CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Final Patch of 2025: Critical SAP Solution Manager Flaw (CVE-2025-42880, CVSS 9.9) Risks Full System Compromise
Today, SAP has released its final security update of the year, dropping 14 new security notes. The patch bundle is headlined by a critical “Code Injection” vulnerability in SAP Solution Manager that c ...
-
CybersecurityNews
500+ Apache Tika Toolkit Instances Vulnerable to Critical XXE Attack Exposed Online
Over 565 internet-exposed Apache Tika Server instances are vulnerable to a critical XML External Entity (XXE) injection flaw. That could enable attackers to steal sensitive data, launch denial-of-serv ...
-
CybersecurityNews
Burp Suite’s Scanning Arsenal Powered With Detection for Critical React2Shell Vulnerabilities
PortSwigger has enhanced Burp Suite’s scanning arsenal with the latest update to its ActiveScan++ extension, introducing detection for the critical React2Shell vulnerabilities (CVE-2025-55182 and CVE- ...
-
Daily CyberSecurity
Critical Authentication Bypass Flaws Discovered in Ruby SAML Library (CVE-2025-66567 & CVE-2025-66568)
A pair of critical security vulnerabilities has been disclosed in the Ruby SAML library, a foundational tool used by developers to implement client-side SAML authorization. Both flaws carry a critical ...
-
Daily CyberSecurity
CISA KEV Alert: EOL D-Link and Array Networks Command Injection Under Active Attack
The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with two distinct but equally dangerous threats: a critical flaw in legacy D-L ...
-
TheCyberThrone
CISA Adds Array Networks and D-Link Vulnerabilities to KEV Catalog
December 9, 2025CISA has recently added critical vulnerabilities from Array Networks ArrayOS AG VPN devices and D-Link routers to its Known Exploited Vulnerabilities (KEV) catalog, signaling active re ...
-
CrowdStrike.com
Falcon Shield Evolves with AI Agent Visibility and Falcon Next-Gen SIEM Integration
CrowdStrike Falcon Shield will provide a centralized view of AI agents across applications and now integrates first-party SaaS telemetry into Falcon Next-Gen SIEM. CrowdStrike is introducing two power ...
-
CybersecurityNews
CISA Adds Critical React2Shell Vulnerability to KEV Catalog Following Active Exploitation
A critical vulnerability affecting Meta React Server Components has been added to the Known Exploited Vulnerabilities catalog, signalling widespread active exploitation by CISA. Tracked as CVE-2025-55 ...
-
TheCyberThrone
Google Chrome 143 Stable Channel Released
December 8, 2025Google Chrome 143 patches four high-severity vulnerabilities (CVE-2025-13630 to CVE-2025-13633), all enabling remote code execution, privilege escalation, or sandbox escapes when chain ...
-
CybersecurityNews
Critical Cal.com Vulnerability Let Attackers Bypass Authentication Via Fake TOTP Codes
A severe authentication bypass vulnerability has been discovered in cal.com, the popular open-source scheduling platform. Allowing attackers to gain unauthorized access to user accounts by submitting ...