CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Attackers turned Citrix, Cisco 0-day exploits into custom-malware hellscape
An "advanced" attacker exploited CitrixBleed 2 and a max-severity Cisco Identity Services Engine (ISE) bug as zero-days to deploy custom malware, according to Amazon Chief Information Security Officer ... Read more
-
Kaspersky
CVE-2024-12649: vulnerability in the Canon TTF interpreter
These days, attackers probing an organization’s infrastructure rarely come across the luxury of a workstation without an EDR agent, so malicious actors are focusing on compromising servers, or various ... Read more
-
CybersecurityNews
Beware of Malicious Steam Cleanup Tool Attack Windows Machines to Deploy Backdoor Malware
A sophisticated backdoor malware campaign has emerged targeting Windows users through a weaponized version of SteamCleaner, a legitimate open-source utility designed to clean junk files from the Steam ... Read more
-
CybersecurityNews
Multiple Apache OpenOffice Vulnerabilities Leads to Memory Corruption and Unauthorized Content Loading
Apache OpenOffice has released version 4.1.16, addressing seven critical security vulnerabilities that enable unauthorized remote document loading and memory corruption attacks. These flaws represent ... Read more
-
CybersecurityNews
GitHub Copilot and Visual Studio Vulnerabilities Allow Attacker to Bypass Security Feature
Microsoft has disclosed two critical security vulnerabilities in GitHub Copilot and Visual Studio that could allow attackers to bypass essential security features. Both vulnerabilities were released o ... Read more
-
CybersecurityNews
Hackers Actively Exploiting Cisco and Citrix 0-Days in the Wild to Deploy Webshell
An advanced hacking group is actively exploiting zero-day vulnerabilities in Cisco Identity Services Engine (ISE) and Citrix systems. These attacks, spotted in real-world operations, allow hackers to ... Read more
-
security.nl
Synology dicht kritiek lek in BeeStation OS
Synology heeft een kwetsbaarheid in BeeStation OS verholpen die aanvallers de mogelijkheid biedt op afstand willekeurige code uit te voeren. Het gaat om CVE-2025-12686, een lek dat in oktober werd ont ... Read more
-
BleepingComputer
Hackers exploited Citrix, Cisco ISE flaws in zero-day attacks
An advanced threat actor exploited the critical vulnerabilities “Citrix Bleed 2" (CVE-2025-5777) in NetScaler ADC and Gateway, and CVE-2025-20337 affecting Cisco Identity Service Engine (ISE) as zero- ... Read more
-
The Hacker News
Amazon Uncovers Attacks Exploited Cisco ISE and Citrix NetScaler as Zero-Day Flaws
Nov 12, 2025Ravie LakshmananNetwork Security / Zero-Day Amazon's threat intelligence team on Wednesday disclosed that it observed an advanced threat actor exploiting two then-zero-day security flaws ... Read more
-
CybersecurityNews
APT-C-08 Hackers Exploiting WinRAR Vulnerability to Attack Government Organizations
The advanced persistent threat group APT-C-08, also known as Manlinghua or BITTER, has launched a sophisticated campaign targeting government organizations across South Asia by exploiting a critical d ... Read more