CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
CISA Adds Digiever Authorization Vulnerability to KEV List Following Active Exploitation
A critical vulnerability affecting Digiever DS-2105 Pro network video recorders was added to the Known Exploited Vulnerabilities (KEV) catalog on December 22, 2025, following evidence of active exploi ...
-
The Hacker News
Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances
Dec 23, 2025Ravie LakshmananVulnerability / Workflow Automation A critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could re ...
-
Daily CyberSecurity
Anna’s Archive Claims 300TB Spotify Mirror, Forcing an Investigation Into a Massive Music Data Leak
The shadow library Anna’s Archive has claimed that it has carried out a large-scale “mirror” of Spotify’s music catalog and intends to distribute it via torrents totaling roughly 300 terabytes. Spotif ...
-
Daily CyberSecurity
Critical Unauthenticated MongoDB Flaw Leaks Sensitive Data via zlib Compression
A critical vulnerability was disclosed in MongoDB, one of the world’s most popular NoSQL database platforms. The security flaw, tracked as CVE-2025-14847, allows attackers to siphon sensitive data fro ...
-
Daily CyberSecurity
Identity Theft in M-Files: High-Severity Flaw Lets Insiders Hijack User Accounts and Access Sensitive Data
M-Files, the intelligent information management platform used by enterprises to organize their documents, has issued a security advisory addressing two distinct vulnerabilities. The most critical of t ...
-
Daily CyberSecurity
AI-Generated Decoys & XLL Stealth: Inside the New “EchoGather” Cyber Espionage Campaign
A cyber-espionage group known for hunting Russian organizations has upgraded its arsenal, deploying malicious Excel add-ins to slip past defenses and install a new backdoor. A new report from Intezer ...
-
Daily CyberSecurity
Zero-Day Alert: Linksys Auth Bypass Lets Hackers Hijack Routers Without Passwords
Image: CSIT A popular Wi-Fi 6 router found in thousands of homes has been blown wide open by security researchers, revealing a critical flaw that allows attackers to bypass login screens and seize ful ...
-
CybersecurityNews
PoC Exploit Released for Use-After-Free Vulnerability in Linux Kernel’s POSIX CPU Timers Implementation
A proof-of-concept (PoC) exploit has been publicly released for CVE-2025-38352, a race condition vulnerability affecting the Linux kernel’s POSIX CPU timer implementation. The flaw enables attackers t ...
-
CybersecurityNews
Microsoft Brokering File System Vulnerability Let Attackers Escalate Privileges
Microsoft has patched a significant use-after-free vulnerability in its Brokering File System (BFS) driver, tracked as CVE-2025-29970. The flaw enables local attackers to escalate privileges on Window ...
-
BleepingComputer
University of Phoenix data breach impacts nearly 3.5 million individuals
The Clop ransomware gang has stolen the data of nearly 3.5 million University of Phoenix (UoPX) students, staff, and suppliers after breaching the university's network in August. Headquartered in Phoe ...