CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Trend Micro
Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet
Summary: Trend™ Research has identified an active campaign exploiting CVE-2025-3248 to deliver the Flodrix botnet. Attackers use the vulnerability to execute downloader scripts on compromised Langflow ...
-
Daily CyberSecurity
Langflow Under Attacks: CVE-2025-3248 Exploited to Deliver Stealthy Flodrix Botnet
Trend Micro has uncovered an active and sophisticated campaign exploiting a critical remote code execution (RCE) vulnerability in Langflow, a popular open-source framework for building AI applications ...
-
AttackIQ
Response to CISA Advisory (AA25-163A): Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider
On June 12, 2025, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) released a Cyber Security Advisory (CSA) which highlights ransomware actors exploiting vulnerabilities in the SimpleHel ...
-
databreaches.net
Copilot AI Bug Could Leak Sensitive Data via Email Prompts
Rashmi Ramesh reports: A well-phrased email was all an attacker would have needed to trick Microsoft Copilot into handing over sensitive data until the operating system giant patched the vulnerability ...
-
BleepingComputer
ASUS Armoury Crate bug lets attackers get Windows admin privileges
A high-severity vulnerability in ASUS Armoury Crate software could allow threat actors to escalate their privileges to SYSTEM level on Windows machines. The security issue is tracked as CVE-2025-3464 ...
-
0patch.com
Micropatches Released for WEBDAV Remote Code Execution Vulnerability (CVE-2025-33053)
June 2025 Windows updates brought a fix for CVE-2025-33053, a remote code execution vulnerability that was found to be exploited in the wild. The vulnerability allows a malicious URL file pointing to ...
-
TheCyberThrone
CVE-2025-26685 impacts Microsoft Defender with Identity Spoofing
A new security vulnerability, designated as CVE-2025-26685, has been identified in Microsoft Defender for Identity, an Active Directory security solution used to detect identity-based threats. This vu ...
-
Help Net Security
SinoTrack GPS vulnerabilities may allow attackers to track, control vehicles
Vulnerabilities affecting the SinoTrack GPS tracking platform may allow attackers to keep tabs on vehicles’ location and even perform actions such as disconnecting power to vehicles’ fuel pump (if the ...
-
The Cyber Express
Keyless Entry Vulnerability (CVE-2025-6029) Threatens KIA Vehicles in Ecuador, Researcher Reports
A security flaw has been identified in the keyless entry systems (KES) used extensively in KIA vehicles across Ecuador, exposing thousands of cars to a severe risk of theft. This vulnerability, offici ...
-
Cyber Security News
46,000+ Grafana Instances Exposed to Malicious Account Takeover Attacks
A critical vulnerability affecting over 46,000 publicly accessible Grafana instances worldwide, with 36% of all public-facing deployments vulnerable to complete account takeover attacks. The newly dis ...