CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates
The China-linked threat actor known as Mustang Panda has been attributed to a cyber attack targeting an unspecified organization in Myanmar with previously unreported tooling, highlighting continued e ...
-
Cyber Security News
Hackers Weaponize MMC Script to Deploy MysterySnail RAT Malware
A sophisticated cyberespionage campaign leveraging malicious Microsoft Management Console (MMC) scripts to deploy the stealthy MysterySnail remote access trojan (RAT). First identified in 2021 during ...
-
Help Net Security
Windows NTLM vulnerability exploited in multiple attack campaigns (CVE-2025-24054)
CVE-2025-24054, a Windows NTLM hash disclosure vulnerability that Microsoft has issued patches for last month, has been leveraged by threat actors in campaigns targeting government and private institu ...
-
security.nl
SonicWall meldt misbruik van vier jaar oud lek in SMA100-gateways
SonicWall waarschuwt klanten voor misbruik van een vier jaar oude kwetsbaarheid in de SMA 100-gateways die het levert. Via het beveiligingslek kan een geauthenticeerde aanvaller willekeurige commando' ...
-
Cyber Security News
Critical Erlang/OTP SSH Vulnerability Allows Unauthenticated Remote Code Execution
A critical vulnerability in the Erlang/Open Telecom Platform (OTP) SSH implementation that allows attackers to execute arbitrary code without authentication. The flaw, tracked as CVE-2025-32433, has b ...
-
Cyber Security News
CISA Warns of Credential Risks Linked to Oracle Cloud Compromise
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority advisory following reports of unauthorized access to a legacy Oracle Cloud environment. While Oracle disputes cla ...
-
Daily CyberSecurity
RomethemeKit Elementor Plugin Flaw Enables RCE: CVE-2025-30911
A newly disclosed vulnerability in the popular RomethemeKit For Elementor WordPress plugin—installed on over 30,000 active sites—could allow authenticated users to gain remote code execution (RCE) cap ...
-
security.nl
Lek in Cisco Webex-app maakt client-side remote code execution mogelijk
Een kwetsbaarheid in de Cisco Webex-app maakt client-side remote code execution mogelijk. Daarvoor waarschuwt Cisco, dat een beveiligingsupdate heeft uitgebracht. Het beveiligingslek bevindt zich in h ...
-
The Hacker News
Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution
Vulnerability / Network Security A critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform (OTP) SSH implementation that could permit an attacker to execute arbitrary co ...
-
Cyber Security News
CISA Warns of SonicWall Command Injection Vulnerability Exploited in Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical SonicWall vulnerability that is actively being exploited by threat actors. On April 16, 2025 ...