CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
Samsung Galaxy S24 Vulnerability Let Create Arbitrary Files on Affected Installations
A significant vulnerability in Samsung Galaxy S24 devices that allows network-adjacent attackers to create arbitrary files on affected installations. The flaw, identified as CVE-2024-49421, was public ...
-
The Cyber Express
Australian Businesses at Risk as Threat Actors Exploit Fortinet Vulnerabilities
Australian organizations using Fortinet products are being urged to take immediate action following a new advisory highlighting the active exploitation of previously known vulnerabilities. The Austral ...
-
The Hacker News
Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability
Vulnerability / Endpoint Security A recently disclosed security flaw in Gladinet CentreStack also impacts its Triofox remote access and collaboration solution, according to Huntress, with seven differ ...
-
InfoSec Write-ups
HTB — Busqueda
HTB — BusquedaPhoto by Duncan Meyer on UnsplashAbout the machineBusqueda is an Easy Difficulty Linux machine that involves exploiting a command injection vulnerability present in a Python module. By l ...
-
Daily CyberSecurity
CrushFTP Hit by SSRF and Directory Traversal Vulnerabilities (CVE-2025-32102 & CVE-2025-32103)
CrushFTP, a popular file transfer server, is facing increased scrutiny following the discovery of two significant security vulnerabilities. The vulnerabilities, identified as CVE-2025-32102 and CVE-20 ...
-
Daily CyberSecurity
Browser Wallet Flaws Allow Silent Crypto Drains Without User Interaction
Image: Coinspect A recent report by Coinspect has revealed critical vulnerabilities in popular browser wallets, raising significant concerns about the security of cryptocurrency holdings. The report w ...
-
Daily CyberSecurity
CVE-2025-24859 (CVSSv4 10): Apache Roller Flaw Exposes Blogs to Unauthorized Access
A security vulnerability has been identified in Apache Roller, a Java-based blog server, that could allow unauthorized access to affected blog sites. The vulnerability, tracked as CVE-2025-24859 (CVSS ...
-
Daily CyberSecurity
Vulnerabilities in Solar Power Systems Threaten Power Grids
Image: Forescout A new report by Forescout reveals critical vulnerabilities in solar power systems that could be exploited to destabilize power grids. The report, titled “SUN:DOWN,” analyzes the secur ...
-
Daily CyberSecurity
China-Nexus APT Exploits Ivanti Connect Secure VPN in Global Cyber Espionage Campaign
A recent report by TeamT5 has uncovered a widespread cyber espionage campaign targeting Ivanti Connect Secure VPN appliances. The report details how a China-nexus Advanced Persistent Threat (APT) grou ...
-
The Register
Don't delete that mystery empty folder. Windows put it there as a security fix
Canny Windows users who've spotted a mysterious folder on hard drives after applying last week's security patches for the operating system can rest assured – it's perfectly benign. In fact, it's recom ...