CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
Critical PHP Vulnerability Let Hackers Bypass the Validation To Load Malicious Content
A critical vulnerability in PHP’s libxml streams has been identified, potentially impacting web applications that rely on the DOM or SimpleXML extensions for HTTP requests. The flaw, tracked as CVE-20 ...
-
Daily CyberSecurity
Canon Fixes Critical Printer Driver Flaw: CVE-2025-1268 Alert
Canon has issued a security notice regarding a critical vulnerability found in certain printer drivers for its production printers, office/small office multifunction printers, and laser printers. The ...
-
Daily CyberSecurity
CrushFTP Hacked: Exploit CVE-2025-2825 with PoC and Nuclei Template
ProjectDiscovery has published a technical breakdown of CVE-2025-2825, a critical authentication bypass flaw in CrushFTP—a widely used enterprise-grade file transfer server. The vulnerability, affecti ...
-
Daily CyberSecurity
CVE-2025-22398: Dell Unity Hit by 9.8 CVSS Root-Level Command Injection Flaw
Dell has released a security update for Unity OS version 5.4 and earlier, addressing a set of critical vulnerabilities that expose the popular enterprise storage systems—Unity, UnityVSA, and Unity XT— ...
-
Daily CyberSecurity
Mitel Addresses High Severity XSS Vulnerability in MiContact Center Business
Mitel has issued a security advisory regarding a reflected cross-site scripting (XSS) vulnerability, tracked as CVE-2025-23092 (CVSS 7.1), in the Legacy Chat component of its MiContact Center Business ...
-
Daily CyberSecurity
Ubuntu Security Alert: Three Ways to Bypass User Namespace Restrictions
Qualys Threat Research Unit (TRU) has recently disclosed three security bypasses in Ubuntu’s unprivileged user namespace restrictions. These bypasses could allow local attackers to gain administrative ...
-
Daily CyberSecurity
Python-Powered Triton RAT Exfiltrates Data via Telegram and Evades Analysis
Cado Security Labs has identified a Python-based Remote Access Tool (RAT) named Triton RAT. This open-source RAT is available on GitHub and enables users to remotely access and control a system using ...
-
The Register
Oracle Health reportedly warns of info leak from legacy server
Infosec in brief Oracle Health appears to have fallen victim to an info stealing attack that has led to patient data stored by American hospitals being plundered. Oracle Health was formed when Big Red ...
-
Cyber Security News
Apache Tomcat Vulnerability (CVE-2025-24813) Exploited to Execute Code on Servers
A critical vulnerability in Apache Tomcat has been actively exploited by attackers to achieve remote code execution (RCE) on vulnerable servers. This vulnerability affects versions 9.0.0-M1 to 9.0.98, ...
-
Help Net Security
Week in review: Chrome sandbox escape 0-day fixed, Microsoft adds new AI agents to Security Copilot
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Microsoft’s new AI agents take on phishing, patching, alert fatigue Microsoft is rolling out a new gen ...