CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
CVE-2025-29906: Finit’s Bundled Getty Flaw Allows Authentication Bypass on Linux Systems
A serious security vulnerability has been discovered in Finit, a lightweight and fast init system for Linux, originally reverse-engineered from the EeePC fastinit by Claudio Matsuoka. Tracked as CVE-2 ...
-
Daily CyberSecurity
APT28 Cyber Espionage Campaign Targets French Institutions Since 2021
The French National Cybersecurity Agency (ANSSI) has released a detailed report exposing a sustained and strategic cyber-espionage campaign orchestrated by APT28, a group publicly attributed to the Ru ...
-
Daily CyberSecurity
CVE-2025-32444 (CVSS 10): Critical RCE Flaw in vLLM’s Mooncake Integration Exposes AI Infrastructure
A critical security vulnerability has been disclosed in vLLM, a popular open-source library used for high-performance inference and serving of large language models (LLMs). Tracked as CVE-2025-32444, ...
-
Daily CyberSecurity
Outlaw Botnet Exploits Weak SSH to Hijack Linux Systems for Crypto Mining
While high-profile ransomware and state-backed APT groups often dominate headlines, it’s crucial not to overlook quieter yet persistent threats. One such threat is Outlaw (also known as “Dota”), a Per ...
-
Red Canary
Critical vulnerability in SAP NetWeaver enables malicious file uploads
Adversaries can exploit CVE-2025-31324 to upload web shells and other unauthorized files to execute on the SAP NetWeaver server April 30, 2025Red Canary has observed activity exploiting a newly-docume ...
-
BleepingComputer
SonicWall: SMA100 VPN vulnerabilities now exploited in attacks
Cybersecurity company SonicWall has warned customers that several vulnerabilities impacting its Secure Mobile Access (SMA) appliances are now being actively exploited in attacks. On Tuesday, SonicWal ...
-
Cyber Security News
Commvault Confirms 0-Day Exploit Allowed Hackers Access to Its Azure Environment
Commvault, a leading provider of data protection solutions, has confirmed that a nation-state threat actor breached its Azure environment in February by exploiting a zero-day vulnerability. The compan ...
-
BleepingComputer
Commvault says recent breach didn't impact customer backup data
Commvault, a leading provider of data protection solutions, says a nation-state threat actor who breached its Azure environment didn't gain access to customer backup data. Listed on NASDAQ since March ...
-
TheCyberThrone
CISA Adds SAP NetWeaver Vulnerability to KEV Catalog
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting SAP NetWeaver to its Known Exploited Vulnerabilities (KEV) Catalog, emphasizing the urgency of ...
-
The Cyber Express
A Shift From Browsers to Enterprise Targets: 2024 Zero-Day Exploitation Analysis
Google’s Threat Intelligence Group (GTIG) released its annual analysis of zero-day exploitation, detailing how 2024 saw attackers increasingly target enterprise software and infrastructure over tradit ...