CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Ivanti Endpoint Manager Vulnerabilities Let Attackers Write Arbitrary Files to Disk
Ivanti has rolled out security updates for its Endpoint Manager product, addressing three high-severity vulnerabilities that could let authenticated local attackers write arbitrary files anywhere on t ... Read more
-
Help Net Security
CISA: Patch Samsung flaw exploited to deliver spyware (CVE-2025-21042)
CISA has added CVE-2025-21042, a vulnerability affecting Samsung mobile devices, to its Known Exploited Vulnerabilities (KEV) catalog, and has ordered US federal civilian agencies to address it by the ... Read more
-
BleepingComputer
GlobalLogic warns 10,000 employees of data theft after Oracle breach
GlobalLogic, a provider of digital engineering services part of the Hitachi group, is notifying over 10,000 current and former employees that their data was stolen in an Oracle E-Business Suite (EBS) ... Read more
-
CybersecurityNews
Synology BeeStation 0-Day Vulnerability Let Remote Attackers Execute Arbitrary Code
Synology has released an urgent security update addressing a critical remote code execution vulnerability in BeeStation OS that allows unauthenticated attackers to execute arbitrary code on affected d ... Read more
-
CybersecurityNews
Hackers Weaponizing Calendar Files as New Attack Vector Bypassing Traditional Email Defenses
A surge in attacks exploiting iCalendar (.ics) files as a sophisticated threat vector that bypasses traditional email security defenses. These attacks leverage the trusted, plain-text nature of calend ... Read more
-
security.nl
Antivirusfunctionaliteit in Gladinet Triofox uitgebuit voor installeren van malware
Google's Mandiant Threat Defense waarschuwt voor een actief uitgebuit lek (CVE-2025-12480) in Gladinet’s Triofox-platform voor bestandsdeling en toegang op afstand. Het gaat om een kritieke kwetsbaa ... Read more
-
CybersecurityNews
Zoom Workplace for Windows Vulnerability Allow Users to Escalate Privilege
A security vulnerability has been discovered in Zoom Workplace VDI Client for Windows that could allow attackers to gain elevated privileges on affected systems. The flaw, tracked as CVE-2025-64740, h ... Read more
-
CybersecurityNews
Devolutions Server Vulnerability Let Attackers Impersonate Users Using Pre-MFA Cookie
A critical vulnerability in Devolutions Server could allow attackers with low-level access to impersonate other user accounts by exploiting how the application handles authentication cookies before mu ... Read more
-
Help Net Security
Attackers exploited another Gladinet Triofox zero-day (CVE-2025-12480)
Attackers have exploited a now-fixed vulnerability (CVE-2025-12480) in the Gladinet Triofox secure file sharing and remote access platform while it was still a zero-day, Mandiant revealed on Monday. C ... Read more
-
security.nl
Kritiek lek in Samsung Galaxy-smartphones toegevoegd aan KEV-database CISA
Het Amerikaanse Cybersecurity & Infrastructure Security Agency (CISA) heeft een kwetsbaarheid in Samsung Galaxy-smartphones toegevoegd aan de Known Exploited Vulnerabilities (KEV)-database met kwetsba ... Read more