CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
seclists.org
[KIS-2025-01] UNA CMS <= 14.0.0-RC4 (BxBaseMenuSetAclLevel.php) PHP Object Injection Vulnerability
Full Disclosure mailing list archives From: Egidio Romano <n0b0d13s () gmail com> Date: Mon, 7 Apr 2025 17:29:13 +0200 --------------------------------------------------------------------------------- ...
-
seclists.org
OXAS-ADV-2025-0001: OX App Suite Security Advisory
Full Disclosure mailing list archives OXAS-ADV-2025-0001: OX App Suite Security Advisory From: Martin Heiland via Fulldisclosure <fulldisclosure () seclists org> Date: Mon, 7 Apr 2025 09:11:36 +0200 ( ...
-
Cyber Security News
Cybersecurity Weekly Recap: Key Updates on Attacks, Vulnerabilities, & Data Breaches
Welcome to this week’s Cybersecurity Newsletter, providing you with the latest updates and essential insights from the rapidly evolving field of cybersecurity. This edition highlights emerging threats ...
-
TheCyberThrone
CVE-2025-32896 impacts Apache SeaTunnel
CVE-2025-32896 is a critical vulnerability discovered in Apache SeaTunnel, a widely used distributed data integration platform. This flaw allows unauthenticated attackers to exploit insecure REST API ...
-
Help Net Security
Week in review: Microsoft patches exploited Windows CLFS 0-day, WinRAR MotW bypass flaw fixed
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) April 2025 Patch Tuesday is ...
-
Daily CyberSecurity
CVE-2025-32896: Apache SeaTunnel Flaw Enables Unauthenticated File Read & RCE
A newly disclosed vulnerability, CVE-2025-32896, in Apache SeaTunnel—a widely used distributed data integration platform—could allow unauthenticated attackers to read arbitrary files and execute deser ...
-
Daily CyberSecurity
SVG Phishing Surge: How Image Files Are Being Weaponized to Steal Credentials
SVG-Based Phishing Attack Flow | Image: Trustwave SpiderLabs In a world where images are meant to inform or entertain, a new breed of phishing attack is using them to deceive and steal. A recent repor ...
-
Daily CyberSecurity
CVE-2024-0132: Incomplete NVIDIA Toolkit Patch Enables Container Escape and DoS Attacks
A recent report by Trend Research has uncovered that NVIDIA’s September 2024 security update for a critical vulnerability (CVE-2024-0132) in the NVIDIA Container Toolkit was incomplete, posing a signi ...
-
Cyber Security News
100,000 WordPress Sites Vulnerable to Rogue Creation Vulnerability
A critical vulnerability affecting over 100,000 WordPress websites has been discovered in the SureTriggers WordPress plugin, potentially allowing attackers to create unauthorized administrator account ...
-
Cyber Security News
Seven Years Old Cisco Vulnerability Exposes Cisco Devices to Remote Code Execution Attacks
A seven-year-old vulnerability in Cisco networking equipment continues to pose significant security risks, enabling attackers to execute remote code on unpatched systems. Discovered initially in 2018, ...