CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
SAP fixes three critical vulnerabilities across multiple products
SAP has released its December security updates addressing 14 vulnerabilities across a range of products, including three critical-severity flaws. The most severe (CVSS score: 9.9) of all the issues is ...
-
BleepingComputer
Windows PowerShell now warns when running Invoke-WebRequest scripts
Microsoft says Windows PowerShell now warns when running scripts that use the Invoke-WebRequest cmdlet to download web content, aiming to prevent potentially risky code from executing. As Microsoft ex ...
-
BleepingComputer
Microsoft releases Windows 10 KB5071546 extended security update
Microsoft has released the KB5071546 extended security update to resolve 57 security vulnerabilities, including three zero-day flaws. If you are running Windows 10 Enterprise LTSC or are enrolled in t ...
-
BleepingComputer
Microsoft December 2025 Patch Tuesday fixes 3 zero-days, 57 flaws
Today is Microsoft's December 2025 Patch Tuesday, which fixes 57 flaws, including one actively exploited and two publicly disclosed zero-day vulnerabilities. This Patch Tuesday also addresses three "C ...
-
BleepingComputer
Fortinet warns of critical FortiCloud SSO login auth bypass flaws
Fortinet has released security updates to address two critical vulnerabilities in FortiOS, FortiWeb, FortiProxy, and FortiSwitchManager that could allow attackers to bypass FortiCloud SSO authenticati ...
-
Zero Day Initiative
The December 2025 Security Update Review
It’s the final patch Tuesday of 2025, but that doesn’t make it any less exciting. Put aside your holiday planning for just a moment as we review the latest security offering from Adobe and Microsoft. ...
-
The Hacker News
North Korea-linked Actors Exploit React2Shell to Deploy New EtherRAT Malware
Threat actors with ties to North Korea have likely become the latest to exploit the recently disclosed critical security React2Shell flaw in React Server Components (RSC) to deliver a previously undoc ...
-
CybersecurityNews
Microsoft December 2025 Patch Tuesday – 56 Vulnerabilities Fixed Including 3 Zero-days
CVE-2025-62554Microsoft Office Remote Code Execution VulnerabilityCriticalRemote Code ExecutionAccess of resource using incompatible type (‘type confusion’) in Microsoft Office allows an unauthorized ...
-
CybersecurityNews
Makop Ransomware Exploits RDP Systems with AV Killer and Other Exploits
Makop ransomware, a strain of the Phobos malware family first spotted in 2020, continues to evolve into a significant threat to businesses worldwide. Recent analysis reveals that attackers are combini ...
-
CybersecurityNews
Ivanti Security Update: Patch for Code Execution Vulnerabilities in Endpoint Manager
Ivanti has officially released urgent security updates for its Endpoint Manager (EPM) solution to address four distinct security flaws. The latest advisory highlights one critical vulnerability and th ...