CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
CVE-2025-32965: Backdoor in xrpl.js SDK Puts Crypto Wallets at Risk
Aikido Intel has issued an urgent alert after detecting a backdoor in multiple versions of xrpl.js, the official SDK for the XRP Ledger, marking one of the most severe supply chain attacks to hit the ...
-
Daily CyberSecurity
CVE-2025-34028: Critical RCE Flaw in Commvault Command Center Scores CVSS 10
Commvault has disclosed a critical vulnerability affecting its Command Center, identified as CVE-2025-34028, with the maximum CVSS score of 10.0. The flaw allows unauthenticated remote attackers to ex ...
-
Daily CyberSecurity
CVE-2024-6235: NetScaler Console Flaw Enables Admin Access, PoC Publishes
A critical vulnerability—CVE-2024-6235—in Citrix NetScaler Console has been dissected by security researcher chutton-r7, revealing a severe unauthenticated session hijack that enables attackers to cre ...
-
Daily CyberSecurity
NVIDIA NeMo Framework: High-Risk Vulnerabilities Allow Remote Code Execution
NVIDIA has issued a security bulletin disclosing three high-severity vulnerabilities in its NeMo Framework, a scalable, cloud-native generative AI platform designed for developers working with Large L ...
-
Daily CyberSecurity
Grafana Patches CVE-2025-3260 and More in Critical Security Update
Grafana Labs has issued security updates for multiple product versions, addressing one high and two medium-severity vulnerabilities affecting Grafana OSS and Enterprise editions. The most serious—CVE- ...
-
Daily CyberSecurity
FormBook Malware Spreads via Sophisticated Phishing Attack
Workflow diagram of this FormBook campaign | Image: FortiGuard Labs A new phishing campaign distributing the FormBook infostealer malware has been uncovered by Fortinet’s FortiGuard Labs, targeting Wi ...
-
The Register
Ripple NPM supply chain attack hunts for private keys
Many versions of the Ripple ledger (XRPL) official NPM package are compromised with malware injected to steal cryptocurrency. The NPM package, xrpl, is a JavaScript/TypeScript library that devs use to ...
-
CrowdStrike.com
Kubernetes IngressNightmare Vulnerabilities: What You Need to Know
We would like to recognize Amit Serper, Travis Lowe, Tony Gore, Adrian Godoy, Mihai Vasilescu, Suraj Sahu, Pablo Ramos, Raj Jammalamadaka, Lacie Griffin, and Josh Grunzweig for their contributions in ...
-
TheCyberThrone
CVE-2025-1731 and CVE-2025-1732 impacts Zyxel Firewalls
Zyxel has disclosed two critical vulnerabilities, CVE-2025-1731 and CVE-2025-1732, affecting its USG FLEX H series firewalls. These vulnerabilities could allow authenticated local attackers to escalat ...
-
BleepingComputer
ASUS releases fix for AMI bug that lets hackers brick servers
ASUS has released security updates to address CVE-2024-54085, a maximum severity flaw that could allow attackers to hijack and potentially brick servers. The flaw impacts American Megatrends Internati ...