CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
security.nl
VS meldt actief misbruik van kritieke XSS-kwetsbaarheid in Zimbra
Aanvallers maken actief misbruik van een oudere kritieke XSS-kwetsbaarheid in Zimbra of hebben dit gedaan, zo meldt het Cybersecurity and Infrastructure Security Agency (CISA) van het Amerikaanse mini ...
-
Cyber Security News
Rsync Vulnerabilities Let Hackers Gain Full Control of Servers – PoC Released
Critical vulnerabilities in the Rsync file synchronization tool enable attackers to execute arbitrary code on vulnerable servers, exfiltrate sensitive data, and bypass critical security controls. The ...
-
Kaspersky
Exploits and vulnerabilities in Q4 2024
Q4 2024 saw fewer published exploits for Windows and Linux compared to the first three quarters. Although the number of registered vulnerabilities continued to rise, the total number of Proof of Conce ...
-
Cyber Security News
WordPress Plugin Vulnerability Exposes Millions of Websites to Script Injection Attacks
A critical security vulnerability in the Essential Addons for Elementor plugin (CVE-2025-24752) has put over two million WordPress websites at risk of cross-site scripting (XSS) attacks. The vulnerabi ...
-
Cyber Security News
2850+ Ivanti Connect Secure Devices Vulnerable to Remote Code Execution Attacks
A critical vulnerability, CVE-2025-22467, in Ivanti Connect Secure (ICS) devices has left approximately 2,850 instances worldwide unpatched and vulnerable to remote code execution (RCE) attacks. This ...
-
The Register
200-plus impressively convincing GitHub repos are serving up malware
Infosec bytes Kaspersky says it has found more than 200 GitHub repos hosting fairly convincing-looking fake projects laced with malicious software. The Russian infosec house reckons the rotten reposit ...
-
Cyber Security News
CISA Warns of Microsoft Partner Center Access Control Vulnerability Exploited in Wild
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent advisory on February 25, 2025, confirming that threat actors are actively exploiting a critical privilege escalation v ...
-
The Hacker News
CISA Adds Microsoft and Zimbra Flaws to KEV Catalog Amid Active Exploitation
Enterprise Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed two security flaws impacting Microsoft Partner Center and Synacor Zimbra Collabor ...
-
Cybersecurity News
CVE-2024-12084 & CVE-2024-12085: Rsync Flaws Allow Hackers to Take Over Servers, PoC Published
A set of high-risk vulnerabilities has been disclosed in Rsync, the widely used file synchronization and data transfer tool. Security researchers Simon Scannell, Pedro Gallegos, and Jasiel Spelman fro ...
-
Cybersecurity News
SoaPy: A New Tool for Stealthy Active Directory Enumeration via ADWS
Enumeration of service accounts using SoaPy | Image: IBMIBM X-Force Research has introduced SoaPy, a new Python-based tool designed for stealthy Active Directory (AD) enumeration using Active Director ...