CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
EncryptHub's dual life: Cybercriminal vs Windows bug-bounty researcher
EncryptHub, a notorious threat actor linked to breaches at 618 organizations, is believed to have reported two Windows zero-day vulnerabilities to Microsoft, revealing a conflicted figure straddling t ...
-
Dark Reading
ToddyCat APT Targets ESET Bug to Load Silent Malware
Source: DSlight_photography via ShutterstockThe Chinese-speaking ToddyCat advanced persistent threat (APT) group is targeting a security vulnerability in ESET's antivirus software to silently execute ...
-
BleepingComputer
Google fixes Android zero-days exploited in attacks, 60 other flaws
Google has released patches for 62 vulnerabilities in Android's April 2025 security update, including two zero-days exploited in targeted attacks. One of the zero-days, a high-severity privilege escal ...
-
BleepingComputer
Food giant WK Kellogg discloses data breach linked to Clop ransomware
US food giant WK Kellogg Co is warning employees and vendors that company data was stolen during the 2024 Cleo data theft attacks. Cleo software is a managed file transfer utility that was targeted by ...
-
Cyber Security News
20-Year-Old Scattered Spider Hacker Pleads Guilty Of Sophisticated Ransomware Attacks
A 20-year-old Florida man identified as a key member of the notorious “Scattered Spider” cybercriminal collective has pleaded guilty to orchestrating sophisticated ransomware attacks and cryptocurrenc ...
-
Cyber Security News
ToddyCat Hackers Exploit ESET’s Command Line Scanner Vulnerability to Evade Detection
ToddyCat, the notorious APT group, used a sophisticated attack strategy to stealthily deploy malicious code in targeted systems by exploiting a weakness in ESET’s command line scanner. The vulnerabili ...
-
Cyber Security News
50,000+ WordPress Sites Vulnerable to Privilege Escalation Attacks
In a recent discovery, over 50,000 WordPress sites using the popular “Uncanny Automator” plugin have been found vulnerable to privilege escalation attacks. This alarming flaw allows authenticated user ...
-
Cyber Security News
MediaTek Security Update – Patch for Vulnerabilities Affecting Smartphone, Tablet, & other Devices
MediaTek has released a critical security update addressing multiple vulnerabilities in its chipsets, with one critical flaw that could potentially allow attackers to execute malicious code remotely o ...
-
Cyber Security News
Python JSON Logger Vulnerability Allows Remote Code Execution – PoC Released
A critical vulnerability in the widely-used python-json-logger library has been identified, potentially allowing attackers to execute arbitrary code on affected systems. The flaw, tracked as CVE-2025- ...
-
Help Net Security
WinRAR MotW bypass flaw fixed, update ASAP (CVE-2025-31334)
WinRAR users, upgrade your software as soon as possible: a vulnerability (CVE-2025-31334) that could allow attackers to bypass Windows’ Mark of the Web (MotW) security warning and execute arbitrary co ...