CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
CVE-2025-23006 impacts SonicWall SMA 1000 Series
CVE-2025-23006 is a critical pre-authentication deserialization of untrusted data vulnerability identified in SonicWall’s Secure Mobile Access (SMA) 1000 series appliances. This vulnerability poses si ... Read more
-
The Register
One of Salt Typhoon's favorite flaws still wide open on 91% of at-risk Exchange Servers
One of the critical security flaws exploited by China's Salt Typhoon to breach US telecom and government networks has had a patch available for nearly four years - yet despite repeated warnings from l ... Read more
-
The Register
Patch now: Cisco fixes critical 9.9-rated, make-me-admin bug in Meeting Management
Cisco has pushed a patch for a critical, 9.9-rated vulnerability in its Meeting Management tool that could allow a remote, authenticated attacker with low privileges to escalate to administrator on af ... Read more
-
BleepingComputer
QNAP fixes six Rsync vulnerabilities in NAS backup, recovery app
QNAP has fixed six rsync vulnerabilities that could let attackers gain remote code execution on unpatched Network Attached Storage (NAS) devices. Rsync is an open-source file synchronization tool that ... Read more
-
Dark Reading
CISA: Ivanti Vulns Chained Together in Cyberattack Onslaught
Source: Kristoffer Tripplaar via Alamy Stock PhotoNEWS BRIEFCyberattackers are using a new threat vector involving several Ivanti vulnerabilities in order to subvert the company's Cloud Service Applia ... Read more
-
BleepingComputer
CISA: Hackers still exploiting older Ivanti bugs to breach networks
CISA and the FBI warned today that attackers are still exploiting Ivanti Cloud Service Appliances (CSA) security flaws patched since September to breach vulnerable networks. The vulnerabilities chaine ... Read more
-
The Register
SonicWall flags critical bug likely exploited as zero-day, rolls out hotfix
SonicWall is warning customers of a critical vulnerability that was potentially already exploited as a zero-day. The bug affects SonicWall's Secure Mobile Access (SMA) line, specifically the SMA 1000 ... Read more
-
BleepingComputer
SonicWall warns of SMA1000 RCE flaw exploited in zero-day attacks
SonicWall is warning about a pre-authentication deserialization vulnerability in SonicWall SMA1000 Appliance Management Console (AMC) and Central Management Console (CMC), with reports that it has bee ... Read more
-
BleepingComputer
Stealthy 'Magic Packet' malware targets Juniper VPN gateways
A malicious campaign has been specifically targeting Juniper edge devices, many acting as VPN gateways, with malware dubbed J-magic that starts a reverse shell only if it detects a “magic packet” in t ... Read more
-
The Hacker News
Palo Alto Firewalls Found Vulnerable to Secure Boot Bypass and Firmware Exploits
Firmware Security / Vulnerability An exhaustive evaluation of three firewall models from Palo Alto Networks has uncovered a host of known security flaws impacting the devices' firmware as well as misc ... Read more