CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
Critical Cal.com Vulnerability Let Attackers Bypass Authentication Via Fake TOTP Codes
A severe authentication bypass vulnerability has been discovered in cal.com, the popular open-source scheduling platform. Allowing attackers to gain unauthorized access to user accounts by submitting ...
-
The Hacker News
⚡ Weekly Recap: USB Malware, React2Shell, WhatsApp Worms, AI IDE Bugs & More
It's been a week of chaos in code and calm in headlines. A bug that broke the internet's favorite framework, hackers chasing AI tools, fake apps stealing cash, and record-breaking cyberattacks — all w ...
-
The Register
Barts Health seeks High Court block after Clop pillages NHS trust data
Barts Health NHS Trust has confirmed that patient and staff data was stolen in Clop's mass-exploitation of Oracle's E-Business Suite (EBS), and says it is now taking legal action in an effort to stop ...
-
security.nl
Cloudflare: grote storing veroorzaakt door aanpassing wegens React-lek
De grote Cloudflare-storing die zich vorige week voordeed, en waardoor allerlei websites en diensten onbereikbaar waren, werd volgens het internetbedrijf veroorzaakt door een aanpassing die het wegens ...
-
CybersecurityNews
Critical WatchGuard Firebox Vulnerabilities Let Attackers Bypass Integrity Checks and Inject Malicious Codes
Critical security alerts have been issued for Firebox firewall devices due to serious ten vulnerabilities. The vulnerabilities in WatchGuard, disclosed on December 4, 2025, span multiple severity leve ...
-
CybersecurityNews
OceanLotus Hacker Group Targeting Xinchuang IT Ecosystems to Launch Supply Chain Attacks
The OceanLotus hacker group, widely tracked as APT32, has initiated a highly targeted surveillance campaign aimed at China’s “Xinchuang” IT ecosystem. This strategic pivot focuses on compromising indi ...
-
The Cyber Express
Barts Health Confirms Cl0p Ransomware Behind Data Breach Linked to Oracle Vulnerability
Barts Health NHS Trust has confirmed that the data breach at Barts Health was carried out by the Russian-speaking Cl0p ransomware group, which exploited a vulnerability in Oracle E-Business Suite. The ...
-
The Hacker News
Sneeit WordPress RCE Exploited in the Wild While ICTBroadcast Bug Fuels Frost Botnet Attacks
A critical security flaw in the Sneeit Framework plugin for WordPress is being actively exploited in the wild, per data from Wordfence. The remote code execution vulnerability in question is CVE-2025- ...
-
security.nl
'Tienduizenden ip-adressen kwetsbaar door React2Shell-lek'
Tienduizenden ip-adressen wereldwijd zijn kwetsbaar voor een kritiek beveiligingslek in React Server Components, ook wel bekend als CVE-2025-55182 en React2Shell, zo meldt The Shadowserver Foundation ...
-
Help Net Security
December 2025 Patch Tuesday forecast: And it’s a wrap
It’s hard to believe that we’re in December of 2025 already and the end of the year is fast approaching. Looking back on the year, there are two major items that really stand out in my mind. First, th ...