CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
⚡ Weekly Recap: Apple 0-Days, WinRAR Exploit, LastPass Fines, .NET RCE, OAuth Scams & More
Dec 15, 2025Ravie LakshmananHacking News / Cybersecurity If you use a smartphone, browse the web, or unzip files on your computer, you are in the crosshairs this week. Hackers are currently exploiti ...
-
The Register
Apple, Google forced to issue emergency 0-day patches
Apple and Google have both issued emergency patches after zero-day bugs were caught being actively exploited in what the companies describe as "sophisticated" real-world attacks. Over the past few day ...
-
Help Net Security
Update your Apple devices to fix actively exploited vulnerabilities! (CVE-2025-14174, CVE-2025-43529)
Apple has issued security updates with fixes for two WebKit vulnerabilities (CVE-2025-14174, CVE-2025-43529) that have been exploited as zero-days. Several days before the release of these updates, Go ...
-
hackread.com
Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide
Torrance, United States / California, December 12th, 2025, CyberNewsWire In December 2025, CVE-2025-55182 (React2Shell), a vulnerability in React Server Components (RSC) that enables remote code execu ...
-
security.nl
Google: aangevallen lek in Galaxy-telefoons stilletjes gepatcht door Samsung
Samsung heeft een actief aangevallen kwetsbaarheid in de eigen Galaxy-telefoons stilletjes gepatcht, zo stelt Google. Het beveiligingslek werd gebruikt om Samsung-telefoons met spyware te infecteren. ...
-
BleepingComputer
Microsoft: December security updates cause Message Queuing failures
Microsoft has confirmed that the December 2025 security updates are breaking Message Queuing (MSMQ) functionality, affecting enterprise applications and Internet Information Services (IIS) websites. T ...
-
CybersecurityNews
Windows Remote Access Connection Manager Vulnerability Enables Arbitrary Code Execution
A critical security issue involving the Windows Remote Access Connection Manager (RasMan) that allows local attackers to execute arbitrary code with System privileges. While investigating CVE-2025-592 ...
-
CybersecurityNews
CISA Adds Sierra Router Vulnerability to KEV Catalogue Following Active Exploitation
A critical vulnerability affecting Sierra Wireless routers has been added to its Known Exploited Vulnerabilities (KEV) catalog. This decision comes after evidence emerged that the flaw is being active ...
-
CybersecurityNews
CISA Releases Guidance for Managing UEFI Secure Boot on Enterprise Devices
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in coordination with the National Security Agency (NSA), has issued new guidance urging enterprises to verify and manage UEFI Secure B ...
-
Daily CyberSecurity
NVIDIA Merlin Flaws Risk AI Pipeline RCE via Unsafe Deserialization in NVTabular & Transformers4Rec
NVIDIA has issued an important security update for its Merlin framework, patching high-severity vulnerabilities that could allow attackers to execute malicious code or tamper with sensitive data withi ...