CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Exim’s Poisoned Record: How a Failed Patch and SQL Injection Lead to Critical Heap Overflows
A new security advisory has revealed significant cracks in the armor of Exim, one of the world’s most popular mail transfer agents. Andrew Fasano, the Cyber Lead at the National Institute of Standards ...
-
Daily CyberSecurity
Apache NiFi’s Data Leak: How a High-Severity Deserialization Flaw Puts Your Asana Workflows at Risk
The Apache Software Foundation has issued a security advisory for Apache NiFi, the powerful data processing engine used by thousands of enterprises to automate data flow between systems. A high-severi ...
-
Daily CyberSecurity
AI’s Exposed Side Door: Dify Flaw (CVE-2025-63387) Leaks System Configs to Anonymous Users
As the race to build the next generation of AI applications accelerates, a significant security gap has been uncovered in Dify, a popular open-source platform used by developers to create Large Langua ...
-
CybersecurityNews
Cybersecurity Weekly Recap – PornHub Breach, Cisco 0-Day, Amazon Detains DPRK IT Worker, and more
In a week that revealed the flaws in digital trust, cybersecurity headlines were filled with high-profile breaches, zero-day exploits, and bold nation-state espionage. Attackers claimed to have swiped ...
-
Help Net Security
Week in review: Exploited zero-day in Cisco email security appliances, Kali Linux 2025.4 released
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: How researchers are teaching AI agents to ask for permission the right way People are starting to hand ...
-
CybersecurityNews
100+ Cisco Secure Email Devices Exposed to Zero‑Day Exploited in the Wild
Security researchers have identified at least 120 Cisco Secure Email Gateway and Cisco Secure Email and Web Manager devices vulnerable to a critical zero-day flaw that attackers are actively exploitin ...
-
Daily CyberSecurity
PoC Available: Unauthenticated HPE OneView RCE (CVSS 10.0) Exploits Hidden ID Pools API
Security researchers have detailed a maximum-severity vulnerability in Hewlett Packard Enterprise’s (HPE) OneView software, revealing how a seemingly obscure feature could allow unauthenticated attack ...
-
CybersecurityNews
Hackers Weaponize SVG Files and Office Documents to Target Windows Users
Cybersecurity researchers have uncovered a sophisticated email campaign deploying a commodity loader to distribute Remote Access Trojans and information stealers. The operation primarily targets manuf ...
-
TheCyberThrone
CVE-2025-14733: Critical WatchGuard Firebox RCE Actively Exploited
OverviewCVE-2025-14733 is a critical remote code execution (RCE) vulnerability in WatchGuard Fireware OS that allows unauthenticated attackers to take over Firebox firewall appliances via IKEv2 VPN fu ...
-
The Cyber Express
Sophisticated Attack Campaign Exposes Loader Used by Multiple Threat Actors
Cyble researchers have identified a sophisticated attack campaign that uses obfuscation, a unique User Account Control (UAC) bypass and other stealthy techniques to deliver a unified commodity loader ...