CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Critical 9.8 CVSS Flaw: Unpatched PayU CommercePro Plugin Allows Admin Account Takeover!
A severe vulnerability in the PayU CommercePro plugin for WordPress, which has over 5,000 active installations, allows unauthenticated attackers to take over any user account, including admins. Tracke ...
-
security.nl
Digitale videorecorders TBK aangevallen door Mirai-botnet
Digitale videorecorders van fabrikant TBK zijn het doelwit van een variant van de Mirai-malware, die besmette apparaten onderdeel maakt van een botnet. Dat laat antivirusbedrijf Kaspersky in een analy ...
-
The Register
Chinese spy crew appears to be preparing for conflict by backdooring 75+ critical orgs
An IT services company, a European media group, and a South Asian government entity are among the more than 75 companies where China-linked groups have planted malware to access strategic networks sho ...
-
Cyber Security News
PoC Exploit Released for Fortinet 0-Day Vulnerability that Allows Remote Code Execution
A new proof-of-concept (PoC) exploit for a critical zero-day vulnerability affecting multiple Fortinet products raises urgent concerns about the security of enterprise network infrastructure. The vuln ...
-
Daily CyberSecurity
Critical CVSS 10.0 Flaws in B. Braun OnlineSuite Threaten Healthcare Infrastructure
B. Braun Melsungen AG has issued a high-priority security advisory warning of three severe vulnerabilities affecting its OnlineSuite AP 3.0 and earlier, including one rated a maximum CVSS score of 10. ...
-
Daily CyberSecurity
UNC1151 Exploits Roundcube Flaw in Spear Phishing Attack
CERT Polska has sounded the alarm after uncovering a spear phishing campaign that targeted Polish organizations using a critical webmail vulnerability. The campaign is linked to the UNC1151 APT group, ...
-
Daily CyberSecurity
Go Fixes Three Security Flaws: Update Your Apps Now!
The Go team has rolled out versions 1.24.4 and 1.23.10, addressing three critical security vulnerabilities affecting core packages such as net/http, os, and crypto/x509. While these are minor point re ...
-
Daily CyberSecurity
FormBook Returns: Exploiting CVE-2017-0199 via Malicious Excel Attachments in New Phishing Campaign
Image: FortiGuard Labs FortiGuard Labs has uncovered a renewed phishing campaign that leverages the eight-year-old CVE-2017-0199 vulnerability to deploy FormBook, a notorious infostealer malware. The ...
-
Daily CyberSecurity
EnigmaCyberSecurity: Brazil-Focused Banking Malware Campaign Uses RATs and Malicious Extensions
Attack chain using a browser extension | Image: Positive Technologies Positive Technologies has uncovered an ongoing, multi-stage cybercrime campaign—dubbed “EnigmaCyberSecurity”—primarily targeting B ...
-
Daily CyberSecurity
CVE-2025-4318 (CVSS 9.5): AWS Amplify RCE Flaw Exposed with PoC – CI/CD Pipelines at Risk
Image: SecureLayer7 A critical vulnerability in AWS Amplify’s UI generation tool, @aws-amplify/codegen-ui, is putting developers—and their build pipelines—at serious risk. Tracked as CVE-2025-4318, th ...