CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
0patch.com
Micropatches released for Microsoft Excel Remote Code Execution Vulnerability (CVE-2025-62203)
November 2025 Windows Updates brought a patch for CVE-2025-62203, a remote code execution vulnerability in Microsoft Excel that could allow a remote attacker to have their malicious code executed on u ...
-
The Hacker News
Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package
Threat actors have been observed exploiting a critical security flaw impacting the Metro Development Server in the popular "@react-native-community/cli" npm package. Cybersecurity company VulnCheck sa ...
-
BleepingComputer
Hackers exploit critical React Native Metro bug to breach dev systems
Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native to deliver malicious payloads for Windows and Linux. On Windows, an unauth ...
-
cert.pl
Vulnerability in mObywatel application for iOS
Vulnerability in mObywatel application for iOS CVE ID CVE-2025-11598 Publication date 03 February 2026 Vendor Centralny Ośrodek Informatyki Product mObywatel Vulnerable versions All before 4.71.0 (iOS ...
-
The Hacker News
APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks
The Russia-linked state-sponsored threat actor known as APT28 (aka UAC-0001) has been attributed to attacks exploiting a newly disclosed security flaw in Microsoft Office as part of a campaign codenam ...
-
CybersecurityNews
Apache Syncope Vulnerability Let Attackers Hijack User Sessions
A critical XML External Entity (XXE) vulnerability has been disclosed in the Syncope identity management console. The flaw could allow administrators to expose sensitive user data and compromise sessi ...
-
CybersecurityNews
APT28 Hackers Exploiting Microsoft Office 0-Day in the Wild to Deploy Malware
APT28, the Russia-linked advanced persistent threat group, has launched a sophisticated campaign targeting Central and Eastern Europe using a zero-day vulnerability in Microsoft Office. The threat act ...
-
reddit.com
Exploiting CVE-2025-49825 (authentication bypass vulnerability in Teleport)
Let us know your cookie preferences Reddit uses cookies and similar technologies to: Keep the website operational and running properly Prevent fraud and abuse Monitor site usage and performance metric ...
-
The Cyber Express
Critical vLLM Flaw Exposes Millions of AI Servers to Remote Code Execution
A newly disclosed security flaw has placed millions of AI servers at risk after researchers identified a critical vulnerability in vLLM, a widely deployed Python package for serving large language mod ...
-
The Cyber Express
IPIDEA Proxy Network Dismantled: Global Cybercrime and Botnet Risks Exposed
Researchers have found what they believe is one of the world’s largest residential proxy networks: the IPIDEA proxy operation. The action targeted a little-known but deeply embedded component of the o ...