CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
Hackers Actively Exploiting Fortigate Vulnerabilities to Deploy Qilin Ransomware
A new wave of cyberattacks has emerged targeting critical infrastructure through the exploitation of Fortigate security appliance vulnerabilities, with threat actors successfully deploying the notorio ...
-
Help Net Security
Roundcube RCE: Dark web activity signals imminent attacks (CVE-2025-49113)
With an exploit for a critical Roundcube vulnerability (CVE-2025-49113) being offered for sale on underground forums and a PoC exploit having been made public, attacks exploiting the flaw are incoming ...
-
Cyber Security News
Multiple QNAP Vulnerabilities Let Remote Attacker Gains Access to a User Account
Two significant QNAP security vulnerabilities affecting Qsync Central 4.5.x that could allow remote attackers to exploit user accounts and gain unauthorized access to sensitive data. The vulnerabiliti ...
-
Dark Reading
China-Backed Hackers Target SentinelOne in 'PurpleHaze' Attack Spree
Source: Shane Stickley via Alamy Stock PhotoThreat actors from China targeted a security vendor as part of a spree of attacks against various organizations that occurred in an eight-month period start ...
-
Cyber Security News
Jenkins Gatling Plugin Vulnerability Let Attackers Bypass Content-Security-Policy Protection
A critical cross-site scripting (XSS) vulnerability in the popular Jenkins Gatling Plugin allows attackers to bypass Content-Security-Policy (CSP) protections. The vulnerability, tracked as CVE-2025-5 ...
-
The Hacker News
⚡ Weekly Recap: Chrome 0-Day, Data Wipers, Misused Tools and Zero-Click iPhone Attacks
Cybersecurity / Hacking News Behind every security alert is a bigger story. Sometimes it's a system being tested. Sometimes it's trust being lost in quiet ways—through delays, odd behavior, or subtle ...
-
Daily CyberSecurity
Critical 9.8 CVSS Flaw: Unpatched PayU CommercePro Plugin Allows Admin Account Takeover!
A severe vulnerability in the PayU CommercePro plugin for WordPress, which has over 5,000 active installations, allows unauthenticated attackers to take over any user account, including admins. Tracke ...
-
security.nl
Digitale videorecorders TBK aangevallen door Mirai-botnet
Digitale videorecorders van fabrikant TBK zijn het doelwit van een variant van de Mirai-malware, die besmette apparaten onderdeel maakt van een botnet. Dat laat antivirusbedrijf Kaspersky in een analy ...
-
The Register
Chinese spy crew appears to be preparing for conflict by backdooring 75+ critical orgs
An IT services company, a European media group, and a South Asian government entity are among the more than 75 companies where China-linked groups have planted malware to access strategic networks sho ...
-
Cyber Security News
PoC Exploit Released for Fortinet 0-Day Vulnerability that Allows Remote Code Execution
A new proof-of-concept (PoC) exploit for a critical zero-day vulnerability affecting multiple Fortinet products raises urgent concerns about the security of enterprise network infrastructure. The vuln ...