 250.000 dollar uitgekeerd. Het is één van de hoogste bug bounties die het techbedrijf ooit heeft uitgeloofd. ... Read more
-
cert.pl
TCC Bypass vulnerability in GIMP application for MacOS
TCC Bypass vulnerability in GIMP application for MacOS CVE ID CVE-2025-8672 Publication date 11 August 2025 Vendor GIMP Product GIMP Vulnerable versions All before 3.1.4.2 Vulnerability type (CWE) Inc ... Read more
-
CybersecurityNews
Hackers Weaponized Linux Webcams as Attack Tools to Inject Keystrokes and Launch Attacks
A critical vulnerability was uncovered that transforms ordinary Linux-powered webcams into weaponized BadUSB attack tools, enabling remote hackers to inject malicious keystrokes and compromise target ... Read more
-
CrowdStrike.com
CrowdStrike Falcon Prevents Supply Chain Attack Involving Compromised NPM Packages
Recently, five popular NPM (Node Package Manager) packages were compromised and modified to deliver a malicious DLL, dubbed “Scavenger”. The malware pushed via these compromised NPM packages executes ... Read more
-
Help Net Security
Win-DDoS: Attackers can turn public domain controllers into DDoS agents
SafeBreach researchers have released details on several vulnerabilities that could be exploited by attackers to crash Windows Active Directory domain controllers (DCs), one one of which (CVE-2025-3272 ... Read more
-
Kaspersky
How to implement a blameless approach to cybersecurity | Kaspersky official blog
Even companies with a mature cybersecurity posture and significant investments into data protection aren’t immune to cyber-incidents. Attackers can exploit zero-day vulnerabilities or compromise a sup ... Read more
-
DataBreaches.Net
7-Zip Vulnerability Lets Hackers Write Files and Run Malicious Code
Divya reports: A security vulnerability has been discovered in the popular 7-Zip file compression utility that could allow attackers to write arbitrary files to victim systems and potentially execute ... Read more
-
security.nl
'Europese bedrijven sinds 18 juli aangevallen via WinRAR-kwetsbaarheid'
Europese bedrijven, waaronder in de financiële, productie, defensie en logistieke sectoren, zijn sinds 18 juli aangevallen via een kwetsbaarheid in de populaire archiveringssoftware WinRAR. Op het mom ... Read more