CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Ivanti Workspace Control hardcoded key flaws expose SQL credentials
Ivanti has released security updates to fix three high-severity hardcoded key vulnerabilities in the company's Workspace Control (IWC) solution. IWC helps enterprise admins manage desktops and applica ...
-
security.nl
SAP waarschuwt voor nieuwe kritieke NetWeaver-kwetsbaarheid
SAP waarschuwt opnieuw voor een kritieke kwetsbaarheid in NetWeaver en heeft updates uitgebracht om het probleem te verhelpen. De software blijkt noodzakelijke autorisatiecontroles voor geauthenticeer ...
-
Cyber Security News
Ivanti Workspace Control Vulnerabilities Let Attackers Decrypt Stored SQL Credentials
Ivanti has issued urgent security updates for its Workspace Control platform after discovering three high-severity vulnerabilities that could allow attackers to decrypt stored SQL credentials. The com ...
-
Cyber Security News
Fortinet OS Command Injection Vulnerability Lets Attackers Execute Unauthorised Code on FortiAnalyzer-Cloud
Fortinet, a leading provider of cybersecurity solutions, has recently addressed a significant security vulnerability, CVE-2023-42788, classified as an OS command injection issue under CWE-78. This vul ...
-
Cyber Security News
Critical SAP NetWeaver Vulnerability Let Attackers Bypass Authorization Checks
A critical security vulnerability has been discovered in SAP NetWeaver Application Server for ABAP that allows authenticated attackers to bypass standard authorization checks and escalate their privil ...
-
Cyber Security News
Critical Vulnerability in Lovable’s Security Policies Let Attackers Inject Malicious Code
A severe security vulnerability, designated as CVE-2025-48757, has been discovered in Lovable’s implementation of Row Level Security (RLS) policies, allowing attackers to bypass authentication control ...
-
security.nl
Meerdere botnets misbruiken kritiek lek in beveiligingsplatform Wazuh
Verschillende botnets maken actief misbruik van een kritieke kwetsbaarheid in Wazuh, een opensource-beveiligingsplatform voor het voorkomen en detecteren van dreigingen en incidentrespons. Dat laat in ...
-
Help Net Security
Unpatched Wazuh servers targeted by Mirai botnets (CVE-2025-24016)
Two Mirai botnets are exploiting a critical remote code execution vulnerability (CVE-2025-24016) in the open-source Wazuh XDR/SIEM platform, Akamai researchers have warned. What is Wazuh? Wazuh is a p ...
-
Cyber Security News
CISA Warns of Erlang/OTP SSH Server RCE Vulnerability Exploited in Attacks
CISA has issued an urgent warning regarding a critical vulnerability in Erlang/OTP SSH servers that is being actively exploited in the wild. The vulnerability, tracked as CVE-2025-32433, enables attac ...
-
Cyber Security News
ManageEngine Exchange Reporter Plus Vulnerability Allows Remote Code Execution
A severe security vulnerability has been identified in ManageEngine Exchange Reporter Plus that could allow attackers to execute arbitrary commands on target servers. Designated as CVE-2025-3835, this ...