CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Clop ransomware targets Gladinet CentreStack in data theft attacks
The Clop ransomware gang (also known as Cl0p) is targeting Internet-exposed Gladinet CentreStack file servers in a new data theft extortion campaign. Gladinet CentreStack enables businesses to securel ...
-
BleepingComputer
New password spraying attacks target Cisco, PAN VPN gateways
An automated campaign is targeting multiple VPN platforms, with credential-based attacks being observed on Palo Alto Networks GlobalProtect and Cisco SSL VPN. On December 11, threat monitoring platfor ...
-
TheCyberThrone
Cisco Hits Perfect 10 with Secure Email Gateway Bug
Cisco’s CVE-2025-20393 is a CVSS 10.0 zero-day in Cisco AsyncOS that gives unauthenticated attackers full root control over Cisco Secure Email Gateway and Secure Email and Web Manager when the Spam Qu ...
-
The Hacker News
HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution
Dec 18, 2025Ravie LakshmananVulnerability / Enterprise Security Hewlett Packard Enterprise (HPE) has resolved a maximum-severity security flaw in OneView Software that, if successfully exploited, co ...
-
CybersecurityNews
CISA Adds ASUS Embedded Malicious Code Vulnerability to KEV List Following Active Exploitation
CISA has added a new ASUS vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, signaling urgent risk for affected users and organizations. The flaw, tracked as CVE-2025-59374, affects A ...
-
security.nl
Kritiek beveiligingslek in FreeBSD maakt remote code execution mogelijk
Een kritiek beveiligingslek in FreeBSD maakt remote code execution mogelijk, waarbij een aanvaller in hetzelfde netwerksegment moet zitten als het doelwit. Er zijn beveiligingsupdates uitgebracht om h ...
-
The Register
Another bad week for SonicWall as SMA 1000 zero-day under active exploit
SonicWall has warned customers of a zero-day flaw in its SMA 1000 remote-access appliance that's being actively exploited, potentially allowing attackers to escalate privileges and take over boxes. Th ...
-
CybersecurityNews
HPE OneView Software Vulnerability Let Attackers Execute Remote Code
A critical security alert warns customers about a severe vulnerability in HPE OneView Software that could allow remote attackers to execute arbitrary code without authentication. The flaw, tracked as ...
-
CybersecurityNews
Cisco Unified Contact Center Express Vulnerabilities Enables Remote Code Execution Attacks
A critical security advisory addressing multiple severe vulnerabilities in Cisco Unified Contact Center Express (Unified CCX). That could allow unauthenticated remote attackers to execute arbitrary co ...
-
The Hacker News
ThreatsDay Bulletin: WhatsApp Hijacks, MCP Leaks, AI Recon, React2Shell Exploit and 15 More Stories
This week's ThreatsDay Bulletin tracks how attackers keep reshaping old tools and finding new angles in familiar systems. Small changes in tactics are stacking up fast, and each one hints at where the ...