CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
High-Severity Rockwell Flaws Risk Industrial SQLi Data Tampering and Safety Device DoS Requiring Manual Fix
Rockwell Automation has released important security advisories addressing two significant vulnerabilities affecting its industrial cloud platform and safety communication hardware. The flaws, if left ...
-
Daily CyberSecurity
Critical n8n RCE Flaw (CVE-2025-65964) Allows Remote Code Execution via Git Node Configuration Manipulation
A critical security vulnerability has been discovered in n8n, the popular workflow automation tool that powers technical teams worldwide. The flaw, which carries a critical CVSS severity score of 9.4, ...
-
Daily CyberSecurity
FrostBeacon Hits Russian B2B: Cobalt Strike Deployed via LNK and Chained Legacy Exploits
A new and sophisticated malware campaign dubbed “Operation FrostBeacon” is systematically targeting business-to-business (B2B) enterprises across the Russian Federation. A report from Seqrite Labs rev ...
-
Daily CyberSecurity
Critical ZITADEL Flaws (CVE-2025-67494, CVSS 9.3) Risk SSRF Internal Breach and Account Hijack via XSS
The security team behind ZITADEL, the open-source identity management platform, has issued urgent advisories regarding three high-severity vulnerabilities discovered in its V2 Login UI. The flaws, whi ...
-
Trend Micro
CVE-2025-55182: React2Shell Analysis, Proof-of-Concept Chaos, and In-the-Wild Exploitation
Key takeaways: The exploit leverages JavaScript’s duck-typing and dynamic code execution through an attack that has four stages: it creates a self-reference loop, tricks JavaScript into calling attack ...
-
The Register
Microsoft reports 7.8-rated zero day, plus 56 more in December Patch Tuesday
Happy December Patch Tuesday to all who celebrate. This month's patch party includes one Microsoft flaw under exploitation, plus two others listed as publicly known – but just 57 CVEs in total from Re ...
-
krebsonsecurity.com
Microsoft Patch Tuesday, December 2025 Edition
Microsoft today pushed updates to fix at least 56 security flaws in its Windows operating systems and supported software. This final Patch Tuesday of 2025 tackles one zero-day bug that is already bein ...
-
BleepingComputer
SAP fixes three critical vulnerabilities across multiple products
SAP has released its December security updates addressing 14 vulnerabilities across a range of products, including three critical-severity flaws. The most severe (CVSS score: 9.9) of all the issues is ...
-
BleepingComputer
Windows PowerShell now warns when running Invoke-WebRequest scripts
Microsoft says Windows PowerShell now warns when running scripts that use the Invoke-WebRequest cmdlet to download web content, aiming to prevent potentially risky code from executing. As Microsoft ex ...
-
BleepingComputer
Microsoft releases Windows 10 KB5071546 extended security update
Microsoft has released the KB5071546 extended security update to resolve 57 security vulnerabilities, including three zero-day flaws. If you are running Windows 10 Enterprise LTSC or are enrolled in t ...