CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
ZERO-DAY ATTACK WARNING: Fortinet FortiWeb Exploit Grants Unauthenticated Admin Access!
Cybersecurity firms are sounding the alarm over a critical vulnerability in Fortinet FortiWeb, the company’s Web Application Firewall (WAF) product. The flaw, which has been observed actively exploite ... Read more
-
CybersecurityNews
FortiWeb Authentication Bypass Vulnerability Exploited – Script to Detect Vulnerable Appliances
Threat actors are actively exploiting a critical authentication bypass vulnerability in Fortinet’s FortiWeb web application firewall (WAF) worldwide, prompting defenders to heighten vigilance. Researc ... Read more
-
Daily CyberSecurity
Critical ASUS DSL Router Flaw (CVE-2025-59367, CVSS 9.3) Allows Unauthenticated Remote Access
ASUS has released an urgent security advisory addressing a critical authentication bypass vulnerability affecting several models in its DSL Series Router lineup. The flaw, tracked as CVE-2025-59367 wi ... Read more
-
seclists.org
Re: [FD] : "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
Full Disclosure mailing list archives From: Patrick via Fulldisclosure <fulldisclosure () seclists org> Date: Fri, 07 Nov 2025 15:27:43 +0000 Hello Jan, You are completely right and it’s something I w ... Read more
-
seclists.org
APPLE-SA-11-13-2025-1 Compressor 4.11.1
Full Disclosure mailing list archives From: Apple Product Security via Fulldisclosure <fulldisclosure () seclists org> Date: Thu, 13 Nov 2025 12:57:50 -0800 -----BEGIN PGP SIGNED MESSAGE----- Hash: SH ... Read more
-
seclists.org
Re: 83 vulnerabilities in Vasion Print / PrinterLogic
Full Disclosure mailing list archives From: Pierre Kim <pierre.kim.sec () gmail com> Date: Tue, 11 Nov 2025 10:28:50 -0500 Hello, VulnCheck has assigned the following CVEs to the previously disclosed ... Read more
-
Daily CyberSecurity
High-Severity NVIDIA NeMo Framework Flaws Allow Code Injection and Privilege Escalation in AI Pipelines
NVIDIA has released an important security update for its NeMo Framework, addressing two high-severity vulnerabilities that expose AI developers and machine-learning pipelines to risks including arbitr ... Read more
-
Daily CyberSecurity
Amazon Exposes Advanced APT Exploiting Cisco ISE (RCE) and Citrix Bleed Two as Simultaneous Zero-Days
The Amazon Threat Intelligence team has uncovered a highly sophisticated threat campaign exploiting multiple zero-day vulnerabilities in Cisco Identity Services Engine (ISE) and Citrix systems, demons ... Read more
-
Daily CyberSecurity
Critical Zoho Analytics Plus Flaw (CVE-2025-8324, CVSS 9.8) Allows Unauthenticated SQL Injection and Data Takeover
Zoho Corporation has released an urgent security advisory addressing a critical severity SQL injection vulnerability affecting Analytics Plus on-premise installations. Tracked as CVE-2025-8324 with a ... Read more
-
CrowdStrike.com
From Domain User to SYSTEM: Analyzing the NTLM LDAP Authentication Bypass Vulnerability (CVE-2025-54918)
In September 2025, a critical vulnerability (CVE-2025-54918) was discovered affecting domain controllers running LDAP or LDAPS services. This vulnerability allows attackers to elevate privileges from ... Read more