CVEFeed Newsroom – Latest Cybersecurity Updates
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
Daily CyberSecurity
High-Severity GeoServer Flaw (CVE-2025-58360) Allows Unauthenticated XXE for File Theft and SSRF
The maintainers of GeoServer have issued an important security advisory regarding a high-severity vulnerability that could allow unauthenticated attackers to exfiltrate sensitive files or crash server ...
-
The Hacker News
CISA Adds Actively Exploited XSS Bug CVE-2021-26829 in OpenPLC ScadaBR to KEV
Nov 30, 2025Ravie LakshmananHacktivism / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog to include a sec ...
-
CybersecurityNews
CISA Warns of OpenPLC ScadaBR cross-site scripting vulnerability Exploited in Attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has officially updated its Known Exploited Vulnerabilities (KEV) catalog to include a critical flaw in OpenPLC ScadaBR, confirming that thre ...
-
Daily CyberSecurity
Critical Alert: Apache Kvrocks ‘RESET’ Command Flaw Grants Admin Privileges
The Apache Software Foundation has issued a critical security advisory for Apache Kvrocks, a distributed key-value NoSQL database compatible with the Redis protocol. Two significant vulnerabilities ha ...
-
Daily CyberSecurity
CISA Flags Actively Exploited OpenPLC Flaw (CVE-2021-26829)
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a new mandate for federal agencies to secure their industrial control systems following evidence of active exploitation in the wi ...
-
The Hacker News
Legacy Python Bootstrap Scripts Create Domain-Takeover Risk in Multiple PyPI Packages
Nov 28, 2025Ravie LakshmananMalware / Vulnerability Cybersecurity researchers have discovered vulnerable code in legacy Python packages that could potentially pave the way for a supply chain comprom ...
-
CybersecurityNews
Hackers Registered 18,000 Holiday-Themed Domains Targeting ‘Christmas,’ ‘Black Friday,’ and ‘Flash Sale’
The 2025 holiday season has unleashed an unprecedented wave of cyber threats, with attackers deploying industrialized infrastructure to exploit the global surge in online commerce. This year’s threat ...
-
security.nl
D-Link waarschuwt voor botnet dat kwetsbare NAS-systemen aanvalt
Hardwarefabrikant D-Link waarschuwt gebruikers voor een botnet dat kwetsbare NAS-systemen aanvalt en roept op tot het vervangen van apparaten die end-of-life zijn en geen beveiligingsupdates meer ontv ...
-
Daily CyberSecurity
AWS Guarantees 60-Minute Recovery Time with New Route 53 Accelerated Recovery
Earlier, a severe outage in Amazon’s cloud computing service AWS disrupted thousands of major websites, leaving users unable to access online platforms and causing significant operational losses for t ...
-
Daily CyberSecurity
Zombie Protocol: How NTLM Flaws Like CVE-2024-43451 Are Haunting 2025
A new report from Kaspersky Labs reveals that despite being over two decades old, the NTLM authentication protocol remains a critical security liability in 2025. Cybercriminals are actively exploiting ...