CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
Critical Elementor Plugin Flaw (CVE-2025-8489, CVSS 9.8) Under Active Exploitation Allows Unauthenticated Admin Takeover
A critical security flaw in a popular WordPress plugin has triggered a massive wave of exploitation attempts, with threat actors actively trying to seize control of vulnerable websites by registering ...
-
Daily CyberSecurity
High-Severity Angular Flaw (CVE-2025-66412) Allows Stored XSS via SVG and MathML Bypass
The maintainers of Angular, the popular platform for building mobile and desktop web applications, have released an important security advisory regarding a high-severity vulnerability in the Angular T ...
-
The Cloudflare Blog
Cloudflare WAF proactively protects against React vulnerability
2025-12-031 min readCloudflare has deployed a new protection to address a vulnerability in React Server Components (RSC). All Cloudflare customers are automatically protected, including those on free ...
-
The Cyber Express
CISA Warns that Two Android Vulnerabilities Are Under Attack
CISA warned today that two Android zero-day vulnerabilities are under active attack, within hours of Google releasing patches for the flaws. Both are high-severity Android framework vulnerabilities. C ...
-
The Register
Two Android 0-day bugs disclosed and fixed, plus 105 more to patch
Two high-severity Android bugs were exploited as zero-days before Google issued a fix, according to its December Android security bulletin. The two vulnerabilities are CVE-2025-48633, an information-d ...
-
The Register
University of Pennsylvania joins list of victims from Clop's Oracle EBS raid
The University of Pennsylvania has become the latest victim of Clop's smash-and-grab spree against Oracle's E-Business Suite (EBS) customers, with the Ivy League school now warning more than a thousan ...
-
europa.eu
Cyber Brief 25-12 - November 2025
Cyber Brief (November 2025)December 2, 2025 - Version: 1TLP:CLEARExecutive summaryWe analysed 277 open source reports for this Cyber Security Brief1.Relating to cyber policy and law enforcement, Opera ...
-
Help Net Security
Google fixes Android vulnerabilities “under targeted exploitation” (CVE-2025-48633, CVE-2025-48572)
Google has shipped patches for 51 Android vulnerabilities, including two high-severity flaws (CVE-2025-48633, CVE-2025-48572) that “may be under limited, targeted exploitation”. According to the Decem ...
-
DataBreaches.Net
How a noisy ransomware intrusion exposed a long-term espionage foothold
Zeljka Zorz reports: Getting breached by two separate and likely unconnected cyber attack groups is a nightmare scenario for any organization, but can result in an unexpected silver lining: the noisie ...
-
BleepingComputer
Google fixes two Android zero days exploited in attacks, 107 flaws
Google has released the December 2025 Android security bulletin, addressing 107 vulnerabilities, including two flaws actively exploited in targeted attacks. The two high-severity vulnerabilities are t ...