CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Register
Ransomware scum disrupted utility services with SimpleHelp attacks
Ransomware criminals infected a utility billing software providers' customers, and in some cases disrupted services, after exploiting unpatched versions of SimpleHelp’s remote monitoring and managemen ...
-
Dark Reading
Researchers Detail Zero-Click Copilot Exploit 'EchoLeak'
Source: Adrian Vidal via Alamy Stock PhotoA critical vulnerability could have enabled attackers to unleash prompt injection attacks against Copilot users, though Microsoft ultimately addressed the iss ...
-
BleepingComputer
Trend Micro fixes critical vulnerabilities in multiple products
Trend Micro has released security updates to address multiple critical-severity remote code execution and authentication bypass vulnerabilities that impact its Apex Central and Endpoint Encryption (TM ...
-
BleepingComputer
Graphite spyware used in Apple iOS zero-click attacks on journalists
Forensic investigation has confirmed the use of Paragon's Graphite spyware platform in zero-click attacks that targeted Apple iOS devices of at least two journalists in Europe. Researchers at Citizen ...
-
security.nl
IPhones Europese journalisten via iOS zero click-lek besmet met spyware
De iPhones van in ieder geval twee Europese journalisten zijn via een zero-click kwetsbaarheid in iOS besmet geraakt met de Graphite-spyware van Paragon Solutions. Het bestaan van het beveiligingslek, ...
-
Cyber Security News
OpenPGP.js Vulnerability Let Attackers Spoof Message Signature Verification
A critical vulnerability in the widely-used OpenPGP.js library has been discovered that allows attackers to forge digital signatures and deceive users into believing malicious content was legitimately ...
-
Cyber Security News
Palo Alto Networks PAN-OS Vulnerability Enables Admin to Execute Root User Actions
A critical command injection vulnerability in Palo Alto Networks PAN-OS operating system enables authenticated administrative users to escalate privileges and execute commands as the root user. Design ...
-
Cyber Security News
Multiple GitLab Vulnerabilities Allow Attackers to Achieve Complete Account Takeover
A series of critical security vulnerabilities across GitLab Community Edition (CE) and Enterprise Edition (EE) platforms that could enable attackers to achieve complete account takeover and compromise ...
-
Daily CyberSecurity
CVE-2025-41234: Spring Framework Vulnerability Enables Reflected File Download Attacks
The Spring project has released a security advisory disclosing a vulnerability in the popular Spring Framework, which could allow attackers to launch Reflected File Download (RFD) attacks under certai ...
-
Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
EchoLeak Zero-Click AI Attack in Microsoft Copilot Exposes Company Data
Cybersecurity firm Aim Labs has uncovered a serious new security problem, named EchoLeak, affecting Microsoft 365 (M365) Copilot, a popular AI assistant. This flaw is a zero-click vulnerability, meani ...