CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
The Hacker News
ThreatsDay Bulletin: GhostAd Drain, macOS Attacks, Proxy Botnets, Cloud Exploits, and 12+ Stories
The first ThreatsDay Bulletin of 2026 lands on a day that already feels symbolic — new year, new breaches, new tricks. If the past twelve months taught defenders anything, it's that threat actors don' ...
-
CybersecurityNews
Top 10 High-Risk Vulnerabilities Of 2025 that Exploited in the Wild
The cybersecurity landscape in 2025 has been marked by an unprecedented surge in critical vulnerabilities, with over 21,500 CVEs disclosed in the first half of the year alone, representing a 16-18% in ...
-
TheCyberThrone
CVE-2025-52691: Critical Unauthenticated RCE in SmarterMail
January 1, 2026SmarterMail servers running builds prior to 9413 expose organizations to unauthenticated arbitrary file upload leading to remote code execution. Attackers can drop web shells anywhere o ...
-
The Hacker News
RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers
Jan 01, 2025Ravie LakshmananNetwork Security / Vulnerability Cybersecurity researchers have disclosed details of a persistent nine-month-long campaign that has targeted Internet of Things (IoT) devi ...
-
Daily CyberSecurity
Apache NuttX RTOS Patches Two Filesystem Flaws
The Apache Software Foundation has released updates for Apache NuttX, a real-time operating system (RTOS) widely used in environments ranging from 8-bit to 64-bit microcontrollers. The alerts highligh ...
-
Daily CyberSecurity
Hijacked Mobility: CISA Warns of Critical 9.8 Flaw Allowing Remote Control of WHILL Power Chairs
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory regarding a critical safety vulnerability in popular electric mobility devices that could turn a user’s wheelchair in ...
-
Daily CyberSecurity
The $130 Billion Comeback: Why Apple’s “Slow” AI Strategy is a 2026 Trap
Although Apple’s 2025 software updates appeared to shift the marketing spotlight toward the “Liquid Glass” visual interface rather than loudly championing generative AI—prompting criticism that the co ...
-
BleepingComputer
RondoDox botnet exploits React2Shell flaw to breach Next.js servers
The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. First documented by Fortinet in July ...
-
CybersecurityNews
Critical IBM API Connect Vulnerability Let Attackers Bypass Logins
A critical security alert regarding a severe vulnerability in the IBM API Connect platform that could allow remote attackers to bypass authentication mechanisms. Discovered during internal testing, th ...
-
The Hacker News
IBM Warns of Critical API Connect Bug Allowing Remote Authentication Bypass
Dec 31, 2025Ravie LakshmananAPI Security / Vulnerability IBM has disclosed details of a critical security flaw in API Connect that could allow attackers to gain remote access to the application. The ...