CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CrowdStrike.com
From Domain User to SYSTEM: Analyzing the NTLM LDAP Authentication Bypass Vulnerability (CVE-2025-54918)
In September 2025, a critical vulnerability (CVE-2025-54918) was discovered affecting domain controllers running LDAP or LDAPS services. This vulnerability allows attackers to elevate privileges from ... Read more
-
CrowdStrike.com
CrowdStrike Named Overall Leader in 2025 KuppingerCole ITDR Leadership Compass
KuppingerCole recognizes CrowdStrike as the Overall Leader, achieving the top position in every evaluated category in its 2025 identity security report. CrowdStrike has been named the Overall Leader i ... Read more
-
BleepingComputer
SAP fixes hardcoded credentials flaw in SQL Anywhere Monitor
SAP has released its November security updates that address multiple security vulnerabilities, including a maximum severity flaw in the non-GUI variant of the SQL Anywhere Monitor and a critical code ... Read more
-
CybersecurityNews
Ivanti Endpoint Manager Vulnerabilities Let Attackers Write Arbitrary Files to Disk
Ivanti has rolled out security updates for its Endpoint Manager product, addressing three high-severity vulnerabilities that could let authenticated local attackers write arbitrary files anywhere on t ... Read more
-
Help Net Security
CISA: Patch Samsung flaw exploited to deliver spyware (CVE-2025-21042)
CISA has added CVE-2025-21042, a vulnerability affecting Samsung mobile devices, to its Known Exploited Vulnerabilities (KEV) catalog, and has ordered US federal civilian agencies to address it by the ... Read more
-
BleepingComputer
GlobalLogic warns 10,000 employees of data theft after Oracle breach
GlobalLogic, a provider of digital engineering services part of the Hitachi group, is notifying over 10,000 current and former employees that their data was stolen in an Oracle E-Business Suite (EBS) ... Read more
-
CybersecurityNews
Synology BeeStation 0-Day Vulnerability Let Remote Attackers Execute Arbitrary Code
Synology has released an urgent security update addressing a critical remote code execution vulnerability in BeeStation OS that allows unauthenticated attackers to execute arbitrary code on affected d ... Read more
-
CybersecurityNews
Hackers Weaponizing Calendar Files as New Attack Vector Bypassing Traditional Email Defenses
A surge in attacks exploiting iCalendar (.ics) files as a sophisticated threat vector that bypasses traditional email security defenses. These attacks leverage the trusted, plain-text nature of calend ... Read more
-
security.nl
Antivirusfunctionaliteit in Gladinet Triofox uitgebuit voor installeren van malware
Google's Mandiant Threat Defense waarschuwt voor een actief uitgebuit lek (CVE-2025-12480) in Gladinet’s Triofox-platform voor bestandsdeling en toegang op afstand. Het gaat om een kritieke kwetsbaa ... Read more
-
CybersecurityNews
Zoom Workplace for Windows Vulnerability Allow Users to Escalate Privilege
A security vulnerability has been discovered in Zoom Workplace VDI Client for Windows that could allow attackers to gain elevated privileges on affected systems. The flaw, tracked as CVE-2025-64740, h ... Read more