CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
hackread.com
Severe React Native Flaw Exposes Developer Systems to Remote Attacks
Security researchers at JFrog, a company specialising in software supply chain protection, recently found a severe security problem in a key part of the React Native mobile app development framework. ... Read more
-
The Register
AMD red-faced over random-number bug that kills cryptographic security
AMD will issue a microcode patch for a high-severity vulnerability that could weaken cryptographic keys across Epyc and Ryzen CPUs. The flaw, tracked as CVE-2025-62626 (7.2), affects Zen 5 chips with ... Read more
-
Help Net Security
Critical Control Web Panel vulnerability is actively exploited (CVE-2025-48703)
On Tuesday, CISA added two vulnerabilities to its Known Exploited Vulnerabilities catalog: CVE-2025-11371, which affects Gladinet’s CentreStack and Triofox file-sharing and remote access platforms, an ... Read more
-
The Cyber Express
Balancer Hack Exposes $116 Million Smart Contract Vulnerability
Balancer V2, one of the most prominent automated market makers (AMMs), has suffered a large-scale security incident. The Balancer data breach exposed a critical Balancer vulnerability within its smart ... Read more
-
CybersecurityNews
CISA Warns of Control Web Panel OS Command Injection Vulnerability Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning regarding a dangerous OS command injection vulnerability affecting Control Web Panel (CWP), formerly known as ... Read more
-
CrowdStrike.com
From Domain User to SYSTEM: Analyzing the NTLM LDAP Authentication Bypass Vulnerability (CVE-2025-54918)
In September 2025, a critical vulnerability (CVE-2025-54918) was discovered affecting domain controllers running LDAP or LDAPS services. This vulnerability allows attackers to elevate privileges from ... Read more
-
hackread.com
Microsoft Teams Flaws Allowed Attackers to Fake Identities, Rewrite Chats
Microsoft Teams, the communication platform used by hundreds of millions worldwide, has been found to contain serious security vulnerabilities that could have let attackers impersonate executives, alt ... Read more
-
CrowdStrike.com
Falcon Defends Against Git Vulnerability CVE-2025-48384
CrowdStrike has identified active exploitation of Git vulnerability CVE-2025-48384. In the observed activity, threat actors combined sophisticated social engineering tactics with malicious Git reposit ... Read more
-
CrowdStrike.com
How Falcon Exposure Management’s ExPRT.AI Predicts What Attackers Will Exploit
Nearly 40,000 vulnerabilities were disclosed in 2024.1 Security teams are overwhelmed, especially those relying on outdated tools. ExPRT.AI, the native intelligence engine embedded in CrowdStrike Falc ... Read more
-
CrowdStrike.com
From Domain User to SYSTEM: Analyzing the NTLM LDAP Authentication Bypass Vulnerability (CVE-2025-54918)
In September 2025, a critical vulnerability (CVE-2025-54918) was discovered affecting domain controllers running LDAP or LDAPS services. This vulnerability allows attackers to elevate privileges from ... Read more