CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Google Cloud
Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457)
Written by: John Wolfram, Michael Edie, Jacob Thompson, Matt Lin, Josh Murchie On Thursday, April 3, 2025, Ivanti disclosed a critical security vulnerability, CVE-2025-22457, impacting Ivanti Connect ...
-
Cyber Security News
SonicWall Firewall Vulnerability Exploited to Gain Unauthorized Network Access
Attackers are actively exploiting a critical authentication bypass vulnerability in SonicWall firewalls to gain unauthorized network access. The vulnerability tracked as CVE-2024-53704, with a critica ...
-
Cyber Security News
Operation HollowQuill Weaponizing PDF Documents to Infiltrate Academic & Government Networks
A sophisticated cyber espionage campaign dubbed “Operation HollowQuill” has been uncovered targeting academic institutions and government agencies worldwide through weaponized PDF documents. The opera ...
-
Help Net Security
Attackers are leveraging Cisco Smart Licensing Utility static admin credentials (CVE-2024-20439)
CVE-2024-20439, a static credential vulnerability in the Cisco Smart Licensing Utility, is being exploited by attackers in the wild, CISA has confirmed on Monday by adding the flaw to its Known Exploi ...
-
Cyber Security News
Hackers Actively Scanning for Juniper’s Smart Router With Default Password
Recent network monitoring data from SANS reveals a significant spike in targeted scans seeking to exploit default credentials in Juniper Networks’ Session Smart Router (SSR) platform. Security researc ...
-
Cyber Security News
Google’s Quick Share for Windows Vulnerability Let Attackers Remote Code
Critical vulnerabilities in Google’s Quick Share file transfer utility for Windows allowed attackers to achieve remote code execution (RCE) without user interaction. The flaws exposed millions of Wind ...
-
Cyber Security News
Multiple Jenkins Plugins Vulnerability Let Attackers Access Sensitive Information
The Jenkins project has disclosed multiple security vulnerabilities affecting its core platform and several plugins, exposing organizations to potential data breaches and code execution attacks. Eight ...
-
The Cyber Express
CISA’s Latest Advisories Expose High-Risk Vulnerabilities in Industrial Control Systems
The Cybersecurity and Infrastructure Security Agency (CISA) issued two crucial Industrial Control Systems (ICS) advisories, highlighting vulnerabilities that could have serious impacts on critical inf ...
-
Dark Reading
Google Quick Share Bug Bypasses Allow Zero-Click File Transfer
Source: Jolanta Dąbrowska via Alamy Stock PhotoBLACK HAT ASIA – Singapore Two crucial links in a patched remote code execution (RCE) exploit chain that allowed cyberattackers to send malware to a vict ...
-
security.nl
WinRAR-lek laat aanvaller waarschuwing Mark-of-the-Web omzeilen
Een kwetsbaarheid in WinRAR maakt het mogelijk voor aanvallers om de beveiligingswaarschuwing Mark-of-the-Web te omzeilen, wat kan leiden tot het uitvoeren van willekeurige code op het systeem van de ...