CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers
Jan 01, 2025Ravie LakshmananNetwork Security / Vulnerability Cybersecurity researchers have disclosed details of a persistent nine-month-long campaign that has targeted Internet of Things (IoT) devi ...
-
Daily CyberSecurity
Apache NuttX RTOS Patches Two Filesystem Flaws
The Apache Software Foundation has released updates for Apache NuttX, a real-time operating system (RTOS) widely used in environments ranging from 8-bit to 64-bit microcontrollers. The alerts highligh ...
-
Daily CyberSecurity
Hijacked Mobility: CISA Warns of Critical 9.8 Flaw Allowing Remote Control of WHILL Power Chairs
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding a critical safety vulnerability in popular electric mobility devices that could turn a user’s wheelchair in ...
-
Daily CyberSecurity
The $130 Billion Comeback: Why Apple’s “Slow” AI Strategy is a 2026 Trap
Although Apple’s 2025 software updates appeared to shift the marketing spotlight toward the “Liquid Glass” visual interface rather than loudly championing generative AI—prompting criticism that the co ...
-
BleepingComputer
RondoDox botnet exploits React2Shell flaw to breach Next.js servers
The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. First documented by Fortinet in July ...
-
CybersecurityNews
Critical IBM API Connect Vulnerability Let Attackers Bypass Logins
A critical security alert regarding a severe vulnerability in the IBM API Connect platform that could allow remote attackers to bypass authentication mechanisms. Discovered during internal testing, th ...
-
The Hacker News
IBM Warns of Critical API Connect Bug Allowing Remote Authentication Bypass
Dec 31, 2025Ravie LakshmananAPI Security / Vulnerability IBM has disclosed details of a critical security flaw in API Connect that could allow attackers to gain remote access to the application. The ...
-
hackread.com
30,000 Korean Air Employee Records Stolen as Cl0p Leaks Data Online
In a worrying turn of events for the aviation industry, Korean Air has confirmed that the personal details of roughly 30,000 current and former employees have been stolen. This news, shared on Decembe ...
-
BleepingComputer
IBM warns of critical API Connect auth bypass vulnerability
IBM urged customers to patch a critical authentication bypass vulnerability in its API Connect enterprise platform that could allow attackers to access apps remotely. API Connect is an application pro ...
-
CybersecurityNews
Critical Apache StreamPipes Vulnerability Let Attackers Seize Admin Control
A security patch addressing a critical privilege escalation vulnerability that allows unauthorized users to gain administrative access to the data streaming platform. The flaw, tracked as CVE-2025-474 ...