CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
cert.pl
Vulnerability in SDMC NE6037 routers
Vulnerability in SDMC NE6037 routers CVE ID CVE-2025-8890 Publication date 27 November 2025 Vendor SDMC Product NE6037 Vulnerable versions All before 7.1.12.2.44 Vulnerability type (CWE) Improper Neut ...
-
CybersecurityNews
Hackers Actively Exploiting IoT Vulnerabilities to Deploy New ShadowV2 Malware
During late October 2025, a new malware campaign dubbed ShadowV2 emerged, coinciding with a global AWS disruption. This sophisticated threat actively exploits vulnerabilities in IoT devices to assembl ...
-
Daily CyberSecurity
Crypto Crisis: UPBIT Hacked for $369 Million in Solana-Based Tokens
South Korea’s largest cryptocurrency exchange, UPBIT, has suffered a major cyberattack. According to an official announcement from the exchange, digital assets worth 54 billion KRW (approximately USD ...
-
CybersecurityNews
Angular HTTP Client Vulnerability Exposes XSRF Token to an Attacker-Controlled Domain
A critical security vulnerability has been discovered in the Angular framework that could allow attackers to steal sensitive user security tokens. The vulnerability, tracked as CVE-2025-66035, affects ...
-
The Hacker News
ThreatsDay Bulletin: AI Malware, Voice Bot Flaws, Crypto Laundering, IoT Attacks — and 20 More Stories
Hackers have been busy again this week. From fake voice calls and AI-powered malware to huge money-laundering busts and new scams, there's a lot happening in the cyber world.Criminals are getting crea ...
-
Daily CyberSecurity
Security Alert: Apache SkyWalking Stored XSS Vulnerability (CVE-2025-54057)
Apache SkyWalking, the widely adopted open-source Application Performance Monitoring (APM) system used for distributed systems in Cloud Native architectures, has released a critical security update. T ...
-
CybersecurityNews
New Unauthenticated DoS Vulnerability Crashes Next.js Servers with a Single Request
A newly discovered critical vulnerability in the Next.js framework allows attackers to crash self-hosted servers using a single HTTP request, requiring negligible resources to execute. Discovered by r ...
-
Daily CyberSecurity
Critical Ray AI Flaw Exposes Devs via Safari & Firefox (CVE-2025-62593)
A critical remote code execution (RCE) vulnerability has been discovered in the Ray framework, putting AI and Python developers at risk of having their systems compromised. The vulnerability, tracked ...
-
Daily CyberSecurity
Water Gamayun Weaponizes “MSC EvilTwin” Zero-Day for Stealthy Backdoor Attacks
A sophisticated new cyber espionage campaign has been uncovered by Zscaler Threat Hunting, revealing how a Russia-aligned Advanced Persistent Threat (APT) group known as Water Gamayun is weaponizing a ...
-
Daily CyberSecurity
Hidden Danger in 3D: Malicious Blender Files Unleash StealC V2 Infostealer
Morphisec has issued a critical alert regarding a sophisticated malware campaign targeting 3D artists, game developers, and hobbyists. For at least six months, threat actors have been weaponizing 3D m ...