CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cyber Security News
Auto-Generated Password Vulnerability In Sitevision Leaks Signing Key
A critical security flaw in Sitevision CMS versions 10.3.1 and older has exposed SAML authentication signing keys, enabling potential authentication bypass and session hijacking. The vulnerability, tr ...
-
Dark Reading
Cisco Confirms Salt Typhoon Exploitation in Telecom Hits
Source: Geopix / Alamy Stock PhotoNEWS BRIEFFollowing research reports last week that Salt Typhoon, the Chinese threat actor known for spying on communications networks, exploited a Cisco vulnerabilit ...
-
BleepingComputer
CISA flags Craft CMS code injection flaw as exploited in attacks
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns that a Craft CMS remote code execution flaw is being exploited in attacks. The flaw is tracked as CVE-2025-23209 and is a high seve ...
-
Krypt3ia
Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest
Date: 2.21.25 Top Headlines Firing of 130 CISA staff worries cybersecurity industry Summary: The firing of upwards of 130 cybersecurity professionals at the US Cybersecurity and Infrastructure Securit ...
-
TheCyberThrone
MongoDB is affected by Twin Critical Vulnerabilities
CVE-2025-23061: Mongoose Search Injection VulnerabilityDescription: CVE-2025-23061 is a critical vulnerability identified in Mongoose versions prior to 8.9.5. The vulnerability arises due to the impro ...
-
SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 8
The Good | Chrome & Firefox Release Patches for Several High-Severity Vulnerabilities This week, Google and Mozilla released a new round of critical updates for Chrome 133 and Firefox 125, patching se ...
-
Cyber Security News
CL0P Ransomware Attacking Telecommunications & Healthcare Sectors In Large Scale
The CL0P ransomware group has intensified attacks on critical infrastructure sectors, with telecommunications and healthcare organizations worldwide reporting mass data breaches and system encryption. ...
-
cert.pl
Vulnerability in Wyn Enterprise software
CVE ID CVE-2024-9150 Publication date 21 February 2025 Vendor Wyn Enterprise Product Wyn Enterprise Vulnerable versions All before 8.0.00204.0 Vulnerability type (CWE) Improper Neutralization of Speci ...
-
Cyber Security News
Cyber Threat Actors Leveraging Exploits To Attack Financial Sector With Advanced Malware
The financial sector remains a prime target for cybercriminals and state-sponsored groups, with 2024 witnessing a surge in sophisticated attacks exploiting zero-day vulnerabilities, supply chain weakn ...
-
security.nl
VS meldt actief misbruik van rce-kwetsbaarheid in Craft CMS
Aanvallers maken actief misbruik van een kwetsbaarheid in contentmanagementsysteem (CMS) Craft waardoor remote code execution mogelijk is, zo meldt het Amerikaanse cyberagentschap CISA. Meer dan veert ...