CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
CybersecurityNews
New “SOAPwn” .NET Vulnerabilities Expose Barracuda, Ivanti and Microsoft Appliances to RCE Attack
New research into legacy .NET Framework SOAP client code has uncovered “SOAPwn,” a class of vulnerabilities. That can be weaponized for remote code execution (RCE) across multiple enterprise products. ...
-
CybersecurityNews
Critical Vulnerability in Multiple India-Based CCTV Cameras Let Attackers Video and Account Credentials
A severe security vulnerability affecting multiple India-based CCTV camera manufacturers has been disclosed. Potentially allowing attackers to access video feeds and steal account credentials without ...
-
CybersecurityNews
GitLab Patches Multiple Vulnerabilities that Allows Attackers to Trigger XSS and DoS Attack
Critical security patches on December 10, 2025, addressing ten significant vulnerabilities across its Community Edition and Enterprise Edition platforms. GitLab has released updated versions 18.6.2, 1 ...
-
CybersecurityNews
High-Severity Jenkins Vulnerability Allows Unauthenticated DoS via HTTP CLI
Patches released by Jenkins address a significant denial-of-service (DoS) vulnerability affecting millions of organizations. That rely on the popular automation server for continuous integration and d ...
-
The Hacker News
Unpatched Gogs Zero-Day Exploited Across 700+ Instances Amid Active Attacks
Dec 11, 2025Ravie LakshmananVulnerability / Cloud Security A high-severity unpatched security vulnerability in Gogs has come under active exploitation, with more than 700 compromised instances acces ...
-
CybersecurityNews
New Multi-Platform 01flip Ransomware Supports Multi-platform Architecture, Including Windows and Linux
Security researchers at Palo Alto Networks discovered a new ransomware threat in June 2025 that marks a significant shift in malware development tactics. The 01flip ransomware family emerges as a full ...
-
BleepingComputer
Google fixes eighth Chrome zero-day exploited in attacks in 2025
Google has released emergency updates to fix another Chrome zero-day vulnerability exploited in the wild, marking the eighth such security flaw patched since the start of the year. "Google is aware th ...
-
Kaspersky
It didn’t take long: CVE-2025-55182 is now under active exploitation
On December 4, 2025, researchers published details on the critical vulnerability CVE-2025-55182, which received a CVSS score of 10.0. It has been unofficially dubbed React4Shell, as it affects React S ...
-
The Hacker News
Chrome Targeted by Active In-the-Wild Exploit Tied to Undisclosed High-Severity Flaw
Dec 11, 2025Ravie LakshmananZero-Day / Vulnerability Google on Wednesday shipped security updates for its Chrome browser to address three security flaws, including one it said has come under active ...
-
The Cyber Express
Google Fixes GeminiJack Zero-Click Flaw in Gemini Enterprise
Google has addressed a Gemini zero-click security flaw that allows silent data extraction from corporate environments using the company’s AI assistant tools. The issue, identified as a vulnerability i ...