CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
New React RSC Vulnerabilities Enable DoS and Source Code Exposure
Dec 12, 2025Ravie LakshmananSoftware Security / Vulnerability The React team has released fixes for two new types of flaws in React Server Components (RSC) that, if successfully exploited, could res ...
-
The Hacker News
React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation
Dec 12, 2025Ravie LakshmananVulnerability / Threat Intelligence The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged federal agencies to patch the recent React2Shell vulnerabil ...
-
CybersecurityNews
Windows Remote Access Connection Manager Vulnerabilities Let Attackers Escalate Privileges
Two critical privilege escalation flaws were disclosed in the Windows Remote Access Connection Manager on December 9, 2025. The vulnerabilities, tracked as CVE-2025-62472 and CVE-2025-62474, allow aut ...
-
The Cyber Express
Password Manager LastPass Penalized £1.2m by ICO for Security Failures
The Information Commissioner’s Office (ICO) has fined password manager provider LastPass UK Ltd £1.2 million following a 2022 data breach that compromised the personal information of up to 1.6 million ...
-
CybersecurityNews
CISA Warns of OSGeo GeoServer 0-Day Vulnerability Exploited in Attacks
An urgent warning about a critical security flaw in OSGeo GeoServer, a widely used open-source geographic data-sharing server. CISA has added the vulnerability to its Known Exploited Vulnerabilities ( ...
-
The Cyber Express
City of Cambridge Advises Password Reset After Nationwide CodeRED Data Breach
The City of Cambridge has released an important update regarding the OnSolve CodeRED emergency notifications system, also known locally as Cambridge’s reverse 911 system. The platform, widely used by ...
-
The Hacker News
CISA Flags Actively Exploited GeoServer XXE Flaw in Updated KEV Catalog
Dec 12, 2025Ravie LakshmananVulnerability / Server Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a high-severity security flaw impacting OSGeo GeoServer ...
-
Daily CyberSecurity
The IP Wall Falls: Disney Invests $1B in OpenAI to License 200+ Characters for AI
Long regarded as the “most formidable legal department in the Western Hemisphere,” Disney has historically guarded its intellectual property with near-impenetrable vigilance. Yet in the age of artific ...
-
Daily CyberSecurity
Farewell, Tabs: Google’s Experimental Disco Browser Generates Web Apps with AI
The race among artificial intelligence models has entered a fevered, white-hot phase—and AI-driven browsers have now gained a new contender. Google Labs has unveiled an experimental project called Dis ...
-
Daily CyberSecurity
React Patches Two New Flaws Risking Server-Crashing DoS and Source Code Disclosure
The security saga surrounding React Server Components continues this week. Just days after the React team patched a critical remote code execution (RCE) flaw, security researchers digging into those v ...