CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CrowdStrike.com
From Domain User to SYSTEM: Analyzing the NTLM LDAP Authentication Bypass Vulnerability (CVE-2025-54918)
In September 2025, a critical vulnerability (CVE-2025-54918) was discovered affecting domain controllers running LDAP or LDAPS services. This vulnerability allows attackers to elevate privileges from ... Read more
-
CybersecurityNews
Cisco Warns of Hackers Actively Exploiting ASA and FTD 0-day RCE Vulnerability in the Wild
Cisco has confirmed that threat actors are actively exploiting a critical remote code execution (RCE) flaw in its Secure Firewall Adaptive Security Appliance (ASA) and Threat Defense (FTD) software. F ... Read more
-
CrowdStrike.com
From Domain User to SYSTEM: Analyzing the NTLM LDAP Authentication Bypass Vulnerability (CVE-2025-54918)
In September 2025, a critical vulnerability (CVE-2025-54918) was discovered affecting domain controllers running LDAP or LDAPS services. This vulnerability allows attackers to elevate privileges from ... Read more
-
CybersecurityNews
CISA Warns of Gladinet CentreStack and Triofox Files Vulnerability Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency has issued a critical warning regarding a newly identified vulnerability affecting Gladinet CentreStack and Triofox platforms. The flaw, tracked as ... Read more
-
CybersecurityNews
Chrome Emergency Update to Patch Multiple Vulnerabilities that Enable Remote Code Execution
Google has rolled out an urgent security patch for its Chrome browser, addressing five vulnerabilities that could enable attackers to execute malicious code remotely. The update, version 142.0.7444.13 ... Read more
-
Daily CyberSecurity
Critical Cisco CCX RCE Flaws (CVSS 9.8) Allow Unauthenticated Root Access via Java RMI and CCX Editor
Cisco has released urgent security updates to address two critical vulnerabilities in its Unified Contact Center Express (Unified CCX) software, which could allow unauthenticated remote attackers to e ... Read more
-
Daily CyberSecurity
Django Team Patches High-Severity SQL Injection Flaw (CVE-2025-64459) and DoS Bug (CVE-2025-64458) in Latest Security Update
The Django Software Foundation (DSF) has released new security updates for multiple branches of the Django web framework, addressing two vulnerabilities — including a high-severity SQL injection flaw ... Read more
-
Daily CyberSecurity
CISA Warns: Critical VizAir Flaws (CVSS 10.0) Expose Airport Weather Systems to Unauthenticated Manipulation
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical advisory detailing three vulnerabilities in the Radiometrics VizAir aviation weather monitoring system, warning that e ... Read more
-
Daily CyberSecurity
Curly COMrades APT Bypasses EDR by Hiding Linux Backdoor Inside Covert Hyper-V VM
In collaboration with the Georgian CERT, researchers from Bitdefender have uncovered a new wave of cyber-espionage activity conducted by a Russian-aligned threat group known as Curly COMrades, which l ... Read more
-
Daily CyberSecurity
High-Severity NVIDIA App Flaw (CVE-2025-23358) Allows Local Privilege Escalation on Windows
NVIDIA has released an important software security update for the NVIDIA App on Windows systems, addressing a high-severity local privilege escalation vulnerability (CVE-2025-23358) that could allow a ... Read more