CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
Exim Mail Transfer Vulnerability Let Attackers Inject Malicious SQL Queries
Security researchers have uncovered a critical SQL injection vulnerability (CVE-2025-26794) in Exim, the widely-used mail transfer agent (MTA) that powers over 60% of internet mail servers. The flaw e ...
-
Cyber Security News
PoC Exploit Released for F5 BIG-IP Command Injection Vulnerability
Security researchers have released proof-of-concept (PoC) exploit code for CVE-2025-20029, a high-severity command injection vulnerability affecting F5’s BIG-IP application delivery controllers. The f ...
-
Cyber Security News
Nagios XI Vulnerability Allows Unauthenticated Users to View Other User Details & Email
A significant security vulnerability (CVE-2024-54961) has been identified in Nagios XI 2024R1.2.2, enabling unauthenticated attackers to retrieve sensitive user information, including usernames and em ...
-
Cyber Security News
Fluent Bit 0-day Vulnerabilities Exposes Billions of Production Environments to Cyber Attacks
Researchers uncovered critical zero-day vulnerabilities in Fluent Bit, a ubiquitous logging utility embedded in cloud infrastructure across major providers like AWS, Google Cloud, and Microsoft Azure. ...
-
Cyber Security News
UniFi Protect Camera Vulnerability Allows Remote Code Execution Attacks
Ubiquiti Networks has issued an urgent security advisory addressing five critical vulnerabilities in its UniFi Protect camera ecosystem, including two flaws enabling unauthenticated remote code execut ...
-
Cybersecurity News
Australia Bans Kaspersky Products from Government Systems, Citing “Unacceptable Security Risk”
The Australian Government has issued a new directive banning the use of Kaspersky Lab products and web services across all government systems and devices. The directive, issued by the Department of Ho ...
-
The Register
Rather than add a backdoor, Apple decides to kill iCloud E2EE for UK peeps
Infosec in brief Apple has responded to the UK government's demand for access to its customers’ data stored in iCloud by deciding to turn off its Advanced Data Protection (ADP) end-to-end encryption s ...
-
TheCyberThrone
Cisco detailed Salt Typhoon Attack on Telecom Networks
The Salt Typhoon cyber espionage campaign has been meticulously analyzed by Cisco Talos, revealing a highly sophisticated operation targeting global telecommunications networks. This campaign, attribu ...
-
Cybersecurity News
0-Day in Parallels Desktop Allows Root Privilege Escalation, PoC Released
Credit: Mickey JinA newly disclosed 0-day vulnerability in Parallels Desktop has exposed a root privilege escalation flaw, bypassing the patch for CVE-2024-34331. Independent researcher Mickey Jin (@p ...
-
Cybersecurity News
CVE-2024-56171 & CVE-2025-24928: Libxml2 Flaws Could Lead to Code Execution
Libxml2,a widely used XML parsing library developed for the GNOME project but also utilized across various platforms, including Linux, Windows, macOS, and Unix-based systems, has been found to contain ...