CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
CISA KEV Catalog Update Part VII – March 2025
CISA’s add vulnerabilities related to Sitecore CMS and Reviewdog GitHub Actions to its Known Exploited Vulnerabilities (KEV) catalog1. Sitecore CMS VulnerabilitiesCISA has identified critical vulnerab ...
-
Cybersecurity News
CVE-2025-2848: Synology Mail Server Vulnerability Allows Remote Configuration Tampering
A recently disclosed vulnerability in Synology Mail Server could allow remote authenticated attackers to tamper with system configurations, potentially impacting the stability of mail services in ente ...
-
Cyber Security News
Exim Use-After-Free Vulnerability Allows Privilege Escalation
A critical security vulnerability has been identified in the widely used Exim mail transfer agent (MTA), potentially allowing attackers with command-line access to escalate privileges on affected syst ...
-
The Hacker News
CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices
Vulnerability / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two six-year-old security flaws impacting Sitecore CMS and Experience Platform (XP) to it ...
-
Cybersecurity News
Windows Print Glitch Fixed: KB5053657
Microsoft released the optional non-security update (KB5053657) to Windows 10 and 11 yesterday. These updates are typically intended for testing purposes and, if found to be stable, are incorporated i ...
-
The Hacker News
NetApp SnapCenter Flaw Could Let Users Gain Remote Admin Access on Plug-In Systems
Vulnerability / Enterprise Security A critical security flaw has been disclosed in NetApp SnapCenter that, if successfully exploited, could allow privilege escalation. SnapCenter is an enterprise-focu ...
-
TheCyberThrone
Google Chrome was affected by CVE-2025-2783
CVE-2025-2783 is a zero-day vulnerability affecting Google Chrome, uncovered in a targeted cyber-espionage campaign known as Operation ForumTroll. This critical flaw has allowed attackers to bypass Ch ...
-
Cybersecurity News
Millions at Risk: PoC Exploit Releases for Vite Arbitrary File Read Flaw (CVE-2025-30208)
Vite, the blazing-fast frontend build tool that powers millions of modern web applications, has been found vulnerable to a file access control bypass flaw that could expose arbitrary file contents to ...
-
Cyber Security News
Splunk RCE Vulnerability Let Attackers Execute Arbitrary Code Via File Upload
Splunk has released patches to address a high-severity Remote Code Execution (RCE) vulnerability affecting Splunk Enterprise and Splunk Cloud Platform. The vulnerability, identified as CVE-2025-20229, ...
-
Cybersecurity News
CVE-2025-2825: Critical Vulnerability in CrushFTP Exposes Servers to Unauthenticated Access Risk
Admins urged to patch immediately as CrushFTP discloses high-severity flaw impacting versions 10 and 11.A new high-severity vulnerability has been disclosed in CrushFTP, a widely used secure file tran ...