CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
New FortiWeb 0-Day Command Injection Vulnerability Exploited in the Wild
Fortinet has released an urgent security advisory addressing a newly discovered zero-day vulnerability, CVE-2025-58034, in its FortiWeb web application firewall platform, after evidence emerged of act ... Read more
-
The Hacker News
Fortinet Warns of New FortiWeb CVE-2025-58034 Vulnerability Exploited in the Wild
Nov 19, 2025Ravie LakshmananVulnerability / Network Security Fortinet has warned of a new security flaw in FortiWeb that it said has been exploited in the wild. The medium-severity vulnerability, tr ... Read more
-
Daily CyberSecurity
CISA KEV Alert: FortiWeb RCE Flaw (CVE-2025-58034) Under Active Exploitation for Command Injection
Fortinet has issued an urgent advisory warning customers that a newly disclosed vulnerability in FortiWeb, tracked as CVE-2025-58034, is being actively exploited in the wild, prompting the U.S. Cybers ... Read more
-
Daily CyberSecurity
AI-Generated Malware Attacks 230,000 Exposed Ray AI Clusters in Massive ShadowRay 2.0 Botnet Campaign
Security researchers at Oligo Security have uncovered a massive, fast-evolving cyberattack campaign hijacking exposed Ray AI clusters worldwide through the long-standing ShadowRay vulnerability (CVE-2 ... Read more
-
Daily CyberSecurity
D-Link DIR-878 Reaches EOL: 3 Unpatched RCE Flaws Allow Unauthenticated Remote Command Execution
D-Link has issued a security advisory warning users of the DIR-878 router series that multiple newly disclosed vulnerabilities—including three unauthenticated remote command execution flaws—will not b ... Read more
-
Daily CyberSecurity
Critical METZ CONNECT Flaws (CVSS 9.8) Allow Unauthenticated RCE and Admin Takeover on Industrial Controllers
METZ CONNECT GmbH, in coordination with CERT@VDE, has issued an urgent security advisory warning of multiple critical vulnerabilities affecting its EWIO-2 series, including Energy-Controlling EWIO2-M, ... Read more
-
Daily CyberSecurity
9 Million Installs: Malicious Chrome VPN Extensions Hijack User Traffic Via Remote PAC Proxy Injection
One of the Malicious ‘Free Unlimited VPN’ in store | Image: LayerX Security researchers at LayerX Security have uncovered a long-running malicious campaign involving VPN and ad-blocking browser extens ... Read more
-
Daily CyberSecurity
Critical SolarWinds Serv-U Flaws (CVSS 9.1) Allow Authenticated Admin RCE and Path Bypass
SolarWinds has released security updates addressing three critical vulnerabilities in Serv-U—its managed file transfer and FTP server platform—each carrying a CVSS score of 9.1 and enabling remote cod ... Read more
-
CrowdStrike.com
CrowdStrike Named Overall Leader in 2025 KuppingerCole ITDR Leadership Compass
KuppingerCole recognizes CrowdStrike as the Overall Leader, achieving the top position in every evaluated category in its 2025 identity security report. CrowdStrike has been named the Overall Leader i ... Read more
-
CrowdStrike.com
November 2025 Patch Tuesday: One Zero-Day and Five Critical Vulnerabilities Among 63 CVEs
Microsoft has addressed 63 vulnerabilities in its November 2025 security update release, almost one third from October's record-breaking 172 patches. This month's updates address one actively exploite ... Read more