CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Two sslh Flaws Disclosed: Remote DoS Attacks Possible via Protocol Multiplexer
In June 2025, the SUSE Security Team disclosed critical vulnerabilities in sslh, a lightweight protocol multiplexer used to serve multiple services—such as SSH and HTTPS—on the same port. Though desig ...
-
Daily CyberSecurity
Apache Tomcat Patches 4 Flaws: DoS, Privilege Bypass, & Installer Risks Addressed
The Apache Software Foundation has disclosed four security vulnerabilities affecting multiple versions of Apache Tomcat, the widely used open-source Java servlet container. These flaws—ranging from de ...
-
Daily CyberSecurity
Zero-Click to Root: CISA Flags Active Exploits in Apple iOS and TP-Link Routers
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two high-risk vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, citing confirmed in-the-wild exploitation ...
-
Daily CyberSecurity
OneLogin AD Connector Flaw Exposes Credentials & Allows Account Impersonation
Image: SpecterOps A recent investigation by SpecterOps has uncovered a chain of critical vulnerabilities in OneLogin’s Active Directory (AD) Connector service that enabled attackers to impersonate use ...
-
Daily CyberSecurity
PoCGen: AI Tool Automates Exploit Generation for npm Vulnerabilities with LLMs
A tool named PoCGen is revolutionizing how the security community generates Proof-of-Concept (PoC) exploits for vulnerabilities in the npm ecosystem. Developed by researchers Deniz Simsek, Aryaz Eghba ...
-
Daily CyberSecurity
Zyxel Firewalls Under Attack via Critical CVE-2023-28771
A sudden and coordinated wave of exploit attempts targeting a critical vulnerability in Zyxel firewalls has been detected. The attack centers around CVE-2023-28771, a high-severity remote code executi ...
-
Trend Micro
Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet
Summary: Trend™ Research has identified an active campaign exploiting CVE-2025-3248 to deliver the Flodrix botnet. Attackers use the vulnerability to execute downloader scripts on compromised Langflow ...
-
Daily CyberSecurity
Langflow Under Attacks: CVE-2025-3248 Exploited to Deliver Stealthy Flodrix Botnet
Trend Micro has uncovered an active and sophisticated campaign exploiting a critical remote code execution (RCE) vulnerability in Langflow, a popular open-source framework for building AI applications ...
-
AttackIQ
Response to CISA Advisory (AA25-163A): Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider
On June 12, 2025, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) released a Cyber Security Advisory (CSA) which highlights ransomware actors exploiting vulnerabilities in the SimpleHel ...
-
databreaches.net
Copilot AI Bug Could Leak Sensitive Data via Email Prompts
Rashmi Ramesh reports: A well-phrased email was all an attacker would have needed to trick Microsoft Copilot into handing over sensitive data until the operating system giant patched the vulnerability ...