CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
TheCyberThrone
Fortinet Critical Bugs CVE-2025-59718 and CVE-2025-59719
December 11, 2025Fortinet recently disclosed two critical authentication bypass vulnerabilities in its FortiCloud SSO login feature, tracked as CVE-2025-59718 and CVE-2025-59719. These flaws allow una ...
-
Daily CyberSecurity
Apache Struts 2 DoS Flaw (CVE-2025-66675) Risks Server Crash via File Leak in Multipart Request Processing
A significant denial-of-service (DoS) vulnerability has been discovered in Apache Struts 2, the widely used open-source framework for developing Java web applications. The flaw, identified as CVE-2025 ...
-
Daily CyberSecurity
High-Severity Zoom Rooms Flaw Risks Privilege Escalation via Downgrade Protection Bypass
Zoom Video Communications has released a critical security update for its Zoom Rooms software, addressing vulnerabilities that could allow attackers to escalate privileges or peek into sensitive files ...
-
Daily CyberSecurity
Emergency Chrome Update: Google Patches New Zero-Day Under Active Attack
Google has pushed an urgent security update to the Stable Channel for Desktop, racing to patch a high-severity vulnerability that is currently being exploited in the wild. The release, which brings th ...
-
Daily CyberSecurity
High-Severity Jenkins Flaws Risk Unauthenticated DoS via HTTP CLI and XSS Via Coverage Reports
The maintainers of Jenkins, the world’s leading open-source automation server, have issued a critical security advisory addressing a raft of vulnerabilities that could leave CI/CD pipelines exposed to ...
-
Daily CyberSecurity
Gogs Zero-Day (CVE-2025-8110) Risks RCE for 700+ Servers via Symlink Path Traversal Bypass
A routine malware investigation has spiraled into the discovery of a widespread “smash-and-grab” campaign targeting the developer community. The Wiz Threat Research team has uncovered an active zero-d ...
-
Daily CyberSecurity
High-Severity GitLab XSS Flaw (CVE-2025-12716) Risks Session Hijack via Malicious Wiki Pages
In a critical mid-week security sprint, GitLab has rolled out a series of important updates for its Community Edition (CE) and Enterprise Edition (EE), squashing a high-severity bug that could allow a ...
-
Daily CyberSecurity
Unpatched TOTOLINK AX1800 Router Flaw Allows Unauthenticated Telnet & Root RCE
A critical security vulnerability has been uncovered in the popular TOTOLINK AX1800 wireless router, a device widely used in small businesses and home offices. The flaw, which currently has no officia ...
-
Daily CyberSecurity
Critical CCTV Flaw (CVE-2025-13607) Risks Video Feed Hijack & Credential Theft via Missing Authentication
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-severity alert regarding a critical flaw affecting networked CCTV cameras, warning that malicious actors could easily hija ...
-
Daily CyberSecurity
“React2Shell” Crisis: Critical Vulnerability Triggers Global Cyberattacks by State-Sponsored Groups
A critical security flaw in the popular React web framework has ignited a wave of cyberattacks, with state-sponsored actors and cybercriminals rushing to exploit the vulnerability before organizations ...