CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks
Web Security / Vulnerability A high-severity security flaw impacting the Craft content management system (CMS) has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its ...
-
Cyber Security News
Pegasus Spyware Used Widely to Target Individuals in Private Industry & Finance Sectors
Pegasus spyware, once considered a tool for targeting journalists and activists—is now being deployed against executives in the private sector, including finance, real estate, and logistics. In a Dece ...
-
Cyber Security News
SPAWNCHIMERA Malware Exploiting Ivanti Buffer Overflow Vulnerability By Applying A Fix
Ivanti disclosed a critical buffer overflow vulnerability (CVE-2025-0282) affecting its Connect Secure VPN appliances. This vulnerability, caused by improper handling of the strncpy function in the we ...
-
The Register
Ivanti endpoint manager can become endpoint ravager, thanks to quartet of critical flaws
Security engineers have released a proof-of-concept exploit for four critical Ivanti Endpoint Manager bugs, giving those who haven't already installed patches released in January extra incentive to re ...
-
The Cyber Express
Improper Certificate Validation in RadiAnt DICOM Viewer Puts Healthcare Systems at Risk
A newly identified cybersecurity vulnerability in Medixant’s RadiAnt DICOM Viewer has raised concerns about potential security threats in the healthcare sector. The vulnerability tracked as CVE-2025-1 ...
-
seclists.org
MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client
Full Disclosure mailing list archives From: Qualys Security Advisory via Fulldisclosure <fulldisclosure () seclists org> Date: Tue, 18 Feb 2025 10:28:30 +0000 Qualys Security Advisory CVE-2025-26465: ...
-
Cyber Security News
Google Released PoC Exploit For Palo Alto Firewall Command Injection Vulnerability
Google’s Project Zero and Mandiant cybersecurity teams have jointly published a proof-of-concept (PoC) exploit for a high-severity command injection vulnerability in Palo Alto Networks’ PAN-OS OpenCon ...
-
Cybersecurity News
Google Releases PoC for CVE-2025-0110 Command Injection in PAN-OS Firewalls
A Google researcher has disclosed details and a proof-of-concept (PoC) exploit for a vulnerability (CVE-2025-0110) in Palo Alto Networks’ PAN-OS firewall software. The vulnerability, assigned a CVSSv4 ...
-
TheCyberThrone
Atlassian’s Security Advisory Addresses Multiple Vulnerabilities
In February 2025, Atlassian released a comprehensive security advisory addressing 12 critical and high-severity vulnerabilities across its suite of products, including Bamboo, Bitbucket, Confluence, C ...
-
Cybersecurity News
CVE-2025-23115 & CVE-2025-23116: Hackers Can Hijack Ubiquiti UniFi Protect Cameras
Ubiquiti, a leading provider of networking equipment, has issued a critical security advisory concerning multiple vulnerabilities discovered in its UniFi Protect line of cameras. These vulnerabilities ...