CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
CVE-2025-24989 added to CISA KEV
CVE-2025-24989 is a high security vulnerability that has been added to the Known Exploited Vulnerabilities (KEV) Catalog by the Cybersecurity and Infrastructure Security Agency (CISA). This inclusion ...
-
InfoSec Write-ups
How I found my first mistake Or why you shouldn’t overlook the obvious.
My story won’t be too long, I am a novice hunter and I want to tell you about how I found my first bug . It’s not a manual on how to find a bug.I chose site and did a quick analysis of it using the to ...
-
Cyber Security News
Salt Typhoon Hackers Exploit Cisco Vulnerability To Gain Access To U.S. Telecom Networks
Cisco Talos has uncovered a sophisticated cyberespionage campaign by the state-aligned “Salt Typhoon” group targeting U.S. telecommunications infrastructure since late 2024. While credential theft rem ...
-
Cybersecurity News
CVE-2024-56000 (CVSS 9.8): Account Takeover Flaw in KLEO WordPress Theme
A critical vulnerability has been discovered in the KLEO WordPress theme, potentially allowing attackers to take over user accounts. The vulnerability, tracked as CVE-2024-56000 and assigned a CVSS sc ...
-
Cybersecurity News
Publicly Disclosed Exploits Put D-Link DIR-823 Users in Danger – No Security Fixes
D-Link has issued a security advisory concerning multiple vulnerabilities affecting the DIR-823 wireless router, revision A1, running firmware version 1.20B07. These vulnerabilities include stack-base ...
-
Cyber Security News
Auto-Generated Password Vulnerability In Sitevision Leaks Signing Key
A critical security flaw in Sitevision CMS versions 10.3.1 and older has exposed SAML authentication signing keys, enabling potential authentication bypass and session hijacking. The vulnerability, tr ...
-
Dark Reading
Cisco Confirms Salt Typhoon Exploitation in Telecom Hits
Source: Geopix / Alamy Stock PhotoNEWS BRIEFFollowing research reports last week that Salt Typhoon, the Chinese threat actor known for spying on communications networks, exploited a Cisco vulnerabilit ...
-
BleepingComputer
CISA flags Craft CMS code injection flaw as exploited in attacks
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns that a Craft CMS remote code execution flaw is being exploited in attacks. The flaw is tracked as CVE-2025-23209 and is a high seve ...
-
Krypt3ia
Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest
Date: 2.21.25 Top Headlines Firing of 130 CISA staff worries cybersecurity industry Summary: The firing of upwards of 130 cybersecurity professionals at the US Cybersecurity and Infrastructure Securit ...
-
TheCyberThrone
MongoDB is affected by Twin Critical Vulnerabilities
CVE-2025-23061: Mongoose Search Injection VulnerabilityDescription: CVE-2025-23061 is a critical vulnerability identified in Mongoose versions prior to 8.9.5. The vulnerability arises due to the impro ...