CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Security Alert: Apache SkyWalking Stored XSS Vulnerability (CVE-2025-54057)
Apache SkyWalking, the widely adopted open-source Application Performance Monitoring (APM) system used for distributed systems in Cloud Native architectures, has released a critical security update. T ...
-
CybersecurityNews
New Unauthenticated DoS Vulnerability Crashes Next.js Servers with a Single Request
A newly discovered critical vulnerability in the Next.js framework allows attackers to crash self-hosted servers using a single HTTP request, requiring negligible resources to execute. Discovered by r ...
-
Daily CyberSecurity
Critical Ray AI Flaw Exposes Devs via Safari & Firefox (CVE-2025-62593)
A critical remote code execution (RCE) vulnerability has been discovered in the Ray framework, putting AI and Python developers at risk of having their systems compromised. The vulnerability, tracked ...
-
Daily CyberSecurity
Water Gamayun Weaponizes “MSC EvilTwin” Zero-Day for Stealthy Backdoor Attacks
A sophisticated new cyber espionage campaign has been uncovered by Zscaler Threat Hunting, revealing how a Russia-aligned Advanced Persistent Threat (APT) group known as Water Gamayun is weaponizing a ...
-
Daily CyberSecurity
Hidden Danger in 3D: Malicious Blender Files Unleash StealC V2 Infostealer
Morphisec has issued a critical alert regarding a sophisticated malware campaign targeting 3D artists, game developers, and hobbyists. For at least six months, threat actors have been weaponizing 3D m ...
-
Daily CyberSecurity
Zero-Day Warning: Unpatched Twonky Server Flaws Expose Media to Total Takeover
A critical security warning has been issued for users of Twonky Server, the popular media server software found on countless NAS devices and routers. In a concerning development, researchers at Rapid7 ...
-
Daily CyberSecurity
Angular Alert: Protocol-Relative URLs Leak XSRF Tokens (CVE-2025-66035)
The Angular team has issued a high-severity security advisory regarding a logic flaw in the framework’s HTTP Client that could render applications vulnerable to Cross-Site Request Forgery (CSRF) attac ...
-
Daily CyberSecurity
GitLab Patch: Fixes CI/CD Credential Theft & Unauthenticated DoS Attacks
GitLab has released an important security update today affecting both its Community Edition (CE) and Enterprise Edition (EE). The release addresses multiple high-severity vulnerabilities, ranging from ...
-
BleepingComputer
New ShadowV2 botnet malware used AWS outage as a test opportunity
A new Mirai-based botnet malware named ‘ShadowV2’ has been observed targeting IoT devices from D-Link, TP-Link, and other vendors with exploits for known vulnerabilities. Fortinet’s FortiGuard Labs re ...
-
Kaspersky
Microsoft Exchange on-premises hardening recommendations
Few cybersecurity experts would dispute that attacks on Microsoft Exchange servers should be viewed as inevitable, and the risk of compromise remains consistently high. In October, Microsoft ended sup ...