CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
CISA Adds Critical React2Shell Vulnerability to KEV Catalog Following Active Exploitation
A critical vulnerability affecting Meta React Server Components has been added to the Known Exploited Vulnerabilities catalog, signalling widespread active exploitation by CISA. Tracked as CVE-2025-55 ...
-
TheCyberThrone
Google Chrome 143 Stable Channel Released
December 8, 2025Google Chrome 143 patches four high-severity vulnerabilities (CVE-2025-13630 to CVE-2025-13633), all enabling remote code execution, privilege escalation, or sandbox escapes when chain ...
-
CybersecurityNews
Critical Cal.com Vulnerability Let Attackers Bypass Authentication Via Fake TOTP Codes
A severe authentication bypass vulnerability has been discovered in cal.com, the popular open-source scheduling platform. Allowing attackers to gain unauthorized access to user accounts by submitting ...
-
The Hacker News
⚡ Weekly Recap: USB Malware, React2Shell, WhatsApp Worms, AI IDE Bugs & More
It's been a week of chaos in code and calm in headlines. A bug that broke the internet's favorite framework, hackers chasing AI tools, fake apps stealing cash, and record-breaking cyberattacks — all w ...
-
The Register
Barts Health seeks High Court block after Clop pillages NHS trust data
Barts Health NHS Trust has confirmed that patient and staff data was stolen in Clop's mass-exploitation of Oracle's E-Business Suite (EBS), and says it is now taking legal action in an effort to stop ...
-
security.nl
Cloudflare: grote storing veroorzaakt door aanpassing wegens React-lek
De grote Cloudflare-storing die zich vorige week voordeed, en waardoor allerlei websites en diensten onbereikbaar waren, werd volgens het internetbedrijf veroorzaakt door een aanpassing die het wegens ...
-
CybersecurityNews
Critical WatchGuard Firebox Vulnerabilities Let Attackers Bypass Integrity Checks and Inject Malicious Codes
Critical security alerts have been issued for Firebox firewall devices due to serious ten vulnerabilities. The vulnerabilities in WatchGuard, disclosed on December 4, 2025, span multiple severity leve ...
-
CybersecurityNews
OceanLotus Hacker Group Targeting Xinchuang IT Ecosystems to Launch Supply Chain Attacks
The OceanLotus hacker group, widely tracked as APT32, has initiated a highly targeted surveillance campaign aimed at China’s “Xinchuang” IT ecosystem. This strategic pivot focuses on compromising indi ...
-
The Cyber Express
Barts Health Confirms Cl0p Ransomware Behind Data Breach Linked to Oracle Vulnerability
Barts Health NHS Trust has confirmed that the data breach at Barts Health was carried out by the Russian-speaking Cl0p ransomware group, which exploited a vulnerability in Oracle E-Business Suite. The ...
-
The Hacker News
Sneeit WordPress RCE Exploited in the Wild While ICTBroadcast Bug Fuels Frost Botnet Attacks
A critical security flaw in the Sneeit Framework plugin for WordPress is being actively exploited in the wild, per data from Wordfence. The remote code execution vulnerability in question is CVE-2025- ...