CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Hackers Exploiting XWiki Vulnerability in the Wild to Hire the Servers for Botnet
A sharp increase in attacks targeting a critical vulnerability in XWiki servers. Multiple threat actors are actively exploiting CVE-2025-24893 to deploy botnets and coin miners, and to establish unaut ... Read more
-
CrowdStrike.com
CrowdStrike Named Overall Leader in 2025 KuppingerCole ITDR Leadership Compass
KuppingerCole recognizes CrowdStrike as the Overall Leader, achieving the top position in every evaluated category in its 2025 identity security report. CrowdStrike has been named the Overall Leader i ... Read more
-
CrowdStrike.com
November 2025 Patch Tuesday: One Zero-Day and Five Critical Vulnerabilities Among 63 CVEs
Microsoft has addressed 63 vulnerabilities in its November 2025 security update release, almost one third from October's record-breaking 172 patches. This month's updates address one actively exploite ... Read more
-
The Hacker News
Rust Adoption Drives Android Memory Safety Bugs Below 20% for First Time
Nov 17, 2025Ravie LakshmananVulnerability / Mobile Security Google has disclosed that the company's continued adoption of the Rust programming language in Android has resulted in the number of memor ... Read more
-
Daily CyberSecurity
End of an Era: Apple Has Reportedly Cancelled the Mac Pro Lineup
According to a report by Bloomberg journalist Mark Gurman, Apple appears to have abandoned the Mac Pro. The company’s most powerful workstation—last refreshed in 2023 with the M2 Ultra chip—now seems ... Read more
-
Daily CyberSecurity
Critical pgAdmin Flaws (CVE-2025-12762, CVSS 9.1) Allow Remote Code Execution via PostgreSQL Dump Files
The pgAdmin development team has issued patches addressing four newly disclosed security vulnerabilities impacting pgAdmin versions up to 9.9, including a critical Remote Code Execution (RCE) flaw tha ... Read more
-
Daily CyberSecurity
High-Severity Memos Flaw (CVE-2024-21635) Allows Hackers to Stay Logged In After Password Change
The team behind Memos, the privacy-first, self-hosted knowledge base platform, has issued a security advisory for CVE-2024-21635, a session-management flaw that could allow attackers to maintain acces ... Read more
-
Daily CyberSecurity
Critical IBM AIX RCE (CVE-2025-36250, CVSS 10.0) Flaw Exposes NIM Private Keys and Risks Directory Traversal
IBM has released a new security bulletin addressing multiple high-severity vulnerabilities affecting AIX 7.2, AIX 7.3, and VIOS 3.1/4.1, including flaws that could allow remote attackers to execute ar ... Read more
-
Daily CyberSecurity
Record Supply Chain Attack: 150,000+ Malicious npm Packages Flooded Registry for Token Farming Rewards
In one of the largest open-source supply chain incidents ever recorded, Amazon Inspector security researchers have uncovered over 150,000 malicious npm packages linked to a coordinated tea.xyz token f ... Read more
-
Daily CyberSecurity
CISA Warns: Critical Lynx+ Gateway Flaw (CVSS 10.0) Allows Unauthenticated Remote Reset; Vendor Non-Responsive
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new advisory detailing multiple high-severity vulnerabilities affecting the Lynx+ Gateway manufactured by General Industri ... Read more