CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
Leaked KeyPlug Malware Infrastructure Contains Exploit Scripts to Hack Fortinet Firewall and VPN
A server briefly linked to the notorious KeyPlug malware has inadvertently exposed a comprehensive arsenal of exploitation tools specifically designed to target Fortinet firewall and VPN appliances. T ...
-
BleepingComputer
ASUS warns of critical auth bypass flaw in routers using AiCloud
ASUS is warning about an authentication bypass vulnerability in routers with AiCloud enabled that could allow remote attackers to perform unauthorized execution of functions on the device. The vulnera ...
-
BleepingComputer
SonicWall SMA VPN devices targeted in attacks since January
A remote code execution vulnerability affecting SonicWall Secure Mobile Access (SMA) appliances has been under active exploitation since at least January 2025, according to cybersecurity company Arcti ...
-
BleepingComputer
Chinese hackers target Russian govt with upgraded RAT malware
Chinese-speaking IronHusky hackers are targeting Russian and Mongolian government organizations using upgraded MysterySnail remote access trojan (RAT) malware. Security researchers at Kaspersky's Glob ...
-
TheCyberThrone
CISA adds Microsoft and Apple vulnerabilities to KEV Catalog
The Cybersecurity and Infrastructure Security Agency (CISA) has added three newly exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, signaling active exploitation in the w ...
-
Dark Reading
Apple Zero-Days Under 'Sophisticated Attack,' but Details Lacking
dpa picture alliance / AlamyTwo Apple zero-day vulnerabilities were exploited in "extremely sophisticated attacks," according to the technology giant, but it has provided little detail on the threats. ...
-
Cyber Security News
Linux Kernel Vulnerability Let Attackers Escalate Privilege – PoC Released
A newly discovered vulnerability, CVE-2024-53141, in the Linux kernel’s IP sets framework has exposed a critical security flaw that allows local attackers to escalate privileges and potentially gain r ...
-
BleepingComputer
Cisco Webex bug lets hackers gain code execution via meeting links
Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code execution using malicious meeting invite links. Tracke ...
-
The Hacker News
Multi-Stage Malware Attack Uses .JSE and PowerShell to Deploy Agent Tesla and XLoader
A new multi-stage attack has been observed delivering malware families like Agent Tesla variants, Remcos RAT, and XLoader. "Attackers increasingly rely on such complex delivery mechanisms to evade det ...
-
Help Net Security
Sonicwall SMA100 vulnerability exploited by attackers (CVE-2021-20035)
CVE-2021-20035, an old vulnerability affecting Sonicwall Secure Mobile Access (SMA) 100 series appliances, is being exploited by attackers. Sonicwall confirmed it by updating the original security adv ...