CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
CVE-2025-48757: Lovable’s Row-Level Security Breakdown Exposes Sensitive Data Across Hundreds of Projects
Security researcher Matt Palmer has uncovered a critical vulnerability in the Lovable low-code platform, now tracked as CVE-2025-48757, that allows unauthenticated access and data modification due to ...
-
Daily CyberSecurity
Operation DRAGONCLONE: China Mobile Tietong Hit by Advanced APT Attack
Seqrite Labs APT-Team has uncovered a targeted campaign against China Mobile Tietong Co., Ltd., a prominent subsidiary of China Mobile, using a combination of DLL sideloading, anti-sandbox techniques, ...
-
Daily CyberSecurity
CVE-2025-41646: Critical Authentication Bypass in RevPi Webstatus Threatens Industrial Systems
KUNBUS has issued a critical security advisory for its RevPi Webstatus application following the discovery of an authentication bypass vulnerability identified as CVE-2025-41646. With a CVSS base scor ...
-
Daily CyberSecurity
BladedFeline: Iran-Aligned APT Group Expands Arsenal With Whisper and PrimeCache
In a detailed expose released by ESET, researchers unveiled a sophisticated and persistent cyberespionage campaign by an Iran-aligned APT group dubbed BladedFeline, a suspected subgroup of the notorio ...
-
BleepingComputer
Over 84,000 Roundcube instances vulnerable to actively exploited flaw
Over 84,000 Roundcube webmail installations are vulnerable to CVE-2025-49113, a critical remote code execution (RCE) flaw with a public exploit. The flaw, which impacts Roundcube versions 1.1.0 throug ...
-
Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Chinese-Linked Hackers Targeted 70+ Global Organizations, SentinelLABS
SentinelLABS uncovers widespread China-linked cyber espionage targeting over 70 global organizations and cybersecurity firms between July 2024 and March 2025. Learn about the “PurpleHaze (aka Vixen Pa ...
-
Cyber Security News
Critical Wazuh Server RCE Vulnerability Exploited to Deploy Mirai Variants
Security researchers at Akamai have discovered active exploitation of a critical remote code execution vulnerability in Wazuh servers, marking the first reported in-the-wild attacks against the open-s ...
-
The Hacker News
Over 70 Organizations Across Multiple Sectors Targeted by China-Linked Cyber Espionage Group
Government Security / Cyber Espionage The reconnaissance activity targeting American cybersecurity company SentinelOne was part of a broader set of partially-related intrusions into several targets be ...
-
Daily CyberSecurity
Critical Wazuh RCE (CVE-2025-24016) Actively Exploited by Mirai Botnets
Akamai’s Security Intelligence and Response Team (SIRT) has uncovered active exploitation of CVE-2025-24016, a critical remote code execution (RCE) vulnerability in Wazuh servers, by multiple Mirai-ba ...
-
The Hacker News
Two Distinct Botnets Exploit Wazuh Server Vulnerability to Launch Mirai-Based Attacks
A now-patched critical security flaw in the Wazur Server is being exploited by threat actors to drop two different Mirai botnet variants and use them to conduct distributed denial-of-service (DDoS) at ...