CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Windows 11 Privilege Escalation Flaws Uncovered: CVE-2025-24076 and CVE-2025-24994
Image: John Ostrowski In a revealing security analysis, Compass Security researcher John Ostrowski has disclosed two privilege escalation vulnerabilities in Microsoft Windows—CVE-2025-24076 and CVE-20 ...
-
Daily CyberSecurity
PasivRobber: In-Depth Analysis of Sophisticated macOS Malware
A recent discovery by Kandji’s research team has brought to light a sophisticated threat targeting macOS systems: a suite of applications dubbed “PasivRobber.” The initial discovery on VirusTotal of a ...
-
Daily CyberSecurity
Critical RCE Vulnerability Affects HylaFAX and AvantFAX
A recent security advisory from iFAX Solutions has revealed a critical vulnerability affecting the HylaFAX Enterprise Web Interface and AvantFAX. The vulnerability, identified as CVE-2025-1782, stems ...
-
Daily CyberSecurity
BPFDoor Backdoor Used in Asia, Middle East Cyberespionage
A recent report by Trend Micro has uncovered a stealthy, state-sponsored backdoor called BPFDoor, which has been linked to cyberespionage activities across Asia and the Middle East. The investigation, ...
-
The Register
Uncle Sam abruptly turns off funding for CVE program. Yes, that CVE program
US government funding for the world's CVE program – the centralized Common Vulnerabilities and Exposures database of product security flaws – ends Wednesday. The 25-year-old CVE program plays a huge r ...
-
Dark Reading
Max Severity Bug in Apache Roller Enabled Persistent Access
Source: Piotr Swat va ShutterstockThe maintainers of the Apache Roller open source blogging platform patched a maximum severity bug that allowed continued access to the app even after a user changed t ...
-
Daily CyberSecurity
Apple Enhances AI with Differential Privacy and Synthetic Data
Apple recently released a research report detailing how it plans to leverage differential privacy data to enhance the underlying model architecture powering its “Apple Intelligence” service. Amid gene ...
-
Cyber Security News
Microsoft Asks Windows 11 Users Not to Delete Mysterious “inetpub” Folder
A seemingly empty folder appearing on Windows systems after recent security updates has raised concerns among users, but Microsoft confirms it’s an intentional security measure that should remain unto ...
-
Help Net Security
Hertz data breach: Customers in US, EU, UK, Australia and Canada affected
American car rental company Hertz has suffered a data breach linked to last year’s exploitation of Cleo zero-day vulnerabilities by a ransomware gang. The breach resulted in information of an unknown ...
-
The Hacker News
Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool
The China-linked threat actor known as UNC5174 has been attributed to a new campaign that leverages a variant of a known malware dubbed SNOWLIGHT and a new open-source tool called VShell to infect Lin ...