CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
AttackIQ
Ransom Tales: Volume VI — Throwback Edition! Emulating Ryuk, Conti, and BlackCat Ransomware
On July 22, 2025, AttackIQ introduced Ransom Tales, an initiative focused on routinely emulating the Tactics, Techniques, and Procedures (TTPs) associated with the prolific ransomware families current ...
-
The Register
Google fixes super-secret 8th Chrome 0-day
Google issued an emergency fix for a Chrome vulnerability already under exploitation, which marks the world's most popular browser's eighth zero-day bug of 2025. We have even fewer than usual details ...
-
The Register
LastPass hammered with £1.2M fine for 2022 breach fiasco
The UK's Information Commissioner's Office (ICO) says LastPass must cough up £1.2 million ($1.6 million) after its two-part 2022 data breach compromised information from up to 1.6 million UK users. In ...
-
The Cloudflare Blog
React2Shell and related RSC vulnerabilities threat brief: early exploitation activity and threat actor techniques
2025-12-117 min readOn December 3, 2025, immediately following the public disclosure of the critical, maximum-severity React2Shell vulnerability (CVE-2025-55182), the Cloudforce One Threat Intelligenc ...
-
TheCyberThrone
Google Fixes two Medium Severity Bugs in Chrome
December 11, 2025Google Chrome recently addressed two medium-severity vulnerabilities, CVE-2025-14372 and CVE-2025-14373, in its Stable channel update to version 143.0.7499.109, released around Decemb ...
-
CybersecurityNews
Gogs 0-Day Vulnerability Exploited in the Wild to Hack 700+ Instances
A critical zero-day vulnerability in Gogs, a widely used self-hosted Git service, is currently being exploited in the wild. Designated as CVE-2025-8110, this flaw allows authenticated users to execute ...
-
The Hacker News
ThreatsDay Bulletin: Spyware Alerts, Mirai Strikes, Docker Leaks, ValleyRAT Rootkit — and 20 More Stories
This week's cyber stories show how fast the online world can turn risky. Hackers are sneaking malware into movie downloads, browser add-ons, and even software updates people trust. Tech giants and gov ...
-
BleepingComputer
Hackers exploit unpatched Gogs zero-day to breach 700 servers
An unpatched zero-day vulnerability in Gogs, a popular self-hosted Git service, has enabled attackers to gain remote code execution on Internet-facing instances and compromise hundreds of servers. Wri ...
-
CybersecurityNews
New “SOAPwn” .NET Vulnerabilities Expose Barracuda, Ivanti and Microsoft Appliances to RCE Attack
New research into legacy .NET Framework SOAP client code has uncovered “SOAPwn,” a class of vulnerabilities. That can be weaponized for remote code execution (RCE) across multiple enterprise products. ...
-
CybersecurityNews
Critical Vulnerability in Multiple India-Based CCTV Cameras Let Attackers Video and Account Credentials
A severe security vulnerability affecting multiple India-based CCTV camera manufacturers has been disclosed. Potentially allowing attackers to access video feeds and steal account credentials without ...