CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
Apple Warns of Three 0-Day Vulnerabilities Actively Exploited in Attacks
Apple has issued an urgent security advisory concerning three critical zero-day vulnerabilities CVE-2025-24200, CVE-2025-24201, and CVE-2025-24085 that have been actively exploited in sophisticated at ...
-
Cyber Security News
CrushFTP Vulnerability Exploited in Attacks Following PoC Release
Security researchers have confirmed active exploitation attempts targeting the critical authentication bypass vulnerability in CrushFTP (CVE-2025-2825) following the public release of proof-of-concept ...
-
Cyber Security News
CISA Warns of Cisco Smart Licensing Utility Credential Vulnerability Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Cisco vulnerability to its Known Exploited Vulnerabilities (KEV) catalog following confirmation of active exploitation ...
-
Cyber Security News
Hackers Scanning From 24,000 IPs to Gain Access to Palo Alto Networks GlobalProtect Portals
Researchers have detected an alarming surge in malicious scanning activity targeting Palo Alto Networks’ GlobalProtect VPN portals. Over a 30-day period, nearly 24,000 unique IP addresses have attempt ...
-
InfoSec Write-ups
How I Accidentally Became the Sherlock Holmes of RCE! and made $$$
Free Link🎈Hi there!🙌Created by CopilotSome people wake up and choose coffee, others choose chaos. I apparently chose both. One fine morning, instead of scrolling endlessly through memes, I decided to ...
-
Daily CyberSecurity
CVE-2025-27095: Token Theft Flaw in JumpServer Exposes Kubernetes Clusters to Unauthorized Access
A new vulnerability in JumpServer (CVE-2025-27095) has been disclosed, exposing Kubernetes clusters to potential compromise through token leakage. The issue affects multiple versions of JumpServer, an ...
-
Daily CyberSecurity
Apple Backports Fixes for Three Actively Exploited Zero-Days Targeting Older Devices
Apple has released backported security patches for older versions of iOS, iPadOS, and macOS, addressing three zero-day vulnerabilities that have been exploited in targeted attacks. The flaws, original ...
-
Daily CyberSecurity
CISA Warns of Active Exploitation of Cisco Smart Licensing Utility Flaw
In a critical update to its Known Exploited Vulnerabilities (KEV) Catalog, the Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-20439 (CVSS 9.8), a high-severity static crede ...
-
The Register
CISA spots spawn of Spawn malware targeting Ivanti flaw
Owners of Ivanti’s Connect Secure, Policy Secure, and ZTA Gateway products have a new strain of malware to fend off, according to the US Cybersecurity and Infrastructure Security Agency, aka CISA. If ...
-
Daily CyberSecurity
Earth Alux APT Group: Unveiling Its Espionage Toolkit
VARGEIT and controller interaction | Image: Trend MicroResearchers at Trend Micro detail a highly sophisticated cyber-espionage group actively targeting the Asia-Pacific and Latin American regions. Kn ...