CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
SureTriggers Vulnerability Exposes 100,000+ WordPress Sites to Admin Takeover
A critical vulnerability in the popular WordPress automation plugin SureTriggers has exposed over 100,000 sites to the risk of unauthenticated administrative account creation, potentially allowing ful ...
-
Daily CyberSecurity
Dell Addresses Security Vulnerabilities in PowerScale OneFS
Dell has released a security advisory addressing multiple vulnerabilities in PowerScale OneFS, its scale-out network-attached storage operating system. The vulnerabilities could be exploited by malici ...
-
Daily CyberSecurity
NATS Server Vulnerability: Missing Access Controls in JetStream API
A security vulnerability has been discovered in NATS Server, a communications system for digital systems, services, and devices. The vulnerability, identified as CVE-2025-30215, involves missing acces ...
-
Daily CyberSecurity
Critical SSRF Vulnerability Patched in LNbits Lightning Wallet Server
LNbits, the modular and extendable Lightning Network wallet server, has patched a critical Server-Side Request Forgery (SSRF) vulnerability that exposed internal services to potential exploitation via ...
-
Daily CyberSecurity
High-Severity XXE Vulnerability Found in NAKIVO Backup & Replication
A high-severity security vulnerability has been identified in NAKIVO Backup & Replication, a popular data protection solution. The vulnerability, classified as an XML External Entity (XXE) issue and t ...
-
Trend Micro
Incomplete NVIDIA Patch to CVE-2024-0132 Exposes AI Infrastructure and Data to Critical Risks
Summary: Trend Research identified that NVIDIA’s September 2024 security update for a critical vulnerability (CVE-2024-0132) in the NVIDIA Container Toolkit was incomplete, leaving systems potentially ...
-
The Register
April's Patch Tuesday leaves unlucky Windows Hello users unable to login
Updated Those keen to get their Microsoft PCs patched up as soon as possible have been getting an unpleasant shock when they try to get in using Windows Hello. The patch bundle released yesterday is g ...
-
Dark Reading
CrushFTP Exploitation Continues Amid Disclosure Dispute
Source: lumerb via Alamy Stock PhotoExploitation activity continues against a critical vulnerability in CrushFTP file transfer software, which has been mired in an ongoing disclosure dispute.On April ...
-
BleepingComputer
Hackers target SSRF bugs in EC2-hosted sites to steal AWS credentials
A targeted campaign exploited Server-Side Request Forgery (SSRF) vulnerabilities in websites hosted on AWS EC2 instances to extract EC2 Metadata, which could include Identity and Access Management (IA ...
-
BleepingComputer
Critical FortiSwitch flaw lets hackers change admin passwords remotely
Fortinet has released security patches for a critical vulnerability in its FortiSwitch devices that can be exploited to change administrator passwords remotely. The company says Daniel Rozeboom of the ...