CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
End of an Era: Apple Has Reportedly Cancelled the Mac Pro Lineup
According to a report by Bloomberg journalist Mark Gurman, Apple appears to have abandoned the Mac Pro. The company’s most powerful workstation—last refreshed in 2023 with the M2 Ultra chip—now seems ... Read more
-
Daily CyberSecurity
Critical pgAdmin Flaws (CVE-2025-12762, CVSS 9.1) Allow Remote Code Execution via PostgreSQL Dump Files
The pgAdmin development team has issued patches addressing four newly disclosed security vulnerabilities impacting pgAdmin versions up to 9.9, including a critical Remote Code Execution (RCE) flaw tha ... Read more
-
Daily CyberSecurity
High-Severity Memos Flaw (CVE-2024-21635) Allows Hackers to Stay Logged In After Password Change
The team behind Memos, the privacy-first, self-hosted knowledge base platform, has issued a security advisory for CVE-2024-21635, a session-management flaw that could allow attackers to maintain acces ... Read more
-
Daily CyberSecurity
Critical IBM AIX RCE (CVE-2025-36250, CVSS 10.0) Flaw Exposes NIM Private Keys and Risks Directory Traversal
IBM has released a new security bulletin addressing multiple high-severity vulnerabilities affecting AIX 7.2, AIX 7.3, and VIOS 3.1/4.1, including flaws that could allow remote attackers to execute ar ... Read more
-
Daily CyberSecurity
Record Supply Chain Attack: 150,000+ Malicious npm Packages Flooded Registry for Token Farming Rewards
In one of the largest open-source supply chain incidents ever recorded, Amazon Inspector security researchers have uncovered over 150,000 malicious npm packages linked to a coordinated tea.xyz token f ... Read more
-
Daily CyberSecurity
CISA Warns: Critical Lynx+ Gateway Flaw (CVSS 10.0) Allows Unauthenticated Remote Reset; Vendor Non-Responsive
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a new advisory detailing multiple high-severity vulnerabilities affecting the Lynx+ Gateway manufactured by General Industri ... Read more
-
Daily CyberSecurity
Phishing-as-a-Service Uncovered: Automated Kit Impersonates Aruba S.p.A. to Steal Credentials and Credit Cards
A new report from Group-IB exposes a highly automated phishing framework engineered to impersonate Italian IT and web-services giant Aruba S.p.A., a company serving more than 5.4 million customers and ... Read more
-
CrowdStrike.com
CrowdStrike Named Overall Leader in 2025 KuppingerCole ITDR Leadership Compass
KuppingerCole recognizes CrowdStrike as the Overall Leader, achieving the top position in every evaluated category in its 2025 identity security report. CrowdStrike has been named the Overall Leader i ... Read more
-
CrowdStrike.com
November 2025 Patch Tuesday: One Zero-Day and Five Critical Vulnerabilities Among 63 CVEs
Microsoft has addressed 63 vulnerabilities in its November 2025 security update release, almost one third from October's record-breaking 172 patches. This month's updates address one actively exploite ... Read more
-
krebsonsecurity.com
Microsoft Patch Tuesday, November 2025 Edition
Microsoft this week pushed security updates to fix more than 60 vulnerabilities in its Windows operating systems and supported software, including at least one zero-day bug that is already being explo ... Read more