CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
CVE-2025-42599: Critical Buffer Overflow in Active! mail Exploited in the Wild
A severe security vulnerability has been identified in Active! mail, a product of QUALITIA CO., LTD., posing a significant risk to affected systems. The Japan Computer Emergency Response Team (JPCERT) ...
-
Daily CyberSecurity
APT41/RedGolf Infrastructure Briefly Exposed: Fortinet Zero-Days Targeted Shiseido
In a rare window into the operations of an advanced persistent threat, a KeyPlug-linked infrastructure briefly went live, exposing tools and scripts tied to APT41/RedGolf operations. The server, activ ...
-
Daily CyberSecurity
Critical Meshtastic RCE Vulnerability (CVE-2025-24797) Requires Urgent Update
A critical security vulnerability has been disclosed in Meshtastic, the open-source LoRa mesh networking platform known for enabling long-range, low-power communication without cellular or internet co ...
-
cybereason.com
CVE-2025-32433: Unauthenticated RCE Vulnerability in Erlang/OTP’s SSH Implementation
Key Takeaways A critical vulnerability has been discovered in Erlang/OTP, tracked as CVE-2025-32433, and has a CVSS score of 10 (critical). This critical remote code execution (RCE) vulnerability aff ...
-
TheCyberThrone
CVE-2025-2492 impacts ASUS AiCloud Routers
CVE-2025-2492 is a critical authentication bypass vulnerability affecting ASUS routers with AiCloud enabled. This flaw allows remote attackers to execute unauthorized functions on vulnerable devices w ...
-
Help Net Security
Week in review: LLM package hallucinations harm supply chains, Nagios Log Server flaws fixed
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) Apple has ...
-
TheCyberThrone
IronHusky APT deploys MysterySnail APT
IronHusky APT, a China-linked cyber espionage group, has resurfaced with an evolved version of its MysterySnail RAT, targeting government organizations in Russia and Mongolia. Leveraging malicious MMC ...
-
Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
Chinese APT IronHusky Deploys Updated MysterySnail RAT on Russia
Kaspersky researchers report the reappearance of MysterySnail RAT, a malware linked to Chinese IronHusky APT, targeting Mongolia and Russia after years of silence. Learn about its new tactics and modu ...
-
TheCyberThrone
Operation ForumTroll Detailed out
Operation ForumTroll is a sophisticated Advanced Persistent Threat (APT) campaign that exploits a zero-day vulnerability (CVE-2025-2783) in Google Chrome. This operation was uncovered in March 2025 an ...
-
TheCyberThrone
CVE-2025-32445 Privilege Escalation Flaw in Argo Events
CVE-2025-32445 is a critical privilege escalation vulnerability affecting Argo Events, an event-driven workflow automation framework designed for Kubernetes environments. The flaw enables users with p ...