CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
CVE-2025-30065 (CVSS 10): Critical Vulnerability Discovered in Apache Parquet Java
Apache Parquet, a widely used open-source, column-oriented data file format, has been found to contain a critical security vulnerability. This vulnerability poses a significant risk to systems utilizi ...
-
Daily CyberSecurity
Critical Vulnerabilities Threaten IBM App Connect Enterprise
IBM has issued a critical security bulletin warning that multiple versions of its App Connect Enterprise (ACE) software are vulnerable to remote code execution (RCE) due to unsafe defaults in third-pa ...
-
Cyber Security News
VMware Aria Operations Vulnerability Exposes Systems to Privilege Escalation Attacks
VMware has issued a critical security advisory (VMSA-2025-0006) addressing a high-severity local privilege escalation vulnerability (CVE-2025-22231) in its Aria Operations platform. The flaw, rated 7. ...
-
Help Net Security
Attackers are targeting CrushFTP vulnerability with public PoC (CVE-2025-2825)
Exploitation attempts targeting the CVE-2025-2825 vulnerability on internet-facing CrushFTP instances are happening, the Shadowserver Foundation has shared on Monday, and the attackers have been lever ...
-
Cyber Security News
Kentico Xperience CMS XSS Vulnerability Let Attackers Execute Remote Code
A critical security flaw in Kentico Xperience CMS, a widely used enterprise content management system (CMS), has been uncovered. By exploiting a Cross-Site Scripting (XSS) vulnerability, attackers can ...
-
TheCyberThrone
CVE-2024-20439 added to CISA KEV Catalog
CVE-2024-20439 is a critical vulnerability affecting Cisco Smart Licensing Utility (CSLU), classified with a CVSS score of 9.8 (Critical). It represents a major security risk, as it allows unauthorize ...
-
Cyber Security News
Rockwell Automation Vulnerability Let Attackers Gain Access to Run Arbitrary Commands
A high-severity security vulnerability (CVE-2025-1449) affecting its Verve Asset Manager product could allow attackers with administrative access to execute arbitrary commands. The vulnerability, disc ...
-
Daily CyberSecurity
VMware Addresses Local Privilege Escalation Vulnerability (CVE-2025-22231)
VMware has recently released patches to address a local privilege escalation vulnerability (CVE-2025-22231) affecting several of its products, including VMware Aria Operations, VMware Cloud Foundation ...
-
BleepingComputer
Apple backports zero-day patches to older iPhones and Macs
Apple has released security updates that backport fixes for actively exploited vulnerabilities that were exploited as zero-days to older versions of its operating systems. At the same time, the consum ...
-
BleepingComputer
Critical auth bypass bug in CrushFTP now exploited in attacks
Attackers are now targeting a critical authentication bypass vulnerability in the CrushFTP file transfer software using exploits based on publicly available proof-of-concept code. The security vulnera ...