CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
QNAP fixes seven NAS zero-day flaws exploited at Pwn2Own
QNAP has fixed seven zero-day vulnerabilities that security researchers exploited to hack QNAP network-attached storage (NAS) devices during the Pwn2Own Ireland 2025 competition. The flaws impact QNAP ... Read more
-
BleepingComputer
New LandFall spyware exploited Samsung zero-day via WhatsApp messages
A threat actor exploited a zero-day vulnerability in Samsung’s Android image processing library to deploy a previously unknown spyware called 'LandFall' using malicious images sent over WhatsApp. The ... Read more
-
The Hacker News
Samsung Zero-Click Flaw Exploited to Deploy LANDFALL Android Spyware via WhatsApp
Nov 07, 2025Ravie LakshmananMobile Security / Vulnerability A now-patched security flaw in Samsung Galaxy Android devices was exploited as a zero-day to deliver a "commercial-grade" Android spyware ... Read more
-
The Hacker News
From Log4j to IIS, China’s Hackers Turn Legacy Bugs into Global Espionage Tools
A China-linked threat actor has been attributed to a cyber attack targeting an U.S. non-profit organization with an aim to establish long-term persistence, as part of broader activity aimed at U.S. en ... Read more
-
BleepingComputer
Cisco: Actively exploited firewall flaws now abused for DoS attacks
Cisco warned this week that two vulnerabilities, which have been used in zero-day attacks, are now being exploited to force ASA and FTD firewalls into reboot loops. The tech giant released security up ... Read more
-
CrowdStrike.com
From Domain User to SYSTEM: Analyzing the NTLM LDAP Authentication Bypass Vulnerability (CVE-2025-54918)
In September 2025, a critical vulnerability (CVE-2025-54918) was discovered affecting domain controllers running LDAP or LDAPS services. This vulnerability allows attackers to elevate privileges from ... Read more
-
The Cyber Express
Cisco Issues Critical Warning Over New Unified Contact Center Express Vulnerabilities
Cisco has issued an urgent security advisory detailing two critical vulnerabilities affecting its Unified Contact Center Express (Unified CCX) platform. The flaws, identified as CVE-2025-20354 and CVE ... Read more
-
seclists.org
Re: [FD] : "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Full Disclosure mailing list archives From: Joseph Goydish II via Fulldisclosure <fulldisclosure () seclists org> Date: Thu, 30 Oct 2025 11:07:04 +0000 Hey Patrick, I understand the doubt. However… wh ... Read more
-
seclists.org
Re: : "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Full Disclosure mailing list archives From: Jan Schermer <jan () schermer cz> Date: Thu, 30 Oct 2025 12:14:47 +0100 I looked at few repos and posts of "Joseph Goydish". It all seems to be thinly veile ... Read more
-
seclists.org
runc container breakouts via procfs writes: CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881
Full Disclosure mailing list archives From: Aleksa Sarai via Fulldisclosure <fulldisclosure () seclists org> Date: Wed, 5 Nov 2025 20:53:08 +1100 | NOTE: This advisory was sent to <security-announce ( ... Read more