CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
CISA Warns of D-Link Routers Buffer Overflow Vulnerability Exploited in Attacks
A critical buffer overflow vulnerability affecting D-Link routers has been added to the CISA catalog of Known Exploited Vulnerabilities, indicating active exploitation in the wild. The flaw, tracked a ...
-
CybersecurityNews
SAP Security Patch Day: Fix for Critical Vulnerabilities in SAP Solution Manager, NetWeaver, and Other Products
SAP released 14 new security notes on its monthly Security Patch Day on December 9, 2025, addressing vulnerabilities across key products, including SAP Solution Manager, NetWeaver, Commerce Cloud, and ...
-
Daily CyberSecurity
Final Patch of 2025: Critical SAP Solution Manager Flaw (CVE-2025-42880, CVSS 9.9) Risks Full System Compromise
Today, SAP has released its final security update of the year, dropping 14 new security notes. The patch bundle is headlined by a critical “Code Injection” vulnerability in SAP Solution Manager that c ...
-
CybersecurityNews
500+ Apache Tika Toolkit Instances Vulnerable to Critical XXE Attack Exposed Online
Over 565 internet-exposed Apache Tika Server instances are vulnerable to a critical XML External Entity (XXE) injection flaw. That could enable attackers to steal sensitive data, launch denial-of-serv ...
-
The Cyber Express
Apache Tika Vulnerability Widens Across Multiple Modules, Severity Now 10.0
A security issue disclosed in the Apache Tika document-processing framework has proved broader and more serious than first believed. The project’s maintainers have issued a new advisory revealing that ...
-
CybersecurityNews
Burp Suite’s Scanning Arsenal Powered With Detection for Critical React2Shell Vulnerabilities
PortSwigger has enhanced Burp Suite’s scanning arsenal with the latest update to its ActiveScan++ extension, introducing detection for the critical React2Shell vulnerabilities (CVE-2025-55182 and CVE- ...
-
The Cyber Express
NCSC Warns Prompt Injection Could Become the Next Major AI Security Crisis
The UK’s National Cyber Security Centre (NCSC) has issued a fresh warning about the growing threat of prompt injection, a vulnerability that has quickly become one of the biggest security concerns in ...
-
Huntress
PeerBlight Linux Backdoor Exploits React2Shell CVE-2025-55182
TL;DR: Huntress is seeing threat actors exploit a vulnerability in React Server Components (CVE-2025-55182) across several organizations in our customer base. Attackers have attempted to deploy crypto ...
-
Daily CyberSecurity
Critical Authentication Bypass Flaws Discovered in Ruby SAML Library (CVE-2025-66567 & CVE-2025-66568)
A pair of critical security vulnerabilities has been disclosed in the Ruby SAML library, a foundational tool used by developers to implement client-side SAML authorization. Both flaws carry a critical ...
-
Daily CyberSecurity
CISA KEV Alert: EOL D-Link and Array Networks Command Injection Under Active Attack
The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with two distinct but equally dangerous threats: a critical flaw in legacy D-L ...