CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Apple fixes this year’s first actively exploited zero-day bug
Apple has released security updates to fix this year's first zero-day vulnerability, tagged as actively exploited in attacks targeting iPhone users. The zero-day fixed today is tracked as CVE-2025-24 ...
-
BleepingComputer
Clone2Leak attacks exploit Git flaws to steal credentials
A set of three distinct but related attacks, dubbed 'Clone2Leak,' can leak credentials by exploiting how Git and its credential helpers handle authentication requests. The attack can compromise passwo ...
-
Help Net Security
5,000+ SonicWall firewalls still open to attack (CVE-2024-53704)
5,000+ SonicWall firewalls are still vulnerable to attack via a high-severity vulnerability (CVE-2024-53704) that, according to SonicWall, should be considered “at imminent risk of exploitation”. The ...
-
The Hacker News
GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs
Vulnerability / Software Security Multiple security vulnerabilities have been disclosed in GitHub Desktop as well as other Git-related projects that, if successfully exploited, could permit an attacke ...
-
Krypt3ia
Krypt3ia Daily Cyber Threat Intelligence (CTI) Digest
Date: 1.27.25 Top Headlines Industry leaders explain how AI will change cybersecurity Summary: COMMENTARY: Over the past year, the security industry has grappled with the widespread adoption of AI as ...
-
The Hacker News
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [27 January]
Welcome to your weekly cybersecurity scoop! Ever thought about how the same AI meant to protect our hospitals could also compromise them? This week, we're breaking down the sophisticated world of AI-d ...
-
TheCyberThrone
CVE-2024-50050 impacts Meta’s Llama Stack framework
BackgroundCVE-2024-50050 is a significant security vulnerability identified in Meta’s Llama Stack, a popular framework for building and deploying generative AI (GenAI) applications. This vulnerability ...
-
security.nl
Microsoft roept SonicWall-klanten op om beveiligingsupdate te installeren
Microsoft heeft klanten van securitybedrijf SonicWall met een SMA1000-gateway opgeroepen om een kwetsbaarheid voor een actief aangevallen kwetsbaarheid te installeren. Via het beveiligingslek (CVE-202 ...
-
InfoSec Write-ups
Strutted Walkthrough — HackTheBox
IntroductionIn this write-up, We’ll go through a medium Linux machine where we first gain an initial foothold by exploiting the Apache Struts 2 CVE, followed by leveraging a misconfigured sudo permiss ...
-
TheCyberThrone
CVE-2024-53299 impacts Apache Wicket
BackgroundCVE-2024-53299 is a significant security vulnerability identified in Apache Wicket, specifically impacting versions prior to 9.19.0 and 10.3.0. This vulnerability allows attackers to initiat ...