CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Cybersecurity News
CVE-2025-0111 & CVE-2025-23209: Palo Alto Firewalls and Craft CMS Under Active Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two critical security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploit ...
-
Cybersecurity News
CVE-2024-39327 (CVSS 9.9): Critical IDPKI Flaw Could Allow Illegitimate Certificate Issuance
Eviden, an Atos business, has released a security bulletin addressing multiple vulnerabilities discovered in IDPKI, its Identity and Public Key Infrastructure solution. These vulnerabilities, tracked ...
-
Cybersecurity News
Fluent Bit Vulnerabilities (CVE-2024-50608 & CVE-2024-50609) Could Disrupt Millions of Enterprise Systems
Image: EbryxCybersecurity researchers at Ebryx have identified two vulnerabilities in Fluent Bit, a widely used open-source log processor and forwarder. These vulnerabilities, tracked as CVE-2024-5060 ...
-
Cybersecurity News
Updated ShadowPad Malware Facilitates Ransomware Deployment in Global Attacks
A new report from Trend Micro has revealed that ShadowPad, a modular malware with deep ties to Chinese threat actors, has evolved into a more dangerous cyber threat, now facilitating ransomware attack ...
-
Cybersecurity News
Secure Boot Bypass: U-Boot Vulnerabilities Expose Embedded Devices
U-Boot, a popular bootloader used in a wide range of embedded devices, has received a crucial update to address multiple vulnerabilities that could compromise device security. These vulnerabilities, d ...
-
TheCyberThrone
CISA adds Craft CMS and PaloAlto Flaws to KEV Catalog
The Cybersecurity and Infrastructure Security Agency (CISA) recently added two critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog. These vulnerabilities are:CVE-2025-23209: ...
-
The Register
Oops, some of our customers' Power Pages-hosted sites were exploited, says Microsoft
Microsoft has fixed a security flaw in its Power Pages website-building SaaS, after criminals got there first – and urged users to check their sites for signs of exploitation. Power Pages is part of M ...
-
Cyber Security News
Ivanti Endpoint Manager Vulnerabilities Proof-of-Concept (PoC) Exploit Released
A cluster of four critical vulnerabilities in Ivanti Endpoint Manager (EPM) has entered a dangerous new phase with the public release of proof-of-concept (PoC) exploit code, escalating risks for organ ...
-
Cyber Security News
New NailaoLocker Ransomware Attacking European Healthcare
European healthcare organizations are facing a sophisticated cyber threat from a newly identified ransomware strain called NailaoLocker, deployed as part of a campaign tracked as Green Nailao by Orang ...
-
BleepingComputer
Chinese hackers use custom malware to spy on US telecom networks
The Chinese state-sponsored Salt Typhoon hacking group uses a custom utility called JumbledPath to stealthily monitor network traffic and potentially capture sensitive data in cyberattacks on U.S. tel ...