CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
Hackers Weaponize MMC Script to Deploy MysterySnail RAT Malware
A sophisticated cyberespionage campaign leveraging malicious Microsoft Management Console (MMC) scripts to deploy the stealthy MysterySnail remote access trojan (RAT). First identified in 2021 during ...
-
Help Net Security
Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)
CVE-2025-24054, a Windows NTLM hash disclosure vulnerability that Microsoft has issued patches for last month, has been leveraged by threat actors in campaigns targeting government and private institu ...
-
security.nl
SonicWall meldt misbruik van vier jaar oud lek in SMA100-gateways
SonicWall waarschuwt klanten voor misbruik van een vier jaar oude kwetsbaarheid in de SMA 100-gateways die het levert. Via het beveiligingslek kan een geauthenticeerde aanvaller willekeurige commando' ...
-
Cyber Security News
Critical Erlang/OTP SSH Vulnerability Allows Unauthenticated Remote Code Execution
A critical vulnerability in the Erlang/Open Telecom Platform (OTP) SSH implementation that allows attackers to execute arbitrary code without authentication. The flaw, tracked as CVE-2025-32433, has b ...
-
Cyber Security News
CISA Warns of Credential Risks Linked to Oracle Cloud Compromise
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority advisory following reports of unauthorized access to a legacy Oracle Cloud environment. While Oracle disputes cla ...
-
Daily CyberSecurity
RomethemeKit Elementor Plugin Flaw Enables RCE: CVE-2025-30911
A newly disclosed vulnerability in the popular RomethemeKit For Elementor WordPress plugin—installed on over 30,000 active sites—could allow authenticated users to gain remote code execution (RCE) cap ...
-
security.nl
Lek in Cisco Webex-app maakt client-side remote code execution mogelijk
Een kwetsbaarheid in de Cisco Webex-app maakt client-side remote code execution mogelijk. Daarvoor waarschuwt Cisco, dat een beveiligingsupdate heeft uitgebracht. Het beveiligingslek bevindt zich in h ...
-
The Hacker News
Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution
Vulnerability / Network Security A critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform (OTP) SSH implementation that could permit an attacker to execute arbitrary co ...
-
Cyber Security News
CISA Warns of SonicWall Command Injection Vulnerability Exploited in Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical SonicWall vulnerability that is actively being exploited by threat actors. On April 16, 2025 ...
-
BleepingComputer
CISA tags SonicWall VPN flaw as actively exploited in attacks
On Wednesday, CISA warned federal agencies to secure their SonicWall Secure Mobile Access (SMA) 100 series appliances against attacks exploiting a high-severity remote code execution vulnerability. Tr ...