CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
BleepingComputer
Apple fixes two zero-day flaws exploited in 'sophisticated' attacks
Apple has released emergency updates to patch two zero-day vulnerabilities that were exploited in an “extremely sophisticated attack” targeting specific individuals. The zero-days are tracked as CVE-2 ...
-
The Register
Microsoft RasMan DoS 0-day gets unofficial patch - and a working exploit
A Microsoft zero-day vulnerability that allows an unprivileged user to crash the Windows Remote Access Connection Manager (RasMan) service now has a free, unofficial patch - with no word as to when Re ...
-
The Register
New React vulns leak secrets, invite DoS attacks
If you're running React Server Components, you just can't catch a break. In addition to already-reported flaws, newly discovered bugs allow attackers to hang vulnerable servers and potentially leak Se ...
-
CybersecurityNews
Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide
Torrance, United States / California, December 12th, 2025, CyberNewsWire In December 2025, CVE-2025-55182 (React2Shell), a vulnerability in React Server Components (RSC) that enables remote code execu ...
-
Daily CyberSecurity
Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide
Torrance, United States / California, December 12th, 2025, CyberNewsWire In December 2025, CVE-2025-55182 (React2Shell), a vulnerability in React Server Components (RSC) that enables remote code execu ...
-
Google Cloud
Multiple Threat Actors Exploit React2Shell (CVE-2025-55182)
Written by: Aragorn Tseng, Robert Weiner, Casey Charrier, Zander Work, Genevieve Stark, Austin Larsen Introduction On Dec. 3, 2025, a critical unauthenticated remote code execution (RCE) vulnerability ...
-
CybersecurityNews
Top 20 Most Exploited Vulnerabilities of 2025: A Comprehensive Analysis
The cybersecurity landscape of 2025 has been marked by an unprecedented surge in vulnerability exploitation, with threat actors leveraging critical flaws across enterprise software, cloud infrastructu ...
-
security.nl
Nieuwe React-kwetsbaarheden leiden tot denial of service en broncode-lek
Onderzoekers hebben nieuwe kwetsbaarheden in React Server Components ontdekt waardoor aanvallers een denial of service kunnen veroorzaken of broncode stelen. Er zijn updates beschikbaar gesteld en Rea ...
-
The Register
Half of exposed React servers remain unpatched amid active exploitation
Half of the internet-facing systems vulnerable to a fast-moving React remote code execution flaw remain unpatched, even as exploitation has exploded into more than a dozen active attack clusters rangi ...
-
BleepingComputer
New Windows RasMan zero-day flaw gets free, unofficial patches
Free unofficial patches are available for a new Windows zero-day vulnerability that allows attackers to crash the Remote Access Connection Manager (RasMan) service. RasMan is a critical Windows system ...