CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
High-Severity Jenkins Vulnerability Allows Unauthenticated DoS via HTTP CLI
Patches released by Jenkins address a significant denial-of-service (DoS) vulnerability affecting millions of organizations. That rely on the popular automation server for continuous integration and d ...
-
The Hacker News
Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks
Dec 11, 2025Ravie LakshmananVulnerability / Cloud Security A high-severity unpatched security vulnerability in Gogs has come under active exploitation, with more than 700 compromised instances acces ...
-
CybersecurityNews
New Multi-Platform 01flip Ransomware Supports Multi-platform Architecture, Including Windows and Linux
Security researchers at Palo Alto Networks discovered a new ransomware threat in June 2025 that marks a significant shift in malware development tactics. The 01flip ransomware family emerges as a full ...
-
BleepingComputer
Google fixes eighth Chrome zero-day exploited in attacks in 2025
Google has released emergency updates to fix another Chrome zero-day vulnerability exploited in the wild, marking the eighth such security flaw patched since the start of the year. "Google is aware th ...
-
Kaspersky
It didn’t take long: CVE-2025-55182 is now under active exploitation
On December 4, 2025, researchers published details on the critical vulnerability CVE-2025-55182, which received a CVSS score of 10.0. It has been unofficially dubbed React4Shell, as it affects React S ...
-
The Hacker News
Chrome Targeted by Active In-the-Wild Exploit Tied to Undisclosed High-Severity Flaw
Dec 11, 2025Ravie LakshmananZero-Day / Vulnerability Google on Wednesday shipped security updates for its Chrome browser to address three security flaws, including one it said has come under active ...
-
The Cyber Express
Google Fixes GeminiJack Zero-Click Flaw in Gemini Enterprise
Google has addressed a Gemini zero-click security flaw that allows silent data extraction from corporate environments using the company’s AI assistant tools. The issue, identified as a vulnerability i ...
-
The Cyber Express
Cyble Global Cybersecurity Report 2025: 6,000 Ransomware Attacks Mark a 50% Surge
2025 will be remembered as the year cyber threats reached a breaking point. With nearly 6,000 ransomware incidents, more than 6,000 data breaches, and over 3,000 sales of compromised corporate access, ...
-
The Hacker News
Active Attacks Exploit Gladinet's Hard-Coded Keys for Unauthorized Access and Code Execution
Dec 11, 2025Ravie LakshmananVulnerability / Encryption Huntress is warning of a new actively exploited vulnerability in Gladinet's CentreStack and Triofox products stemming from the use of hard-code ...
-
CybersecurityNews
Windows Defender Firewall Service Vulnerability Let Attackers Disclose Sensitive Data
A critical information disclosure vulnerability in Windows Defender Firewall Service, which could allow authorized attackers to access sensitive heap memory on affected systems. The vulnerability, tra ...