CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
CVE-2024-56000 (CVSS 9.8): Account Takeover Flaw in KLEO WordPress Theme
A critical vulnerability has been discovered in the KLEO WordPress theme, potentially allowing attackers to take over user accounts. The vulnerability, tracked as CVE-2024-56000 and assigned a CVSS sc ...
-
Cybersecurity News
Publicly Disclosed Exploits Put D-Link DIR-823 Users in Danger – No Security Fixes
D-Link has issued a security advisory concerning multiple vulnerabilities affecting the DIR-823 wireless router, revision A1, running firmware version 1.20B07. These vulnerabilities include stack-base ...
-
Cyber Security News
Auto-Generated Password Vulnerability In Sitevision Leaks Signing Key
A critical security flaw in Sitevision CMS versions 10.3.1 and older has exposed SAML authentication signing keys, enabling potential authentication bypass and session hijacking. The vulnerability, tr ...
-
Dark Reading
Cisco Confirms Salt Typhoon Exploitation in Telecom Hits
Source: Geopix / Alamy Stock PhotoNEWS BRIEFFollowing research reports last week that Salt Typhoon, the Chinese threat actor known for spying on communications networks, exploited a Cisco vulnerabilit ...
-
BleepingComputer
CISA flags Craft CMS code injection flaw as exploited in attacks
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns that a Craft CMS remote code execution flaw is being exploited in attacks. The flaw is tracked as CVE-2025-23209 and is a high seve ...
-
Krypt3ia
Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest
Date: 2.21.25 Top Headlines Firing of 130 CISA staff worries cybersecurity industry Summary: The firing of upwards of 130 cybersecurity professionals at the US Cybersecurity and Infrastructure Securit ...
-
TheCyberThrone
MongoDB is affected by Twin Critical Vulnerabilities
CVE-2025-23061: Mongoose Search Injection VulnerabilityDescription: CVE-2025-23061 is a critical vulnerability identified in Mongoose versions prior to 8.9.5. The vulnerability arises due to the impro ...
-
SentinelOne
The Good, the Bad and the Ugly in Cybersecurity – Week 8
The Good | Chrome & Firefox Release Patches for Several High-Severity Vulnerabilities This week, Google and Mozilla released a new round of critical updates for Chrome 133 and Firefox 125, patching se ...
-
Cyber Security News
CL0P Ransomware Attacking Telecommunications & Healthcare Sectors In Large Scale
The CL0P ransomware group has intensified attacks on critical infrastructure sectors, with telecommunications and healthcare organizations worldwide reporting mass data breaches and system encryption. ...
-
cert.pl
Vulnerability in Wyn Enterprise software
CVE ID CVE-2024-9150 Publication date 21 February 2025 Vendor Wyn Enterprise Product Wyn Enterprise Vulnerable versions All before 8.0.00204.0 Vulnerability type (CWE) Improper Neutralization of Speci ...