CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
PumaBot: New Stealthy Linux Botnet Evades Detection, Targets IoT Devices
Cybersecurity researchers at Darktrace have exposed a stealthy and persistent Linux-based botnet dubbed PumaBot, which leverages Go binaries, SSH brute-force attacks, and custom backdoors to target In ...
-
Daily CyberSecurity
Hitachi Energy’s Asset Suite Hit by Multiple Critical Vulnerabilities
Hitachi Energy has issued a cybersecurity advisory warning of multiple vulnerabilities impacting its Asset Suite product—a widely used Enterprise Asset Management (EAM) solution in the power generatio ...
-
BleepingComputer
Exploit details for max severity Cisco IOS XE flaw now public
Technical details about a maximum-severity Cisco IOS XE WLC arbitrary file upload flaw tracked as CVE-2025-20188 have been made publicly available, bringing us closer to a working exploit. The write-u ...
-
InfoSec Write-ups
My Journey to NASA’s Hall of Fame
My Journey to NASA’s Hall of FameHi, I’m Dharineesh, AKA Hack-Bat, and this is the story of how I ended up being listed in the NASA Hall of Fame. It wasn’t a smooth ride. The path was filled with long ...
-
Daily CyberSecurity
AyySSHush: New Stealthy Botnet Backdoors ASUS Routers, Persists Through Firmware Updates
A new wave of router-based cyberattacks has emerged in the form of a stealthy and persistent botnet campaign dubbed AyySSHush, targeting ASUS routers across the globe. First uncovered in March 2025 by ...
-
The Hacker News
New Linux Flaws Allow Password Hash Theft via Core Dumps in Ubuntu, RHEL, Fedora
Two information disclosure flaws have been identified in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise Linux, and Fedora, according to the Qualys Threat Research Un ...
-
security.nl
Kritieke beveiligingslekken in forumsoftware vBulletin actief misbruikt
Aanvallers maken actief misbruik van twee kritieke kwetsbaarheden in de populaire forumsoftware vBulletin, zo melden het Amerikaanse National Institute of Standards and Technology (NIST), Qualys en KE ...
-
Daily CyberSecurity
CVE-2025-40909: Perl Threads Vulnerability Exposes File Operation Race Condition
A newly disclosed vulnerability in Perl’s threading mechanism, tracked as CVE-2025-40909, exposes systems to race conditions involving the working directory, potentially enabling local attackers to ma ...
-
Daily CyberSecurity
CVE-2025-48912: Apache Superset Flaw Allows Row-Level Security Bypass via SQL Injection
A serious security vulnerability has been discovered in Apache Superset, a widely used open-source data exploration and visualization platform. The flaw exposes sensitive datasets to unauthorized acce ...
-
TheCyberThrone
ConnectWise Cyberattack
In May 2025, ConnectWise, a major provider of IT automation and remote access tools, publicly confirmed a targeted cyberattack against its cloud-hosted ScreenConnect infrastructure. The attack has bee ...