CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Google Warns Multiple Hacker Groups Are Exploiting React2Shell to Spread Malware
Google Threat Intelligence Group (GTIG) has issued a warning regarding the widespread exploitation of a critical security flaw in React Server Components. Known as React2Shell (CVE-2025-55182), this v ...
-
TheCyberThrone
CISA adds Chrome ans Sierra Bugs to KEV Catalog
CISA has added two high‑impact vulnerabilities—CVE‑2025‑14174 in Google Chromium and CVE‑2018‑4063 in Sierra Wireless AirLink ALEOS—to the Known Exploited Vulnerabilities (KEV) catalog after confirmin ...
-
CybersecurityNews
CISA Warns of Google Chromium 0-Day Vulnerability Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical zero-day vulnerability in Google Chromium’s ANGLE graphics engine to its Known Exploited Vulnerabilities (KEV) cat ...
-
The Hacker News
CISA Adds Actively Exploited Sierra Wireless Router Flaw Enabling RCE Attacks
Dec 13, 2025Ravie LakshmananNetwork Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a high-severity flaw impacting Sierra Wireless AirLink A ...
-
Daily CyberSecurity
React2Shell: Max-Score RCE (CVSS 10.0) Triggers Widespread Exploitation by Espionage Groups & Miners
The cybersecurity landscape was jolted this month by the disclosure of a catastrophic vulnerability in one of the world’s most popular web development frameworks. Dubbed “React2Shell,” the flaw has tr ...
-
The Hacker News
Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild
Dec 13, 2025Ravie LakshmananZero-Day / Vulnerability Apple on Friday released security updates for iOS, iPadOS, macOS, tvOS, watchOS, visionOS, and its Safari web browser to address two security fla ...
-
CybersecurityNews
Apple 0-Day Vulnerabilities Exploited in Sophisticated Attacks Targeting iPhone Users
Apple patches two WebKit zero-day flaws actively exploited in sophisticated attacks targeting specific iPhone users running iOS versions prior to 26. The iOS 26.2 and iPadOS 26.2 updates, released De ...
-
Daily CyberSecurity
Apache Airflow Flaws Leak Sensitive Credentials in UI via DAG Tracebacks & Template Rendering
The maintainers of Apache Airflow, the industry-standard platform for programmatic workflow authoring, have released a crucial security update to plug leaks that could expose sensitive credentials to ...
-
Daily CyberSecurity
Urgent: Apple Patches Two Critical WebKit Zero-Days Under Active Exploitation Against High-Risk Targets
Apple has issued an urgent security intervention for iPhone and iPad users, releasing patches for two critical zero-day vulnerabilities in the WebKit browser engine. In a concerning disclosure, the te ...
-
BleepingComputer
Apple fixes two zero-day flaws exploited in 'sophisticated' attacks
Apple has released emergency updates to patch two zero-day vulnerabilities that were exploited in an “extremely sophisticated attack” targeting specific individuals. The zero-days are tracked as CVE-2 ...