CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Foxit PDF Editor Vulnerabilities Let Attackers Execute Arbitrary JavaScript
Security updates addressing critical cross-site scripting (XSS) vulnerabilities in Foxit PDF Editor Cloud that could allow attackers to execute arbitrary JavaScript code in users’ browsers. The vulner ...
-
Help Net Security
Russian hackers are exploiting recently patched Microsoft Office vulnerability (CVE-2026-21509)
Russian state-sponsored hackers Fancy Bear (aka APT 28) are exploiting CVE-2026-21509, a Microsoft Office vulnerability for which Microsoft released an emergency fix last week. The exploitation CVE-20 ...
-
0patch.com
Micropatches released for Microsoft Excel Remote Code Execution Vulnerability (CVE-2025-62203)
November 2025 Windows Updates brought a patch for CVE-2025-62203, a remote code execution vulnerability in Microsoft Excel that could allow a remote attacker to have their malicious code executed on u ...
-
The Hacker News
Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package
Threat actors have been observed exploiting a critical security flaw impacting the Metro Development Server in the popular "@react-native-community/cli" npm package. Cybersecurity company VulnCheck sa ...
-
BleepingComputer
Hackers exploit critical React Native Metro bug to breach dev systems
Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native to deliver malicious payloads for Windows and Linux. On Windows, an unauth ...
-
cert.pl
Vulnerability in mObywatel application for iOS
Vulnerability in mObywatel application for iOS CVE ID CVE-2025-11598 Publication date 03 February 2026 Vendor Centralny Ośrodek Informatyki Product mObywatel Vulnerable versions All before 4.71.0 (iOS ...
-
The Hacker News
APT28 Uses Microsoft Office CVE-2026-21509 in Espionage-Focused Malware Attacks
The Russia-linked state-sponsored threat actor known as APT28 (aka UAC-0001) has been attributed to attacks exploiting a newly disclosed security flaw in Microsoft Office as part of a campaign codenam ...
-
CybersecurityNews
Apache Syncope Vulnerability Let Attackers Hijack User Sessions
A critical XML External Entity (XXE) vulnerability has been disclosed in the Syncope identity management console. The flaw could allow administrators to expose sensitive user data and compromise sessi ...
-
CybersecurityNews
APT28 Hackers Exploiting Microsoft Office 0-Day in the Wild to Deploy Malware
APT28, the Russia-linked advanced persistent threat group, has launched a sophisticated campaign targeting Central and Eastern Europe using a zero-day vulnerability in Microsoft Office. The threat act ...
-
reddit.com
Exploiting CVE-2025-49825 (authentication bypass vulnerability in Teleport)
Let us know your cookie preferences Reddit uses cookies and similar technologies to: Keep the website operational and running properly Prevent fraud and abuse Monitor site usage and performance metric ...