CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Cybersecurity News Weekly Newsletter – 29.7 Tbps DDoS Attack, Chrome 143, React2Shell Vulnerabilities, and Cloudflare Outage
This week’s cybersecurity landscape featured a record-breaking 29.7 Tbps DDoS attack on a financial institution, leveraging IoT botnets and UDP floods that overwhelmed European networks until mitigate ...
-
Help Net Security
Week in review: React, Node.js flaw patched, ransomware intrusion exposes espionage foothold
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Creative cybersecurity strategies for resource-constrained institutions In this Help Net Security inte ...
-
TheCyberThrone
React2Shell: The Silent Server Takeover – Exploit Chains and Threat Actor Onslaught
In late 2025, React Server Components (RSC) electrified the web dev world, powering Next.js apps with seamless server-client fusion across Vercel, Netlify, and AWS Lambda. Millions of sites lit up wit ...
-
CybersecurityNews
Hackers Launch Widespread Attacks on Palo Alto GlobalProtect Portals from 7,000+ IPs
In an escalating campaign targeting remote access infrastructure, threat actors have initiated active exploitation attempts against Palo Alto Networks’ GlobalProtect VPN portals. GrayNoise tracking ac ...
-
BleepingComputer
React2Shell flaw exploited to breach 30 orgs, 77k IP addresses vulnerable
Over 77,000 Internet-exposed IP addresses are vulnerable to the critical React2Shell remote code execution flaw (CVE-2025-55182), with researchers now confirming that attackers have already compromise ...
-
The Hacker News
Researchers Uncover 30+ Flaws in AI Coding Tools Enabling Data Theft and RCE Attacks
Dec 06, 2025Ravie LakshmananAI Security / Vulnerability Over 30 security vulnerabilities have been disclosed in various artificial intelligence (AI)-powered Integrated Development Environments (IDEs ...
-
The Hacker News
Critical React2Shell Flaw Added to CISA KEV After Confirmed Active Exploitation
Dec 06, 2025Ravie LakshmananVulnerability / Patch Management The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday formally added a critical security flaw impacting React Server ...
-
TheCyberThrone
Apache Tika CVE-2025-66516 Scores Perfect 10
December 6, 2025CVE-2025-66516, a critical XXE vulnerability in Apache Tika’s core with CVSS 10.0, exposes organizations to data exfiltration and SSRF through malicious PDF uploads, affecting document ...
-
CybersecurityNews
2.15M Web Services Running Next.js Exposed Over Internet, Active Exploitation Underway – Patch Now
A critical unauthenticated remote code execution vulnerability dubbed “React2Shell” is actively being exploited in the wild, putting millions of web services at risk. On December 3, React disclosed CV ...
-
CybersecurityNews
Avast Antivirus Sandbox Vulnerabilities Let Attackers Escalate Privileges
Security researchers from the SAFA team have uncovered four kernel heap overflow vulnerabilities in Avast Antivirus, all traced to the aswSnx kernel driver. The flaws, now tracked collectively as CVE- ...