CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
AyySSHush: New Stealthy Botnet Backdoors ASUS Routers, Persists Through Firmware Updates
A new wave of router-based cyberattacks has emerged in the form of a stealthy and persistent botnet campaign dubbed AyySSHush, targeting ASUS routers across the globe. First uncovered in March 2025 by ...
-
The Hacker News
New Linux Flaws Allow Password Hash Theft via Core Dumps in Ubuntu, RHEL, Fedora
Two information disclosure flaws have been identified in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise Linux, and Fedora, according to the Qualys Threat Research Un ...
-
security.nl
Kritieke beveiligingslekken in forumsoftware vBulletin actief misbruikt
Aanvallers maken actief misbruik van twee kritieke kwetsbaarheden in de populaire forumsoftware vBulletin, zo melden het Amerikaanse National Institute of Standards and Technology (NIST), Qualys en KE ...
-
Daily CyberSecurity
CVE-2025-40909: Perl Threads Vulnerability Exposes File Operation Race Condition
A newly disclosed vulnerability in Perl’s threading mechanism, tracked as CVE-2025-40909, exposes systems to race conditions involving the working directory, potentially enabling local attackers to ma ...
-
Daily CyberSecurity
CVE-2025-48912: Apache Superset Flaw Allows Row-Level Security Bypass via SQL Injection
A serious security vulnerability has been discovered in Apache Superset, a widely used open-source data exploration and visualization platform. The flaw exposes sensitive datasets to unauthorized acce ...
-
TheCyberThrone
ConnectWise Cyberattack
In May 2025, ConnectWise, a major provider of IT automation and remote access tools, publicly confirmed a targeted cyberattack against its cloud-hosted ScreenConnect infrastructure. The attack has bee ...
-
Dark Reading
'Earth Lamia' Exploits Known SQL, RCE Bugs Across Asia
Source: Frank Hecker via Alamy Stock PhotoA China-nexus threat actor behind the recent exploitation of SAP's NetWeaver software is expanding its campaign, taking advantage of unpatched, Internet-expos ...
-
BleepingComputer
Hackers are exploiting critical flaw in vBulletin forum software
Two critical vulnerabilities affecting the open-source forum software vBulletin have been discovered, with one confirmed to be actively exploited in the wild. The flaws, tracked under CVE-2025-48827 a ...
-
The Register
ConnectWise customers get mysterious warning about 'sophisticated' nation-state hack
ConnectWise has brought in the big guns to investigate a "sophisticated nation state actor" that broke into its IT environment and then breached some of its customers. In a May 28 advisory, the IT man ...
-
cert.pl
Vulnerabilities in applications preloaded on Ulefone and Krüger&Matz smartphones
CVE ID CVE-2024-13915 Publication date 30 May 2025 Vendor Ulefone and Krüger&Matz Product com.pri.factorytest Vulnerable versions All through 1.0 Vulnerability type (CWE) Improper Export of Android Ap ...