CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Palo Alto Networks GlobalProtect Vulnerability Allows Root User Privilege Escalation
Palo Alto Networks has disclosed a critical security vulnerability in its GlobalProtect VPN application that enables locally authenticated users to escalate their privileges to root access on macOS an ...
-
BleepingComputer
PerfektBlue Bluetooth flaws impact Mercedes, Volkswagen, Skoda cars
Four vulnerabilities dubbed PerfektBlue and affecting the BlueSDK Bluetooth stack from OpenSynergy can be exploited to achieve remote code execution and potentially allow access to critical elements i ...
-
CybersecurityNews
ServiceNow Platform Vulnerability Let Attackers Exfiltrate Sensitive Data
A significant vulnerability in ServiceNow’s platform, designated CVE-2025-3648 and dubbed “Count(er) Strike,” enables attackers to exfiltrate sensitive data, including PII, credentials, and financial ...
-
CybersecurityNews
Critical Linux Kernel’ Double Free Vulnerability Let Attackers Escalate Privileges
A severe double-free vulnerability has been discovered in the Linux kernel’s NFT (netfilter) subsystem, specifically within the pipapo set module. This critical security flaw allows unprivileged attac ...
-
CybersecurityNews
GitLab Vulnerabilities Let Attackers Execute Actions by Injecting Malicious Content
GitLab has released critical security patches across multiple versions to address several high-severity vulnerabilities that could allow attackers to execute unauthorized actions through malicious con ...
-
CybersecurityNews
Critical Ruckus Wireless Vulnerabilities Exposes Enterprise Wireless Networks
Multiple critical vulnerabilities have been discovered in Ruckus Wireless management products, specifically Virtual SmartZone (vSZ) and Network Director (RND), potentially allowing complete compromise ...
-
CybersecurityNews
Hackers Exploiting GeoServer RCE Vulnerability to Deploy CoinMiner
A critical remote code execution vulnerability in GeoServer has become a prime target for cybercriminals deploying cryptocurrency mining malware across global networks. The vulnerability, designated C ...
-
Help Net Security
Ruckus network management solutions riddled with unpatched vulnerabilities
Claroty researcher Noam Moshe has discovered serious vulnerabilities in two Ruckus Networks (formerly Ruckus Wireless) products that may allow attackers to compromise the environments managed by the a ...
-
CybersecurityNews
Critical mcp-remote Vulnerability Exposes LLM Clients to Remote Code Execution Attacks
A critical vulnerability CVE-2025-6514 with a CVSS score of 9.6 affecting the mcp-remote project allows attackers to achieve arbitrary operating system command execution on machines running mcp-remote ...
-
CybersecurityNews
New PerfektBlue Attack Exposes Millions of Cars to Remote Hacking
A new and critical security threat, PerfektBlue, has emerged, targeting OpenSynergy’s BlueSDK Bluetooth framework and posing an unprecedented risk to the automotive industry. This sophisticated attack ...